Operational risk

Controlling the operations of individuals and legal entities remains the key priority of the Bank in the field of operational risk.

2013 maintained the growing trend in the number of cases of illegal activity by third parties against the clients of the Bank, associated primarily with the use of e-banking systems and remote services. In particular, cases of fraudulent operations during the provision of services to legal entities have become more frequent. This risk is inherent in the whole banking system and the Bank, with its extensive client base, is inevitably faced with it.

To protect clients from fraudulent operations in 2013, Vozrozhdenie Bank undertook to modernise the hardware-software complex of the remote banking service system through introduction of a mechanism of preventive detection of fraudulent payments and the addition of a real-time system informing clients using channels of SMS messaging about payments being made.

A further key risk of the Bank is associated with the risk of theft of cash from ATM machines. However, due to the installation of alarms and video-surveillance systems on the ATMs, all attempts of cash theft in 2013 were prevented.

To reduce losses from bank card fraud, a system of rules and limits on transactions with cards was developed. All our bank cards are equipped with a micro-chip, which significantly reduces losses. The Bank is regularly audited for compliance with the requirements of the international Standard for data protection of the PCI DSS bank card holders and takes measures to reduce risks when using ATMs.

To minimize the financial impact of the consequences of operational risk and for re-compensation of possible losses caused by illegal actions of either staff or third parties, the Bank has comprehensive insurance agreements, liability insurance agreements, as well as individual/private insurance agreements, agreements for the insurance of property, both movable and immovable, electronic devices and of motor vehicles with major insurance companies.

In the second half of 2012, during the reorganisation of the structure around the Risk Control Department, a new Operational Risk Division was established, the responsibilities of which include:

  • Organisation and supervision of the operational risk control system, development of normative documents
  • Collection and compilation of information about the Bank in general in a database of operational risk events
  • Preparation and provision to the Management Board and the Board of Directors of consolidated reports
  • Conduction of investigations relating to the most significant operational risk events

The Operational Risk Division in 2013 significantly improved the process of data collection associated with operational risk events. Investigations of the more significant events were regularly conducted. The outcomes of these investigations resulted in changes being made to internal processes of the Bank, which allowed to reduce the probability of operational risk events taking place.

With the aim of improving the processes of management of operational risks, the Bank in 2013 approved the “Regulations on the organisation of operational risk management in Vozrozhdenie Bank” and the “Regulations for the collection of information on operational risk events in Vozrozhdenie Bank”, which collectively define the fundamental elements of the system of operational risk management as well as the order, format and timeline for collection and provision of information about operational risk events to branches and the internal divisions of the Head Office. These documents further provide the foundations for the manner of conducting investigations of significant operational risk events, as well as the procedure of organisation, compilation and aintenance of data and information relating to operational risk events.

To enable the timely information flow to company leadership and facilitate timely decision making in emergency situations, the “Order of information flow in the event of detection of emergency risks” was enhanced and enacted.