1.1. identified at ABC Bank; (Discussions, 2018)1.1. identified at ABC Bank; (Discussions, 2018)

1.1.  Employee

This is the risk that weaknesses
in processes and procedures related to the employment of internal staff either
directly generate a loss or indirectly contribute to the occurrence of events
in other risk categories.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

At ABC Bank, they consider
employees as the key to growth. This is what differentiates the mfrom the rest
of the bankers. (ABC Bank, 2017)

Following are the employee risks
identified at ABC Bank; (Discussions, 2018)

Human Error

Human error is a risk that is
very costly and cannot be ignored or put to an end by any company. With the
advancement of technology even, there is still room for this risk as it cannot
be foreseen/ predicted.

Such unintentional errors can
be caused by due to various reasons;

Overtime or
tiredness due to the large number of everyday transactions,

During the period of expansion, accompanied with
growing number of employees,

Risk of insufficient training of employees and

consequently higher percentage of accidental
errors increases.

Loss of key personnel

This is highly seen at ABC Bank as with the numerous special
trainings the bank provides with the staff, high talent is created. Due to the
above reason, many competitors poach this talent out from ABC Bank and this is
high risk faced currently.

Short-term & Long-term absenteeism

When employees are frustrated and exhausted as a result they
go in to short-term and long-term absenteeism. This is very difficult to deal
with – particularly where key personnel are concerned. With key personnel
absent for prolonged periods, the level of operational risk within the business
tends to increase.

Workplace environment

Regardless of the size ABC Bank, it is often challenging to
keep all members of the team 100% motivated and focused all of the time. The
workplace is a complex environment. The actions of arrogant bosses can result
in a poor working environment, with unwelcome workplace behaviours such as
favouritism and bullying. These in turn can give rise to jealousies, rivalries
and disputes, all of which can cause employees to do things which may damage ABC

Risk, 2010)

1.2.  Fraud

Bank fraud is a
criminal act that occurs when a person uses illegal means to receive money or
assets from a bank or other financial institution. The term bank fraud also
refers to attempts by a person to obtain money from a bank’s depositors by
falsely pretending to be a bank or financial institution.

There are many
of ways in which an individual can commit bank fraud:

Bank Parody – some
individuals act as a financial institution, often by setting up fake companies,
or creating fake websites, in order to mislead banks and get loans or on the
other hand trap customers into depositing funds.

Stolen Checks –
fraudsters may obtain jobs that provide access to mail, such as the post
office, mailbox stores, a tax authority, or corporate payroll company. After
stealing checks, they open a bank account using an assumed name, and deposit
the checks.

Falsification –
forgery occurs when a person alters a check by changing the name or some other
information on the face. Altering the amount of the check, such as adding a
zero to the end of a number, can turn a $20 check into a $200 check, putting
more cash into the forger’s pocket. Forging a person’s signature in order to
cash or deposit a check also falls under this category.

False loans – there
are individuals who takes out loans, knowing that he will immediately file
bankruptcy, has committed bank fraud. The same is true if the borrow uses a
false identity in order to become approved for a loan, or forges information on
a loan application

Internet Fraud – internet
fraud in banks occurs when someone creates a website for the purpose of pretending
as a bank or other financial institution, to illegally obtain money deposited
by other people. Also internet hackers can access databases of banks, which in
the past few years, has resulted in increasing losses due to the theft of
confidential customers’ information through bank databases.

It is essential
to prevent fraud because occurrence of fraud in banking sector is not only a
current losses to the banks but also a future loss due to the destruction of
the image and the confidence which customers have in the banking sector. Although
it is impossible to fully prevent fraud, ABC bank can reduce the probability of
fraud occurrence and minimize losses. Strong corporate governance, up to date
systems and processes, and effective internal controls and risk management can
help to effectively combat fraud.  

1.3.  Organizational

Organisational change comes in many forms. However, whether driven
by regulation, technological change or a corporate restructuring, the result is
always upheaval, and enforced changes to operational risk frameworks to cope
with new and often idiosyncratic sources of risk. (Top 10
operational risks for 2017, 2017)

With the recent merge which took place at ABC Bank, this
risk was highly evident. The changes in the location of the work departments,
desk structures led to risk of organizational change.

