RSK2602
Assignment 1
Due 20 August 2025
, Fundamentals of Operational & Financial Risk
Question 1 – Evaluation of Statements
1.1 True – Failures arising from staff actions are commonly linked to mistakes, fraud, or
data theft. These represent internal operational risks, whether caused by unintentional
human error or deliberate misconduct.
Reference: Basel Committee on Banking Supervision (BCBS, 2011) recognises
operational risk as including internal fraud, external fraud, and process errors.
1.2 False – Risks related to technology and information systems are generally classified
as internal operational risks because they form part of the organisation’s infrastructure.
External risk drivers, in contrast, include regulatory shifts, market volatility, or natural
disasters.
Reference: Crouhy, Galai & Mark (2014) emphasise that technological failures fall under
internal sources of operational risk.
1.3 False – Under the Basel framework, operational risk specifically excludes strategic
and reputational risks, although such risks can arise as indirect consequences of
operational failures. It is defined as losses resulting from inadequate or failed internal
processes, people, systems, or external events.
Reference: BCBS (2006).
1.4 False – A “risk-indifferent” stance implies that an organisation does not perceive the
need to alter its expected return when risk levels change. While this suggests a
tolerance for taking risks without requiring additional reward, it does not automatically
mean an aversion to risk-taking.
Reference: Hopkin (2018).
1.5 True – Establishing a captive insurance company is a recognised form of self-
insurance. In this case, the organisation creates its own insurance entity to finance and
manage its own risks.
Reference: Rejda & McNamara (2017).
1.6 False – Risk appetite refers to the degree and type of risk an organisation is
prepared to accept in pursuit of objectives. It is not defined as the amount of potential
loss the organisation refuses to accept.
Reference: Institute of Risk Management (IRM, 2011).
1.7 True – Risk likelihood can indeed be evaluated qualitatively, for example, by
categorising it as probable, possible, or remote.
Reference: ISO 31000:2018.
1.8 False – Risk transfer does not eliminate the risk itself but reallocates the financial
burden of a potential loss to another party, typically through insurance or contractual
Assignment 1
Due 20 August 2025
, Fundamentals of Operational & Financial Risk
Question 1 – Evaluation of Statements
1.1 True – Failures arising from staff actions are commonly linked to mistakes, fraud, or
data theft. These represent internal operational risks, whether caused by unintentional
human error or deliberate misconduct.
Reference: Basel Committee on Banking Supervision (BCBS, 2011) recognises
operational risk as including internal fraud, external fraud, and process errors.
1.2 False – Risks related to technology and information systems are generally classified
as internal operational risks because they form part of the organisation’s infrastructure.
External risk drivers, in contrast, include regulatory shifts, market volatility, or natural
disasters.
Reference: Crouhy, Galai & Mark (2014) emphasise that technological failures fall under
internal sources of operational risk.
1.3 False – Under the Basel framework, operational risk specifically excludes strategic
and reputational risks, although such risks can arise as indirect consequences of
operational failures. It is defined as losses resulting from inadequate or failed internal
processes, people, systems, or external events.
Reference: BCBS (2006).
1.4 False – A “risk-indifferent” stance implies that an organisation does not perceive the
need to alter its expected return when risk levels change. While this suggests a
tolerance for taking risks without requiring additional reward, it does not automatically
mean an aversion to risk-taking.
Reference: Hopkin (2018).
1.5 True – Establishing a captive insurance company is a recognised form of self-
insurance. In this case, the organisation creates its own insurance entity to finance and
manage its own risks.
Reference: Rejda & McNamara (2017).
1.6 False – Risk appetite refers to the degree and type of risk an organisation is
prepared to accept in pursuit of objectives. It is not defined as the amount of potential
loss the organisation refuses to accept.
Reference: Institute of Risk Management (IRM, 2011).
1.7 True – Risk likelihood can indeed be evaluated qualitatively, for example, by
categorising it as probable, possible, or remote.
Reference: ISO 31000:2018.
1.8 False – Risk transfer does not eliminate the risk itself but reallocates the financial
burden of a potential loss to another party, typically through insurance or contractual
