Bank of Russia sets requirements for banks’ operational risk management system
The Bank of Russia establishes requirements for the system of management of operational risk (including information security risk and information system risk), the classification of operational risk events, the maintenance of the relevant database, and control over the completeness of recording of direct losses in such a database. Banks will need this in future to calculate the size of operational risk to be included in the capital adequacy ratios according to the standardised Basel III approach. The relevant regulation has been officially registered by the Ministry of Justice and becomes effective on 1 October 2020.
Pursuant to this regulation, credit institutions shall apply Basel III requirements to streamline their databases of operational risk events and the procedure for recording such events by the beginning of 2022.
In view of the issue of this regulation, the Bank of Russia has also introduced amendments to its Ordinance No.
This year, the Bank of Russia is also going to issue the second document regulating the calculation of the operational risk size included in the Basel