Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official. 
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
Https
The site is secure. 
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Financial Institution Letter

Advanced Measurement Approach: Supervisory Guidance

Summary

The FDIC, with the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency, and the Office of Thrift Supervision, is issuing guidance to clarify supervisory expectations and to highlight key considerations to implement an effective advanced measurement approach (AMA) framework. The guidance focuses on the combination and use of the four required AMA data elements: internal operational loss event data, external operational loss event data, business environment and internal control factors (BEICFs), and scenario analysis. Given some of the unique challenges with scenario analysis as it relates to the AMA, this data element is discussed in greater detail. Governance and validation also are discussed given their importance in ensuring the integrity of a bank's AMA framework.

Statement of applicability to institutions with total assets less than $1 billion: Not applicable

Highlights

  • An effective AMA management framework requires effective governance, risk capture and assessment, and quantification of operational risk exposure. Verification and validation of the advanced systems, including the data elements and quantification models, are critical to the integrity of the AMA framework.
  • Banks should institute operational risk data and assessment systems that capture the operational risks to which the firm is exposed. These systems must include credible, transparent, systematic, and verifiable processes that incorporate the four required AMA data elements.
    1. Internal operational loss event data – Banks should use at least five years of data, support collection thresholds, and include legal losses in the quantification process no later than the date the legal reserve is established.
    2. External operational loss event data – Banks should have sound practices for sourcing, selecting, scaling, and modeling of external data.
    3. Scenario analysis – To ensure integrity of the process, banks should have a process that is clearly defined, repeatable, and transparent.
    4. BEICFs – Banks should have sound practices to ensure a systematic assessment of risk across the organization.
  • To ensure credible estimates of operational risk exposure, the risk quantification system must include a credible, transparent, systematic, and verifiable approach for weighting each of the four data elements.

Suggested Distribution

FDIC-Supervised Banks (Commercial and Savings)

Suggested Routing

Chief Financial Officer 

Chief Information Officer

Chief Risk Officer

Note

FDIC financial institution letters (FILs) may be accessed from the FDIC's Web site at www.fdic.gov/news/financial-institution-letters/2011/index.html

To receive FILs electronically, please visit http://www.fdic.gov/about/subscriptions/index.html

Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).

FIL-41-2011
Attachment(s)

Last Updated: June 3, 2011