Measuring Operational Risk Using Fuzzy Logic Modeling.

Samir Shah
 

This article is part of a series of articles on modeling operational risks. The introductory article in the series is Measuring and Managing Operational Risks (April 2002).

This article describes how fuzzy logic modeling techniques can be used to assess operational risks. In most cases, there is not enough reliable data to apply the statistical approaches that are commonly used for assessing market risks. There is a greater reliance on expert input rather than historical data to assess operational risks. Modeling techniques that can accommodate a combination of data and expert input are better suited for modeling operational risks. Fuzzy logic has been used for decades in the engineering sciences to embed expert input into computer models for a broad range of applications. It offers a promising alternative for measuring operational risks.

Many companies that are in the process of implementing ERM are assessing operational risks using qualitative methods. The approaches are typically some variation of creating a list of “Top 10” risks based on expert input. The “Top 10” lists are often developed at a low level in the organizational hierarchy (e.g., department, region, or business unit) and consolidated at various levels of the hierarchy to an ultimate corporate “Top 10” list. However, there is not enough information gathered for each risk for managers to assess the relative magnitude of the risks and their interaction across the enterprise. This makes it difficult for managers to decide how much to spend on managing each risk. There is also a possibility that major risks fall through the cracks simply because in isolation within a department, region, or business unit they are not deemed critical, when, in fact, their accumulation and interaction across the enterprise raises the potential of significant losses.

The approach described here is to apply fuzzy logic modeling to assess a risk on the “Top 10” list. The assessment provides a more thorough definition of each risk and its interaction with other risks than the current methods. This provides local risk managers a decision tool for managing risks within their organizational unit. It also allows corporate risk managers clearer information to more reliably distill local Top 10 lists to a corporate Top 10 list and appropriately allocate investment to manage each risk.

FOR 01