RSK2602
Assignment 1
Due 20 August 2025
, Fundamentals of Operational & Financial Risk
Question 1 – Evaluation of Statements
1.1 True – Operational risks linked to staff actions usually arise from errors, fraudulent
conduct, or theft of information. These risks are considered internal, whether they are
due to unintentional mistakes or intentional misconduct.
Reference: Basel Committee on Banking Supervision (BCBS, 2011).
1.2 False – Failures in technology and information systems are typically classified as
internal operational risks, since they are part of the organisation’s infrastructure. On the
other hand, external risks stem from outside forces such as changes in regulation,
economic shifts, or natural catastrophes.
Reference: Crouhy, Galai & Mark, 2014.
1.3 False – The Basel framework excludes strategic and reputational risks from its
definition of operational risk, although such risks can occur indirectly when operational
breakdowns happen. The framework defines operational risk as the risk of losses
caused by inadequate processes, systems, people, or external events.
Reference: BCBS, 2006.
1.4 False – A “risk-indifferent” approach means an organisation does not require higher
returns to compensate for greater levels of risk. This shows neutrality toward risk but
does not necessarily indicate resistance to risk-taking.
Reference: Hopkin, 2018.
1.5 True – Creating a captive insurance company is a form of self-insurance, where an
organisation sets up its own insurer to handle and finance its own risks internally.
Reference: Rejda & McNamara, 2017.
1.6 False – Risk appetite describes the degree and type of risk that an organisation is
willing to accept in pursuit of its objectives. It does not refer to the portion of risk or
Assignment 1
Due 20 August 2025
, Fundamentals of Operational & Financial Risk
Question 1 – Evaluation of Statements
1.1 True – Operational risks linked to staff actions usually arise from errors, fraudulent
conduct, or theft of information. These risks are considered internal, whether they are
due to unintentional mistakes or intentional misconduct.
Reference: Basel Committee on Banking Supervision (BCBS, 2011).
1.2 False – Failures in technology and information systems are typically classified as
internal operational risks, since they are part of the organisation’s infrastructure. On the
other hand, external risks stem from outside forces such as changes in regulation,
economic shifts, or natural catastrophes.
Reference: Crouhy, Galai & Mark, 2014.
1.3 False – The Basel framework excludes strategic and reputational risks from its
definition of operational risk, although such risks can occur indirectly when operational
breakdowns happen. The framework defines operational risk as the risk of losses
caused by inadequate processes, systems, people, or external events.
Reference: BCBS, 2006.
1.4 False – A “risk-indifferent” approach means an organisation does not require higher
returns to compensate for greater levels of risk. This shows neutrality toward risk but
does not necessarily indicate resistance to risk-taking.
Reference: Hopkin, 2018.
1.5 True – Creating a captive insurance company is a form of self-insurance, where an
organisation sets up its own insurer to handle and finance its own risks internally.
Reference: Rejda & McNamara, 2017.
1.6 False – Risk appetite describes the degree and type of risk that an organisation is
willing to accept in pursuit of its objectives. It does not refer to the portion of risk or
