Draft rules published by the European Banking Authority (EBA) in June 2014 would require European banks to quantify broadly-defined legal risks as part of their regulatory-capital calculations. They will force in-house teams to redraw risk-management plans, but may help banks manage the massive costs of conduct breaches – an average of over £50bn a year for ten international banks between 2008 and 2013.

The rules, which could be phased in as early as 2016 as part of the Basel III implementation plan, would extend the scope of legal risk to include what many banks see as conduct risk – a significant change, as many organisations treat these risks as separate categories.

The European banking community raised several points (see box, below) in their September 2014 response. But it would be no surprise if the final rules were to enshrine the idea that conduct issues be included in the scope of legal risk.

We believe that you should:

  • Look closely at your legal risk definitions and examples. If new EBA rules make conduct risk part of legal risk you will need to accommodate this in your existing legal-risk models.
  • Plan how you will quantify legal risk. Banks who quantify and model legal risk, including conduct risk, as well as other operational risks, will be more likely to qualify obtain discounts on the regulatory capital. Legal risk teams will have to decide on legal risk scenarios, models, and report formats.
  • Make sure you have the risk management basics in place. We’ve set out four risk management start-points (below) that will help in-house teams prepare for rule changes.

Click through to download the full article now.