1. 1.These Standards form part of the Operational Risk Regulation. All Banks must comply with these Standards, which expand on the Regulation. These Standards are mandatory and enforceable in the same manner as the Regulation.
2. 2.Operational risk is inherent in all dimensions of a Bank, including all banking products, activities, processes and systems. Accordingly, the effective management of operational risk is a fundamental element of a Bank’s risk management program. Banks with a sound operational risk management framework, a strong risk management culture and ethical business practices, are less likely to experience potentially damaging operational risk events and better placed to deal effectively with those events that do occur.
3. 3.A Bank’s Board is in ultimate control of the Bank and accordingly ultimately responsible for operational risk management. There is no one-size-fits-all or single best solution. Accordingly, each Bank could meet the minimum requirements of the Regulation and Standards in a different way and thus may adopt an organizational framework appropriate to the risk profile, nature, size and complexity of its business and structure. The onus is on the Board to demonstrate that it has implemented an appropriate approach to operational risk management. Banks are encouraged to adopt leading practices that exceed the minimum requirements of the Regulation and Standards.¹
4. 4.The Standards follow the structure of the Regulation, with each article corresponding to the specific article in the Regulation.

¹ The Central Bank will apply the principle of proportionality in the enforcement of the Regulation and Standards, whereby smaller banks may demonstrate to the Central Bank that the objectives are met without necessarily addressing all of the specifics cited in the Standards.