Context In the last few days, several businesses, including aviation and banking sectors, experienced significant disruptions due to issues with Microsoft services. This outage affected various cloud-based services, including Microsoft 365, Azure, and Teams. The interruptions were caused by a combination of network configuration changes and infrastructure issues within Microsoft's global network (https://www.reedsmith.com/en/perspectives/2024/02/business-interruption-claims-in-2024-a-global-perspective) (https://status.cloud.microsoft/#:~:text=URL%3A%20https%3A%2F%2Fstatus,100). The outage highlighted the increasing reliance of global industries on cloud services and the significant impact such disruptions can have on business operations, from communication breakdowns to halted transactions (https://www.businesswire.com/news/home/20240116375142/en/Allianz-Risk-Barometer-A-Cyber-Event-Is-the-Top-Global-Business-Risk-for-2024). While Microsoft worked to resolve the issues, it underscored the importance of robust cyber risk management and contingency planning in mitigating the effects of such outages (https://www.nortonrosefulbright.com/en/knowledge/publications/20530078/the-cyber-risks-faced-by-the-aviation-industry---ten-things-to-know). The recent Microsoft outages, which disrupted services like Microsoft 365, Teams, and Outlook, were primarily caused by a series of technical and security issues. Initially, Microsoft identified that a "wide-area networking (WAN) routing change" led to connectivity problems. This change triggered issues with network latency and timeouts, affecting how packets were forwarded across Microsoft's global network. This impacted users' ability to access various cloud services, including Azure, SharePoint, and OneDrive (https://www.bankinfosecurity.com/microsoft-365-cloud-service-outage-disrupts-users-worldwide-a-21017) (https://www.techradar.com/news/this-is-what-caused-the-recent-huge-microsoft-365-and-teams-outage). Additionally, Microsoft faced cyber risks, particularly distributed denial-of-service (DDoS) attacks. These attacks, launched by a group known as Storm-1359, aimed to disrupt services by overwhelming Microsoft's infrastructure with malicious traffic. The DDoS attacks targeted layer 7 of the OSI model, affecting HTTP(S) traffic and causing resource exhaustion and slowdowns (https://msrc.microsoft.com/blog/2023/06/microsoft-response-to-layer-7-distributed-denial-of-service-ddos-attacks/). To mitigate these issues, Microsoft rolled back the problematic network changes and implemented additional protections to prevent similar disruptions in the future. These measures included enhancing their Web Application Firewall (WAF) and adding stricter controls on network command executions to avoid unintended consequences from network changes (https://www.bankinfosecurity.com/microsoft-experiences-second-major-cloud-outage-in-2-weeks-a-21134) (https://www.techradar.com/news/this-is-what-caused-the-recent-huge-microsoft-365-and-teams-outage). In recent days, significant disruptions in Microsoft services have caused major headaches for businesses worldwide. Industries ranging from aviation to banking found themselves grappling with unexpected downtime, impacting critical operations and highlighting a growing reliance on cloud-based services. This article explores whether Microsoft should be held legally accountable for failing to ensure business continuity for its global customers. The Outage and Its Impacts The recent Microsoft outages affected a range of cloud services, including Microsoft 365, Azure, and Teams. These disruptions were triggered by a combination of network configuration changes and infrastructure issues within Microsoft’s global network. Specifically, a "wide-area networking (WAN) routing change" led to severe connectivity problems. This change caused network latency and timeouts, disrupting the forwarding of data packets across Microsoft's global network. As a result, users experienced significant issues accessing cloud services such as Azure, SharePoint, and OneDrive. In addition to technical glitches, Microsoft also faced cyber threats, particularly distributed denial-of-service (DDoS) attacks. A group known as Storm-1359 targeted Microsoft’s infrastructure with malicious traffic, aiming to exhaust resources and slow down services. These attacks impacted layer 7 of the OSI model, affecting HTTP(S) traffic and causing further disruptions. The Importance of Business Continuity These outages underscore the critical role that cloud services play in modern business operations. From communication