An operational risk analyst at a large bank is preparing a year-end report of the bank's operational loss events. The analyst uses the Basel operational risk taxonomy to classify different events into Level 1, Level 2, and Level 3. As part of this process, the analyst considers the following four events that occurred during the year:

A sales representative in the lending department forged a senior manager's signature to approve an application for a large commercial loan that defaulted.

The bank failed to deliver sufficient collateral to support a swap position, which was later terminated at a loss.

Several managers in the bank's wealth management group were found to have misused confidential customer information by sharing this information with other employees and a third-party vendor representative.

Some personal customer information was stolen in a cyber-attack in which an external hacker broke into a database stored in the cloud.

In classifying the four events and considering the Basel taxonomy in general, which of the following actions would be most appropriate for the analyst to take?

Real Exam

Community

LLeetQuiz

The analyst should classify the forged signature under the Level 1 category of Clients, Products, and Business Practices.

The analyst should classify the failure to deliver sufficient collateral under the Level 3 category of Improper Business or Market Practices.

The analyst should classify the misuse of confidential information under the Level 2 category of Suitability, Disclosure, and Fiduciary.

The analyst should classify both the forged signature and the cyber-attack under the same Level 1 event-type category.

Financial Risk Manager Part 2