SUB-SECTION 1 Internal data

Article 21 Internal data features

Competent authorities shall assess an institution's compliance with the standards relating to internal data features, as referred to in point (i) of Article 20(d), by verifying at least the following:

  1. (a)

    that the institution gathers all of the following elements within the group in a clear and consistent manner:

    1. (i)

      the gross loss caused by the occurrence of an operational risk event;

    2. (ii)

      the recovery.

  2. (b)

    that the institution is able to separately identify the gross loss amount, the recovery from insurance and other risk transfer mechanisms (ORTM) and the recovery except from insurance and ORTM following an operational risk event, except for losses that are partly or fully recovered within five working days;

  3. (c)

    that the institution implements a system for defining and justifying appropriate data collection thresholds based on the gross loss amount;

  4. (d)

    that the operational risk category is reasonable and does not omit loss data that is material for effective operational risk measurement and risk management;

  5. (e)

    that for each individual loss, the institution is able to identify and record at least the following elements in the internal database:

    1. (i)

      the date of occurrence or start of occurrence of the operational risk event, where available;

    2. (ii)

      the date of discovery of the operational risk event;

    3. (iii)

      the date of accounting.