breakdowns to halted transactions, the ripple effects of such disruptions can be severe. The aviation and banking sectors, in particular, experienced significant operational impacts, illustrating the high stakes involved. As businesses increasingly rely on cloud services for their day-to-day operations, the importance of robust cyber risk management and contingency planning becomes more apparent. Legal and Ethical Considerations Given the scale and impact of these disruptions, the question arises: should Microsoft be sued for not ensuring business continuity? On one hand, businesses rely on service level agreements (SLAs) with cloud providers like Microsoft to guarantee a certain level of uptime and reliability. When these expectations are not met, it can lead to substantial financial losses and operational challenges. Businesses may argue that Microsoft failed to uphold its end of the agreement, warranting legal action to recover damages. On the other hand, the complexity of managing a global cloud infrastructure means that occasional outages are inevitable. Microsoft did take immediate steps to mitigate the issues, rolling back problematic network changes and enhancing protections against future disruptions. These efforts demonstrate a commitment to resolving the issues and improving service reliability. Cyber Risk Management and Contingency Planning The outages highlight the need for businesses to adopt comprehensive cyber risk management strategies and contingency plans. Relying solely on a single cloud provider can expose businesses to significant risks. Diversifying cloud services and implementing robust backup systems can help mitigate the impact of such outages. Additionally, regular testing and updating of contingency plans can ensure that businesses are better prepared to handle unexpected disruptions. Conclusion While the recent Microsoft outages have caused significant disruptions, suing the tech giant may not be the most effective solution. Instead, businesses should focus on enhancing their own cyber risk management and contingency planning efforts. By diversifying cloud services and implementing robust backup systems, businesses can better protect themselves against future outages. At the same time, cloud providers like Microsoft must continue to improve their infrastructure and security measures to minimize the risk of such disruptions and maintain customer trust. The recent events serve as a stark reminder of the interconnected nature of modern business operations and the importance of resilience in the face of unexpected challenges. References https://www.reedsmith.com/en/perspectives/2024/02/business-interruption-claims-in-2024-a-global-perspective https://status.cloud.microsoft/#:~:text=URL%3A%20https%3A%2F%2Fstatus,100). (https://www.businesswire.com/news/home/20240116375142/en/Allianz-Risk-Barometer-A-Cyber-Event-Is-the-Top-Global-Business-Risk-for-2024 https://www.nortonrosefulbright.com/en/knowledge/publications/20530078/the-cyber-risks-faced-by-the-aviation-industry---ten-things-to-know https://www.bankinfosecurity.com/microsoft-365-cloud-service-outage-disrupts-users-worldwide-a-21017 https://www.techradar.com/news/this-is-what-caused-the-recent-huge-microsoft-365-and-teams-outage https://msrc.microsoft.com/blog/2023/06/microsoft-response-to-layer-7-distributed-denial-of-service-ddos-attacks/

Comment les entreprises marocaines peuvent adopter des cadres simples de gestion des risques op rationnels pour am liorer leurs performancesLes entreprises marocaines, quelle que soit leur taille, peuvent consid rablement am liorer leurs performances en mettant en place des cadres simples mais efficaces de gestion des risques op rationnels. Voici quelques tapes cl s pour y parvenir :1. Identification des risquesLa première tape consiste à identifier les principaux risques op rationnels auxquels l'entreprise est confront e. Cela peut inclure :- Les pannes de systèmes informatiques- Les erreurs humaines- Les fraudes internes ou externes- Les d faillances de fournisseurs- Les perturbations li es aux catastrophes naturelles2. Évaluation et hi rarchisation des risquesUne fois les risques identifi s, il est important de les valuer en termes de probabilit et d'impact potentiel. Cela permettra de hi rarchiser les risques et de concentrer les efforts sur les plus critiques.3. Mise en place de contrôlesPour chaque risque prioritaire, l'entreprise doit mettre en place des contrôles adapt s. Par exemple :- Des sauvegardes r gulières des donn es pour les risques informatiques- Des proc dures de double v rification pour limiter les