Category relating to event type

(Level 1)

Definition

Category relating to activity

(Level 2)

Examples of activities include:

(Level 3)

Internal fraud

Losses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/ discrimination events, which acts involve at least one internal party

Unauthorized activity

Transactions intentionally not reported

Unauthorized transaction with monetary loss

Intentional misrepresentation of position

Theft and fraud

Fraud / credit fraud / worthless deposits

Theft / extortion / embezzlement / robbery

Misappropriation of assets

Malicious destruction of assets

Forgery

Cheque kiting

Smuggling

Account take-over / impersonation / etc.

Tax non-compliance / wilful evasion

Bribes / kickbacks

Insider trading (not on bank/ firm's account)

External fraud

Losses due to acts of a type intended to defraud, misappropriate property or circumvent the law, by a third party

Theft and fraud

Theft/ robbery

Forgery

Cheque kiting

Systems security

Hacking damage

Theft of information with monetary loss

Employment practices and workplace safety

Losses arising from acts inconsistent with employment, health or safety laws or agreements, from payment of personal injury claims, or from diversity / discrimination events

Employee relations

Compensation, benefit, termination issues

Organised labour activity

Safe environment

General liability such as slip and fall

Employee health & safety rules events

Workers compensation

Diversity and discrimination

All discrimination types

Clients, products and business practices

Losses arising from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements), or from the nature or design of a product.

Suitability, disclosure and fiduciary

Fiduciary breaches / guideline violations

Suitability / disclosure issues (KYC, etc.)

Retail customer disclosure violations

Breach of privacy

Aggressive sales

Account churning

Abuse of confidential information

Lender liability

Improper business or market practices

Antitrust

Improper trade / market practices

Market manipulation

Insider trading (on bank/ firm's account)

Unlicensed activity

Money laundering

Product flaws

Product defects (unauthorized, etc.)

Model errors

Selection, sponsorship and exposure

Failure to investigate client per guidelines

Exceeding client exposure limits

Advisory activities

Disputes over performance of advisory activities

Damage to physical assets

Losses arising from loss or damage to physical assets from natural disaster or other events.

Disasters and other events

Natural disaster losses

Human losses from external sources (terrorism,

vandalism)

Business disruption and system failures

Losses arising from disruption of business or system failures

Systems

Hardware

Software

Telecommunications

Utility outage / disruptions

Execution, delivery and process management

Losses from failed transaction processing or process management, from relations with trade counterparties and vendors

Transaction capture, execution and maintenance

Miscommunication

Data entry, maintenance or loading error

Missed deadline or responsibility

Model / system failure

Accounting error / entity attribution error

Other task malfunctioning

Delivery failure

Collateral management failure

Reference data maintenance

Monitoring and reporting

Failed mandatory reporting obligation

Inaccurate external report (loss incurred)

Customer intake and documentation

Client permissions / disclaimers missing

Legal documents missing / incomplete

Customer / client account management

Unapproved access given to accounts

Incorrect client records (loss incurred)

Negligent loss or damage of client assets

Trade counterparties

Non-client counterparty misperformance

Misc. non-client counterparty disputes

Vendors and suppliers

Outsourcing

Vendor disputes