WASHINGTON, D.C. – A recent discovery by a prominent U.S. regulator revealed that half of the major banks it oversees lack a comprehensive understanding of various potential risks, ranging from cyber attacks to employee errors. The Office of the Comptroller of the Currency (OCC) conducted confidential assessments, highlighting that 11 out of the 22 large banks it supervises exhibited inadequate management of operational risk.
These assessments by the OCC indicated that a significant portion of the banks received low ratings for their overall risk management, raising concerns among regulators. Operational risk encompasses a wide array of threats beyond financial losses, including employee mistakes, legal issues, natural disasters, and technological failures. To address these risks, banks must develop mitigation plans and allocate capital accordingly.
The OCC utilizes a rating system known as CAMELS to evaluate banks, grading them on components such as capital adequacy, asset quality, management, earnings, liquidity, and sensitivity to market risk. These ratings play a crucial role in determining the level of regulatory scrutiny and operational flexibility granted to each bank.
Acting Comptroller Michael Hsu emphasized the importance of proactive risk management within banks to maintain trust in the federal banking system. The OCC’s scrutiny of operational risk underscores the need for continuous monitoring and assessment in the face of evolving challenges within the banking industry.
In response to record-setting bank failures, regulators have intensified their efforts to identify and address vulnerabilities across the financial sector. Guidance issued by regulatory agencies highlights the growing importance of managing risks associated with third-party vendors and emerging technologies, urging banks to enhance monitoring mechanisms and controls.
As the industry adapts to an increasingly complex operating environment, the focus on operational risk remains paramount. Regulatory bodies continue to emphasize the need for banks to stay vigilant and resilient in the face of evolving threats, ensuring the stability and integrity of the financial system.