The fear of not being able to adapt a business model to
technological change haunts many companies. From Kodak and Blockbuster to
Blackberry, many once-prosperous firms have been sidelined by more tech-savvy
and customer-focused competitors. (Top 10 operational risks for 2017, 2017)

Legal Risks identified at ABC Bank




3.1.  Mis-selling

arises in the context of a Bank where it sells products which do not meet
customer specifications. It is an act of deliberate or negligence in the part
of the Bank in which due attention is not given by the Bank to the customers
who approach it with their requirements. For an example, mis-selling occurs
when a bank branch sells a life insurance to a customer with no dependents,
where in the event of customer death, there will not be any beneficiaries to
claim the sum insured.

In fact,
mis-selling is on the rise in the present business environment of banking,
especially in the sale of savings, investment and life insurance policies and
accordingly, central banks around the world have set regulations to control
mis-selling. For an example, the Central Bank of United Arab Emirates (UAE)
issued a circular in May 2017 to resolve mis-selling complaints within a
deadline of 90 days.

The Bank has
specialized in offering investment products and is renown in the industry for
its expertise in provisioning investment products. Accordingly, customers place
significant regard on the Bank for its specialist knowledge in the area of
investment banking and the Bank should respect the trust customers have placed
on it. There are instances which the customers could easily give away to the
aggressive marketing techniques adopted by certain employees of the Bank simply
as a result of the confidence they have on the Bank.

In the event
the customers who have been misguided by offer of mis-sold products take legal
action against the Bank, it poses a high degree of legal and reputational risk
to the Bank. For an example, Lloyds Bank had to pay £80 million recently for
selling investment products of highly complex nature claiming them to be simple
and low risk providing the consumer with a misleading impression of the likely

The Central
Bank of Sri Lanka (CBSL) has no directions or circulars issued on the area of
mis-selling by banks in Sri Lanka as this area is not considerable in the
magnitude of banking operations in the country. However, with banking getting
developed on a daily basis, room for mis-selling is also on the rise. It could
bring substantial legal risks against the Bank if employees are not trained on
its regard. Therefore, the Bank’s internal controls and integrated risk
management framework should place significant attention on the probability of
mis-selling occurring from its behalf and the impact it could create on its
banking business. (Discussions, 2018)

3.2.  Failure
to word letters/ agreements

An agreement
divides the risk between contracting parties. The way words are used in a
contract letter could expose both parties to unnecessary legal risks. It could
be setting yourself up to incur fines or agreeing to costs that put you at a
financial disadvantage. Risk comes in many forms during the contract process.

Contract provisions – When
developing a contract you should assess each individual provision in a contract
and how much risk each poses individually. A fix for this issue create contract
templates. With pre-approved templates in place, you have directions to quickly
assess whether the terms of a newly generated contract is properly in place and
whether anything has been overwritten or changed by others in the organization

Contract obligations –
Often, a contract which is signed contains obligations, provisions or
stipulations that – if not met – can prevent you from receiving payment from
customers. Therefore before a contract is signed, all the obligations should be
critically reviewed to reduce legal risks.

Review process – Any
contract can be negotiated on your own, to a point. However, when changes are
made to different provisions in the contract, it’s important to get legal
advice so that they can make sure that you haven’t put yourself at a
disadvantage. Both parties involved in the negotiations should be doing same to
reduce risk.

Contract amendments – When
it comes to contract renewals, the agreements with clients can change over
time. Each change that is made to an existing contract is considered an
amendment, and legal advice should be taken to determine how these changes
impact your business from a risk perspective. Provisions should be made in such
a way to make it easier to negotiate the terms of a contract afterwards when changes
occur in the internal and external environment.

