___________________________________________________________________________________________________________________________

The New Basel Capital Accord (Basel II):

Impact on IT and Information Security

3 days

Course Objective:

The seminar has been designed to provide with the knowledge and skills needed to understand and support Basel II compliance. 

Target Audience:

This course is intended for IT and risk managers and professionals from Banks, Financial Institutions, Multinational Corporations, Supervisory Agencies.

This course is recommended for all managers and professionals who need to understand and speak the specialized language of Basel compliance, which must become the common language throughout their organization.

This course is highly recommended for:

• C – Level Executives and Boards of Directors
• IT and Information Security Directors, Managers and Professionals
• Chief Risk and Compliance Officers
• IT and Security Process Owners
• Network, System and Security Administrators
• IT Auditors
• IT, Security and Management Consultants

Duration:   3 Days, 09:00 to 17:00.

Instructor:  George Lekatis

George Lekatis is a senior risk and compliance consultant and certified trainer. George has acted in the role of a Sarbanes Oxley, risk and compliance Subject Matter Expert. He has documented processes, performed walkthroughs, identified, analyzed and evaluated Information Technology risks to strengthen internal controls related to Sarbanes-Oxley and Basel II compliance. He has managed several teams that examined compliance risks, system vulnerabilities and possible threats, and then applied safeguards. Designed, reviewed and implemented IT, security and compliance solutions for companies and organizations of the public and the private sector. George has more than 16,000 hours experience as a professional speaker and seminar leader. George Lekatis is an expert witness, qualified to investigate and testify about best practices, standards, Sarbanes Oxley and Basel ii compliance, due care and due diligence. George is Mathematician, Certified Information Systems Security Professional (CISSP), CISSP Lead Instructor, Steganography Investigator, Internet Security Systems (ISS) Certified in Internet Scanner, Database Scanner and System Scanner, Checkpoint Certified Security Administrator (CCSA), Microsoft Certified System Engineer certified in Windows NT and Windows 2000 (MCSE), Microsoft Certified Trainer (MCT).

Course Synopsis:

The Bank for International Settlements (BIS)

• The Basel Committee on Banking Supervision
• From the Young Plan (1930) to Basel II
• Regulatory supervision of internationally active banks
• The failure of the Bankhaus Herstatt and the crisis of confidence

First Basel Capital Accord

• Formulating broad supervisory standards and guidelines
• Regulatory and economic capital
• Important objectives
• 1980s: The capital ratios of the main international banks are deteriorating
• Credit Risk
• Assets are weighted by factors
• On-balance sheet engagements
• Off-balance sheet engagements
• Examples of capital requirements
• December 1987: The Basel Capital Accord approved by the G10
• Basel I amendments

 The New Basel Capital Accord (Basel II)

• Realigning the regulation with the economic realities of the global banking markets
• New capital adequacy framework replaces the 1988 Accord
• Improving risk and asset management to avoid financial disasters
• "Sufficient assets" to offset risks 
• The technical challenges for both banks and supervisors
• How much capital is necessary to serve as a sufficient buffer?
• The three-pillar regulatory structure
• Purposes of Basel II
• Scope of the application
• Pillar 1:
• Credit Risk – 3 approaches
• The standardized approach to credit risk
• Claims on sovereigns
• Claims on banks
• Claims on corporates
• The two internal ratings-based (IRB) approaches to credit risk
• Some definitions: PD - The probability of default, LGD - The loss given default, EAD - Exposure at default, M – Maturity
• 5 classes of assets
• Pillar 2:
• Key principles
• Aspects and issues of the supervisory review process
• Pillar 3:
• Disclosure requirements
• Qualitative and Quantitative disclosures
• Guiding principles
• Employees Affected
• Effective Dates

Framework for internal control systems in banking organizations - Basel Committee on Banking Supervision

• The 13 Principles for the Assessment of Internal Control Systems
• The 13 Principles and COSO
• The control environment
• Risk assessment
• Control activities
• Information and communication
• Monitoring
• Types of control breakdowns typically seen in problem bank cases
• The objectives and role of the internal controls framework
• The major elements of an internal control process
• Evaluation of internal control systems by supervisory authorities
• Role and responsibilities of external auditors
• Supervisory lessons learned from internal control failures  

Operational Risk

• What is operational risk
• Legal risk
• Information Technology operational risk
• Operational, operations and operating risk
• The evolving importance of operational risk
• Quantification of operational risk
• Loss categories and business lines
• Operational risk measurement methodologies
• Identification of operational risk
• The Delphi method

Operational Risk Approaches

• Basic Indicator Approach (BIA)
• Standardized Approach (SA)
• Alternative Standardized Approach (ASA)
• Advanced Measurement Approaches (AMA)
• Internal Measurement Approach (IMA)
• Loss Distribution (LD)
• Standard Normal Distribution
• "Fat Tails" in the normal distribution
• Expected loss (EL), Unexpected Loss (UL)
• Value-at Risk (VaR)
• Value-at Risk and Basel I amendment, 1996
• Value-at Risk and Basel II
• Calculating Value-at Risk
• Monte Carlo simulations
• Monte Carlo limitations
• Extreme Value theory
• Scoreboards
• Stress Testing
• Stress testing and Basel
• (AMA) Advantages / Disadvantages
• Recognition of the firms’ own modelling of operational risk losses
• "Weak banks", internal and external audit and sound practices for operational risk
• Self assessment
• Key Risk Indicators
• Operational Risk Measurement Issues
• The game theory
• The prisoner’s dilemma – and the connection with operational risk measurement and management
• Operational risk management
• Operational Risk Management Office
• Key functions of Operational Risk Management Office
• Key functions of Operational Risk Managers
• Key functions of Department Heads
• Internal and external audit
• Operational risk sound practices
• Operational risk mitigation
• Insurance to mitigate operational risk
• Market discipline
• Supervisory review
• Minimum capital requirements

Third-party service providers and vendors

• Redefining outsourcing
• Outsourcing services and Basel II compliance
• The new definition of outsourcing
• Outsourcing after Basel II
• Offshore outsourcing is also redefined
• Key risks of outsourcing
• What is needed from vendors and service providers

Basel II and other regulations

• Basel and other regulations
• Governance issues
• Capital Requirements Directive (CRD)
• Markets in Financial Instruments Directive (MiFID)
• What will be the impact of MiFID to EU and non EU banks?
• Aligning Basel II operational risk and Sarbanes-Oxley 404 projects
• Common elements and differences of compliance projects
• New standards
• Disclosure issues
• Multinational companies and compliance challenges