News

Press release
2013

FINMA publishes Circular "Operational risks at Banks"

The Swiss Financial Market Supervisory Authority FINMA has published today the definitive version of its partially revised Circular "Operational risks at Banks". The Circular sets out qualitative requirements for managing operational risks. In particular, it provides guidelines for handling electronic client data. The Circular enters into force on 1 January 2015.

The Circular "Operational risks at Banks" (FINMA-Circ. 08/21) has been partially revised. Its partial revision sought to include key international standards for handling operational risks in the Swiss regulatory framework. The term "operational risks" includes a wide range of events extending from legal cases and fraud offences to incidents involving IT issues.

Six international principles included

The Circular sets out the "Principles for the Sound Management of Operational Risk" issued in June 2011 by the Basel Committee on Banking Supervision as six thematic principles. Those principles specify that responsibility for the management of operational risks lies with top management. They also require banks to have in place a systematic approach, systems and controls, reporting and an IT infrastructure that identify, limit and monitor these risks appropriately.

Specific requirements for electronic client data

Where necessary, FINMA can in future lay down specific requirements for managing operational risks in certain areas. Since in recent years in Switzerland attention has been drawn to the operational risks involved when handling electronic client data, FINMA has now defined additional rules in Annex 3 to the Circular. Nine principles thus set out the proper management of the risks involved in order to preserve the confidentiality of electronic client data, i.e. those of individuals (private clients).

Size of bank determines application

The qualitative requirements described in the Circular are in relation to the size of the bank. "Small Banks" have been exempted from applying certain provisions. This group comprises banks and securities dealers in category 4 and in certain cases in category 5.

Changes relative to the consultation draft

Reaction to the consultation on the partially revised Circular was mixed. The amount of detail outlined in Annex 3 was particularly criticised. FINMA thus revised the part referring to the handling of electronic client data, taking a number of arguments made for adjusting and simplifying the details into account. The partially revised Circular enters into force on 1 January 2015 which allows adequate time for supervised institutions to prepare for compliance with the new rules.

Contact

Vinzenz Mathys, Media Spokesperson, phone +41 31 327 19 77, vinzenz.mathys@finma.ch

Press release

FINMA publishes Circular ‘Operational risksat banks’

Updated: 01.10.2013 Size: 0.14  MB
Add to personal download list
2008/21 FINMA-Rundschreiben "Operationelle Risiken Banken" (20.11.2008) - In Kraft bis 30.06.2017

Eigenmittelanforderungen für Operationelle Risiken bei Banken

Updated: 03.10.2014 Size: 0.37  MB
  • Language(s):
  • DE
  • FR
Add to personal download list
Anhörungsbericht

Teilrevision FINMA-Rundschreiben 2008/21«Operationelle Risiken Banken»

Updated: 29.08.2013 Size: 0.36  MB
  • Language(s):
  • DE
  • FR
Add to personal download list
Stellungnahmen

Rundschreiben «Operationelle Risiken Banken»

Updated: 01.10.2013 Size: 4.27  MB
  • Language(s):
  • DE
Add to personal download list
Backgroundimage