Article 3
Operational risk events related to legal risk
1. Competent authorities shall confirm that an institution identifies, collects and treats data on operational risk events and losses related to legal risk for the purposes of both management of operational risk and calculation of the AMA own funds requirement by verifying at least all of the following:
|
(a) |
that the institution clearly identifies and classifies as operational risk losses or other expenses deriving from events that result in legal proceedings, including at least the following;
|
|
(b) |
that the institution clearly identifies and classifies as operational risk losses or other expenses resulting from voluntary actions intended to avoid or mitigate legal risks arising from operational risk events, including refunds or discounts of future services offered to customers voluntarily where such refunds are not offered as a result of customer complaints; |
|
(c) |
that the institution clearly identifies and classifies as operational risk losses resulting from errors and omissions in contracts and documentation; |
|
(d) |
that the institution does not classify the following as operational risk:
|
For the purposes of paragraph (a), legal proceedings shall be considered to be all legal settlements, including both mandated court settlements and out of court settlements.
2. For the purposes of this Article, legal rules shall include at least the following:
|
(a) |
any requirement derived from national or international statutory or legislative provisions; |
|
(b) |
any requirement derived from contractual arrangements, internal rules and codes of conduct established in accordance with national or international norms and practices. |
|
(c) |
ethical rules. |