Initially published in June 2004 by the Basel Committee on Banking Supervision to establish an international standard that banking regulators could utilize when creating regulations regarding how much capital banks need to put aside to guard against financial and operational risks, Basel II is the second of the Basel Accords. Going beyond the scope of the original Basel I accords of 1988 which combined credit and operational risk, the Basel II accords require separate treatment of credit and operational risk with Section 644 of Basel II defining operational risk as the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.
The introduction of this separate treatment of operational risk makes information security a critical part of Basel II compliance.
While all of a bank’s critical IT resources need to be analyzed for their potential contribution to operational risk, the exposure of confidential information, within the BPIC layer, regarding specific user investments is of particular importance given that this type of exposure can pose a serious financial risk to a bank. Mitigating this type of risk through effective security controls which include identity management, access control, system and application administration, change control, monitoring, and business continuity will feature prominently in an overall risk management system that is fully compliant. Any failure as a result of human error could undermine a bank’s ability to prove the effectiveness of its risk management approach, thereby resulting in noncompliance.
At Evans Resource Group, we view Basel II as more than just a corporate expenditure to ensure regulatory compliance. We view it as a long-term, profit-generating opportunity.
Our years of experience working with many of the world’s leading financial services organizations provides us with a unique combination of experience and insight to deliver targeted risk and compliance solutions that help you address Basel II requirements. Our solutions include comprehensive analysis, audit, and vulnerability assessment tools along with superior advice to assist you during all phases of your Basel II project including critical WebSphere BPIC testing.
With a solution from Evans Resource Group, you’ll not only protect your critical IT systems from internal and external vulnerability but you’ll be in a position to experience an improved bottom line by both lowering the probability of loss and decreasing your institution’s capital requirements and insurance bill (where insurance is an acceptable method of accounting for operational risk).