Contract Storage – Because businesses
are constantly changing with new customers, new products, new regulations and
so on, it’s important to know where your contracts live. Many companies, with
the advent of SaaS, are beginning to look into cloud solutions to help manage
and store their contracts. (Discussions, 2018)

3.3.  Legal
risks arising from mortgages

Mortgages are made to do large purchases in the absence of
cash. The Bank will take a risk making these loans as there is no guarantee
that the borrower will be able to pay in the future. This risk is mitigated by
mortgaging the asset to the Bank in the event of granting a loan. E.g. purchase
of a house and the property will be mortgaged to the Bank. Hence, the borrower
will know that the failure to pay the loan will result in the loss of the

In the event of a mortgage loan over a property it is very
important to

Pay a visit and verify the asset

Independent valuer to assess the value of the

Title check property, propert registration of
the mortgaged asset (creating liens etc)

Assess the condition of machinery … etc

Failure to such checks will result in loss of repayment and
loss of asset from the borrower. The borrower defaulting the loan will be an
operational risk to the Bank but the loss of the hold on the asset will create
a legal risk.

The severity and frequency of this particular legal risk can
be marked as follows:  Severity in terms
of value would be between 2%-4% of the total loan portfolio, whilst the
frequency might be high enough to have a legal department to sort out court orders.
This frequency will create unnecessary costs to the bank and divert the
business focus.

These legal risks can be avoided by proper skill to assess
the property in a legal perspective (title/mortgage registration) and credit
worthiness of clients. (ABC Bank, 2017)

3.4.  Compliance
related Risks (Documentation)

related risks arise to the Bank due to the lack of a compliance function which
properly integrates the compliance needs.

Examples for compliance risks would be:

Failure of information reporting

Failure to maintain property customer records

Negligence to central bank/exchange control
circulars etc.

These may result in large financial penalties, legal
proceedings, financial loss or loss of reputation to the Bank.

The risk and severity matrix can take a standing as follows,
depending on the breach of the particular aspect in compliance.

Considering the nature of the banking volumes, the Bank is
prone to a higher frequency of these compliance oversights. Severity will also
be high considering the loss of reputation in the banking industry. So it is
best that the Bank avoid these risks.

An integrated team to quality check the
compliance needs

Simplifying procedures and products

Adopting frameworks in departments

The above would be a couple of things the Bank can look
into. At the moment there is a compliance department however, what the Bank
should do is to strengthen the team so that they would have thorough knowledge
on circulars, the do’s and the don’ts stipulated by regulatory bodies,
archiving and making available relevant circulars to all Bank staff … etc. (ABC Bank, 2017)

3.5.  Risks
due to failures in executing ethics and corporate governance

Ethics of
banking require certain commonly accepted behavior principles to be adhered by
the Bank such as maintaining confidentiality of customer information,
transactions and ensuring integrity at all times in terms of providing
information to customers on questions raised on banking products without
misguiding them at any cost. The case of Gamini Fonseka vs. the Peoples’ Bank
is an example where the failure of the bank to maintain confidentiality of
customer information lead to legal action being taken by the customer against
the bank.

The Bank has
ethical and business standards in place to guide its business operations and
benchmark its business practices against. Ethical guidelines ensure that the
Bank does not take unnecessary risks which are not in line with the general
business conduct of the banking industry. Furthermore, the understanding of the
Bank on its corporate social responsibility assures that its operations take
due consideration on the direct and indirect consequences of any mishaps occurring
from the Bank’s side in the form legal and reputational risks. For an example,
when granting credit facilities to certain developmental projects in sensitive
sectors social and environmental risks associated therein which might create
liabilities to the Bank in managing its liability, reputation, finance and

Recently, as
part of the Bank’s value of being socially responsible, it partnered with a
company specializing in electronic waste management to reuse, recycle and
dispose any of its acquired electronic waste under the regulations imposed by
the Central Environmental Authority. It is an effort undertaken by the Bank to
rectify damages posed to environment and human health through e-waste, which is
a main type of risk which banks will be facing in the future with the
substantial amounts of e-waste being piled up in banks due to the nature of
their business.

governance entails satisfaction of interests of organization-wide stakeholders
in order to achieve sustainable growth. If corporate governance within the Bank
fails it shows that it lacks transparency in its activities which could pose
risks to its operations. Lapses in exercising due diligence, unequal treatment
to shareholders, delays to accurately and timely report material matters
relating to the Bank’s functioning and gaps in Board’s accountability to the
Bank and the shareholders are forms in which the Bank could fail in its
corporate governance practices creating opportunities for various legal,
compliance, reputational and operational risks to set in. (ABC Bank, 2017)