Operational Risk
The risk of loss from failures in internal processes, people, systems, or from external events unrelated to market or credit risk.
What is Operational Risk?
Operational risk is defined by the Basel Committee on Banking Supervision as the risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events. This includes human errors (trading mistakes, fraud, unauthorized trading), system failures (technology outages, cybersecurity breaches), process failures (settlement errors, compliance violations), and external events (natural disasters, pandemics, regulatory changes, terrorist attacks). Operational risk differs from market risk and credit risk because it does not arise from taking financial positions — it is inherent in all business operations. In banking, operational risk capital requirements under Basel III require financial institutions to hold capital against these losses. For investors, operational risk at asset managers manifests as back-office failures, cybersecurity incidents, trade errors, or valuation disputes that can cause unexpected fund losses independent of market performance.
Example
Knight Capital Group suffered one of the largest operational risk failures in financial history in August 2012. A software deployment error activated an old trading algorithm that placed thousands of erroneous orders in 45 minutes, resulting in a $440 million loss. The error stemmed from inadequate testing procedures and an IT process failure — a textbook operational risk event that had nothing to do with market conditions.
Source: Basel Committee on Banking Supervision — Operational Risk