Business disruptions of varying kinds and impact are commonplace. Organisations routinely accommodate such risks as computer malfunctions, power failures and transportation disruptions in their business continuity plans.
From a commercial organization's perspective, resilience to operational disruptions has a clear commercial rationale as customers of organisations whose systems are prone to regular failure as a result of relatively common events will inevitably choose to do business with more resilient competitors. In a competitive environment, an organisation typically will weigh its direct benefit from measures to improve its resilience to operational disruptions against the cost of those measures.
Business disruption is a recognized risk category in regulatory frameworks worldwide (Basel II standards).
Basel Level 2 & 3 Event Type Classification
- Utility outage / disruptions
Examples by Business Line
Types of business disruption may vary by business line. An indicative list:
- Retail Banking: Utility outage, Online system failure
- Payment & Settlement: Failure of payments infrastructure
- General: IT system failure
Risks in this category can be mitigated by system upgrades, redundant systems etc, broadly falling under Business Continuity Management
Issues and Challenges
- As with all operational risks, it is difficult to obtain objective measures of the actual business disruption risk, both before and after the application of controls
- Operational Risk in the Basel II framework
- Revised international capital framework is the text of the new Basel II Accord.