erreurs humaines- Des audits internes pour pr venir la fraude4. Formation et sensibilisation du personnelIl est crucial de former les employ s à la gestion des risques et de les sensibiliser à l'importance de suivre les proc dures mises en place.5. Suivi et am lioration continueLa gestion des risques est un processus continu. Il est important de suivre r gulièrement l'efficacit des contrôles mis en place et d'ajuster la strat gie si n cessaire.6. Int gration dans la culture d'entreprisePour être vraiment efficace, la gestion des risques doit faire partie int grante de la culture de l'entreprise. Cela implique un engagement fort de la direction et une communication claire sur l'importance de cette d marche.Avantages pour les entreprises marocaines :- R duction des pertes op rationnelles- Am lioration de l'efficacit et de la productivit - Renforcement de la confiance des clients et des partenaires- Meilleure r silience face aux perturbations- Conformit accrue avec les r glementations 7. Types de risques op rationnels sp cifiques aux entreprises marocainesa) Risques li s à l'infrastructure :- Coupures d' lectricit et instabilit du r seau lectrique- Problèmes d'approvisionnement en eau dans certaines r gions- D fis logistiques dus à l' tat des routes dans les zones ruralesb) Risques li s à la main-d'œuvre :- P nurie de comp tences dans certains secteurs technologiques- Taux de rotation lev dans certaines industries- D fis li s à la formation et au d veloppement des comp tencesc) Risques r glementaires :- Changements fr quents dans la l gislation du travail- Complexit des proc dures administratives- Enjeux li s à la conformit fiscaled) Risques de march :- Fluctuations des taux de change, notamment par rapport à l'euro- D pendance vis-à-vis de certains march s d'exportation- Concurrence croissante des importations à bas prix8. Exemples concrets de mise en œuvrea) Industrie textile :Une entreprise textile de Casablanca a mis en place un système de suivi des pannes machines. Elle a form ses op rateurs à signaler imm diatement tout problème et a cr une quipe de maintenance pr ventive. R sultat : r duction de 30% des temps d'arrêt et augmentation de 15% de la productivit .b) Secteur agroalimentaire :Un producteur d'agrumes de la r gion de Souss-Massa a d velopp un plan de gestion des risques climatiques. Il a investi dans des systèmes d'irrigation efficaces et diversifi ses cultures. Ces mesures ont permis de r duire de 25% les pertes dues aux s cheresses.c) Services financiers :Une banque marocaine a mis en place un programme de formation sur la cybers curit pour tous ses employ s. Elle a galement renforc ses systèmes de d tection des fraudes. Ces actions ont permis de r duire de 40% les incidents de s curit .9. D fis potentiels et moyens de les surmontera) R sistance au changement :- D fi : Les employ s peuvent être r ticents à adopter de nouvelles pratiques.- Solution : Communiquer clairement les avantages, impliquer les employ s dans le processus et c l brer les succès pr coces.b) Manque de ressources :- D fi : Les petites entreprises peuvent manquer de budget ou de personnel pour la gestion des risques.- Solution : Commencer par des outils gratuits ou peu coûteux, former des employ s existants plutôt que d'embaucher des sp cialistes.c) Complexit perçue :- D fi : La gestion des risques peut sembler trop complexe ou acad mique.- Solution : Simplifier le langage, utiliser des exemples concrets et adapter les outils au contexte local.d) Manque de donn es :- D fi : Difficult à obtenir des donn es fiables pour valuer les risques.- Solution : Commencer avec des estimations bas es sur l'exp rience, puis affiner progressivement avec la collecte de donn es au fil du temps.e) Coordination inter-d partements :- D fi : Silos organisationnels empêchant une approche globale des risques.- Solution : Cr er des quipes transversales, organiser des ateliers inter-d partements et encourager le partage d'informations.ConclusionL'adoption de cadres simples de gestion des risques op rationnels repr sente une opportunit significative pour les entreprises marocaines. En adaptant ces pratiques à leur contexte sp cifique et en surmontant les d fis initiaux, elles peuvent non seulement am liorer leur performance mais aussi contribuer à renforcer la r silience de l' conomie marocaine dans son ensemble. À mesure que ces pratiques se r pandront, elles pourront cr er un effet d'entraînement positif, encourageant l'innovation, attirant les investissements et positionnant le Maroc comme un leader r gional en matière de gestion des risques et de performance organisationnelle.

