Key Risk Indicator

From Open Risk Manual

Definition

Key Risk Indicator (KRI) denotes a measurement of the degree of risk inherent in specific business activity, process or system. KRI's are thus a type of Risk Metric. In order to provide such information the risk indicator has to have an explicit relationship to the specific risk whose exposure it represents. [1]

Usage

The nomenclature of KRI's is primarily used in Operational Risk analysis. Domain specific risk indicators in areas such as Credit Risk and Market Risk tend to have their own naming conventions and are normally not denoted as KRI's

For financial institutions, KRI's are one of the possible inputs in the assessment of capital adequacy under Basel regulations (Business Environment and Internal Control Factors)

Types

Risk indicators come in very large variety as they cover a wide range of risk management contexts. Some useful dimensions for classification are the following:

  • Timeliness: The degree to which the indicator is lagging, leading or is concurrent with the risk it indicates
  • Relationship: The nature of the indicator with the underlying risk, eg. whether it is an indirect performance or control effectiveness measure or a direct risk measure
  • Structure: Simple or composite, depending on the number of underlying data sources

Examples

The following is a general list of KRI indicators that must typically be refined per business line

  • Internal audit issues
  • External audit issues
  • Number of customer complaints
  • Number of legal disputes with customers, clients and counterparties
  • Staff turnover rate
  • Staff survey results
  • Number of processing errors
  • Number of trading limit breaches

References

  1. Institute of Operational Risk, Key Risk Indicators, Nov 2010