Operational (Transactional) Risk

Operational risk refers to uncertainty regarding a financial firm's earnings due to failures
in computer systems, errors, misconduct by employees, floods, lightning strikes, and similar
events. The broad group of actions included in this risk definition often decrease earnings
due to unexpected operating expenses. Some analysts say that operational risk is the
risk of loss due to anything other than credit or market risk. Others say it includes legal
and compliance risk, but not reputation or strategic risk. The consolidation and convergence
of financial firms and the complexity of today's financial-services technology has made
operational risk a broad risk category that needs to be addressed by both managers of
financial firms and government regulators .
As technology has improved, computer hardware and software systems have become
essential to the daily operations of most financial firms. If computer systems involve a
patchwork of old programs, requiring employee intervention to reconcile and create
reports, then operational risk may be high. While the failure of a new computer system
may be less likely, heavy reliance by the institution's personnel and customers on such
systems creates vulnerability for any financial firm. Today, acts of terrorism such as 9/11 and natural disasters
such as hurricanes, earthquakes,
and tsunamis can lead to great loss for any financial firm. These natural and notso-
natural disasters may close financial institutions for extended periods and interrupt
their service to customers. Foregone income from such disasters is unpredictable, resulting
in unexpected operating expenses and greater variability in earnings.
Financial fraud provides the plots for great movies, such as Rogue Trader, The Bank,
and Boiler Room, and the basis for many "60 Minutes" episodes. It's about money, stealing,
and the ultimate failure of some at-risk institutions. A financial firm's owners, employees,
customers, or outsiders may violate the law and perpetrate fraud, forgery, theft, misrepresentation,
or other illegal acts, sometimes leading to devastating losses to otherwise well

Peraturan Bank Indonesia Nomor 13/23/Pbi/2011 Tentang Penerapan

Manajemen Risiko Bagi Bank Umum Syariah dan Unit Usaha Syariah
I. Tujuan pengaturan untuk mengakomodasi karakteristik kegiatan usaha Bank Umum Syariah (BUS)
dan Unit Usaha Syariah (UUS) yang tidak sepenuhnya sama dengan perbankan konvensional dan
dalam rangka memenuhi amanah Pasal 38 UU No. 21 Tahun 2008 tentang Perbankan Syariah.
Penerapan Manajemen Risiko pada BUS dan UUS disesuaikan dengan tujuan, kebijakan usaha,
ukuran dan kompleksitas usaha serta kemampuan BUS dan UUS.
II. Pokok-pokok pengaturan dalam PBI ini antara lain meliputi:
1. Bank wajib menerapkan Manajemen Risiko secara efektif, untuk BUS dilakukan secara
individual maupun konsolidasi dengan perusahaan anak, sedangkan untuk UUS dilakukan
terhadap seluruh kegiatan usaha UUS yang merupakan satu kesatuan dengan penerapan
Manajemen Risiko pada Bank Umum Konvensional yang memiliki UUS (BUK induk).
2. Penerapan Manajemen Risiko paling kurang mencakup :
a. pengawasan aktif Dewan Komisaris, Direksi, dan Dewan Pengawas Syariah;
b. kecukupan kebijakan, prosedur, dan penetapan limit Manajemen Risiko;
c. kecukupan proses identifikasi, pengukuran, pemantauan dan pengendalian Risiko
serta sistem informasi Manajemen Risiko; dan
d. sistem pengendalian intern yang menyeluruh.
3. BUS dan UUS wajib menerapkan Manajemen Risiko yang mencakup 10 risiko, yaitu Risiko
Kredit, Risiko Pasar, Risiko Likuiditas, Risiko Operasional, Risiko Hukum, Risiko Reputasi,
Risiko Stratejik, Risiko Kepatuhan, Risiko Imbal Hasil (rate of return risk), dan Risiko Investasi
(equity investment risk). Penerapan Risiko Imbal Hasil (rate of return risk) dan Risiko Investasi
(equity investment risk) belum diperhitungkan dalam penilaian Risiko (risk profile) BUS dan
UUS. BUS dan UUS wajib melakukan penilaian terhadap Risiko Imbal Hasil dan Risiko
Investasi meskipun penilaian kedua jenis risiko dimaksud belum diperhitungkan dalam
penilaian Risiko (risk profile) BUS dan UUS.
 4. Peringkat risiko dikategorikan menjadi 5 peringkat, yaitu 1 (Low), 2 (Low to Moderate), 3
(Moderate), 4 (Moderate to High), dan 5 (High).

Peraturan Otoritas Jasa Keuangan Nomor 18 /Pojk.03/2016 Tentang Penerapan Manajemen Risiko Bagi
Bank Umum

Pasal 4

(1) Risiko sebagaimana dimaksud dalam Pasal 2 mencakup: a. Risiko Kredit; b. Risiko Pasar; c. Risiko
Likuiditas; d. Risiko Operasional; e. Risiko Hukum; f. Risiko Reputasi; g. Risiko Stratejik; dan h. Risiko
Kepatuhan.

(2) Bank wajib menerapkan Manajemen Risiko untuk seluruh Risiko sebagaimana dimaksud pada ayat 1.