Contents 1 Abstract.. 4 2 Introduction.. 4 3 Objective: 5 4 Plan of the paper: 5 5 Chapter 1: Risk History and definitions. 5 5.1 Introduction: 5 5.2 Section I: Risk Management History: 6 5.3 Section 2: Definitions of Risk Management: 7 5.3.1 Market Risk: 8 5.3.2 Credit Risk. 8 5.3.3 Liquidity Risk: 8 5.3.4 Operational Risk: 9 6 Chapter 2: Evolvement of Risk Management: Basel I, II and III. 10 6.1 Introduction: 10 6.2 Section I: Basel I and its shortcomings: 11 6.3 Section 2: Basel II 12 6.4 Section 3: Basel III 13 6.4.1 Summary OF changes. 13 7 Chapter 3: Risk in Islamic Finance Institutions. 14 7.1 Introduction: 14 7.2 Section 1: Islamic Finance Institutions are unique. 16 7.3 Section 2: Types of Risks in the IFIs: 17 8 Chapter 4: Islamic Finance Products, Risks and the key challenges. 19 8.1 Introduction: 19 8.2 Section 1: Risks in Islamic Finance Products: 19 8.2.1 Risks in Musharakah Contracts: 21 8.2.2 Risks in Mudarabah contract: 22 8.2.3 Risks in Murabahah Contract: 24 8.2.4 Risks in Salam Contract: 24 8.2.5 Risks in Istisnaa Contract 25 8.2.6 Risks in Iajrah Contract: 26 8.3 Section 2: Challenges of Risk Management in Islamic Finance Products. 27 9 Chapter 5: Operational Risk in Islamic Finance Institutions. 28 9.1 Introduction: 28 9.2 Section 1: Operational Risk in Musharakah contract: 28 9.3 Section 2: Operational Risk in Mudarabah contract. 29 9.4 Section 3: Operational Risk in Murabahah contract. 29 9.5 Operational Risk in Salam contract. 30 9.6 Operational Risk in Istisnaa contract: 30 9.7 Operational Risk in Ijarah contract: 30 10 Conclusion.. 30 10.1 Findings. 30 10.2 Recommendations. 31 11 References. 33 1 Abstract As IFIs are growing extensively and expected to grow up to 15% in the coming years, it is primordial that all the industry stakeholders start to invest their efforts to develop the Risk Management disciplines. The IFSB and AAOIFI are not sparing any effort to guide and participate in shaping the IF Risk Management, however, they tend to be inspired by the existing frameworks historically developed for Conventional Banks. Islamic Finance contracts are very different in nature and in substance from conventional banks, thus, the conventional Risk Management cannot cater for their uniqueness. This paper tried to highlight uniqueness of risk aspects within the IF contracts, and focused on Operational Risk, which is in my opinion in the major risk for IFI. 2 Introduction Risk Management have evolved since its first appearance after the World War II. The Bank of International Settlement have tried to adapt to the changes in the Finance industry and issued 3 version of the Basel Guidelines on Capital Requirements (Basel I, II and III). These guidelines have identified Capital Requirements for Credit Risk, Market Risk and Operational Risk. They also issued Sound Practices for Risk Management for each type of Risk. With the venue of the Islamic Finance Industry in the 1960s, Risk Management tools had to adapt to the uniqueness of their products. IFSB and AOIIFI have invested huge efforts in developing Risk Management guidelines for IFIs. Scholars and Islamic Finance practitioners issued multitude of papers attempting to circle aspects of Risk in the Islamic Finance Contracts. They have demonstrated that Islamic Finance encompasses other types of Risk that are unknown to conventional Banks (Fiduciary Risk, Sharia non-compliance Risk, Commercial Displaced Risk, etc.) Many of those scholars have also found out that the IFIs are more exposed to Operational Risk than the conventional banks, mainly due to the complexity of the contracts and their execution. This research is an attempt to add some more light on Risks faced by Islamic Finance Institution with a special focus on Operational Risk. 3 Objective: Risk Management in IFIs tends to be complex and least understood by the business and even by the Risk Management practitioners, in this research I will attempt to define Risks in IFIs and clarify its specifications by demonstrating its uniqueness, especially in the Islamic Finance contracts, where each contract can encompass more than one type of Risk. I will also try to cover some more details of Operational Risk aspects in the IF contracts and demonstrate its importance and complexity during the lifecycle. That being discussed I will propose some actions that can enhance the Operational Risk Management within the IFIs. 4 Plan of the paper: In this paper, I will be defining Risk Management in general in Financial Institutions and its degree of evolvement especially in conventional banking, how Risk is different in Islamic Financial Institutions from conventional banks, their instruments and what are the key challenges. Then I will be discussing the Operational Risk Management in Islamic Finance Institutions and its specifications. 