The operational risk is defined as "the risks of losses due to the inadequacy or failure of internal procedures, human resources and systems or external circumstances, including legal risks".
Frameworks, guidelines and procedures applying to the whole Bank are prepared by the Risk Office based on the risk policy and are documented in the OP Risk Manual. The OP Risk Manual also comprises emergency manuals and emergency plans as well as crises scenarios subject to an annual review. The ongoing maintenance and evaluation of the damages database guarantees a continous optimisation process of operational risks. Due to the importance of information security, an Information Security Officer was appointed in 2007.