5 Chapter 1: Risk History and definitions 5.1 Introduction: Risk Management emerged after the World War II, and began to be studied in universities as a discipline with the two academic books ( Mehr and Hedges (1963) and Williams and Hems (1964)[1]. Risk Management was, for a long time, the ultimate tool for Insurance Industry aiming to mitigate Risks related to individuals and companies from losses incurred from accidents[2] After 1950s, and due to the increasing costs of insurance, various Risk Management activities were introduced to the business (e.g. business continuity, self-insurance). Derivatives were introduced after 1970s to mitigate the faced risks. Market, Credit, and Operational Risk Management tools were introduced to manage the emerging risks from the intensified activities with insurance and Finance industries (consequently after 1980s for Market and Credit and 1990s for Operational Risk)[3] The objective of a financial institution (or for any kind of business) is to maximize shareholders’ profits by adding value and best usage of available resources. Financial institutions, in particular, have to manage Risks to achieve the aforesaid objective. Risk is defined as a possible adverse, one or more, outcomes, it is unknown for its intrinsic volatility and unpredictability. Financial institutions face different types of Risks. Business Risks, which “arises from the nature of a firm’s business. It relates to factors affecting the product market. Financial risk arises from possible losses in financial markets due to movements in financial variables [4]”. Oldfield and Santomero classifies Risk in three types: risks that can be eliminated, those that can be transferred to others, and the risks that can be managed by the institution. [5]” Besides the above given definitions, Risk can also be defined as Financial Risk, i.e. Credit Risk and Market Risk, and non-Financial Risk, i.e., among others, Operational Risk, Legal Risk, Reputational Risk and Strategic Risk.[6] 5.2 Section I: Risk Management History: Risk Management historically was the main objective of the insurance industry. After the World War II, large companies started to mitigate their risks by introducing Self-Insurance techniques. It was largely applied to cover adverse financial impacts consequent of events of losses or Market volatility. After 1970s, Financial Risk Management emerges as a cornerstone for multitude of companies including banks. In Fact, Stock Market prices, exchange rates, commodity prices, were their main concerns. Table 1: Milestones in the History of Risk Management[7] In 1990s Risk Management took more momentum and became a high priority matter for corporates, Board of Director have now the responsibility of oversight and monitoring policies effected by the Board Audit and Risk Management Committees. Financial Institution, after 2000s are required to implement capital reserves for risks, especially after the major defaults and the Enron bankruptcy case. Basel II (2004) issued guidelines on more robust capital requirements on banks for Credit Risk, also introduced rules on managing Operational Risk. In 2010 Basel III came as a response to the 2008 subprime crisis, with more constraints on capital requirements and new Liquidity Risk Management guidelines. 5.3 Section 2: Definitions of Risk Management: According to Wikipedia, “Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events[8] or to maximize the realization of opportunities. Risk management’s objective is to assure uncertainty does not deflect the endeavor from the business goals.[9]” Financial Institutions face generally two types of Risk, Financial and Non-Financial[10] (Gleason 2000). Financial Risks are those due Market volatility (Market Risk), and those due customers’ defaults (Credit Risk). Non-Financial Risk includes, but not limited to, Operational Risk, Legal Risk, Reputational Risk, Regulatory Compliance Risk. 5.3.1 Market Risk: Market Risk is defined as the risk from adverse volatility of traded instruments and assets in a well-defined Market[11]. Market Risk can affect both banking and trading books. In the sense that it is originated from equity price risk, interest rate risk, currency risk, and commodity price risk. Market Risk is said systematic when it arises due to the general volatility of prices and overall changes in policies in the economy. When the price of a specific asset or instruments changes due to events inherent to it, it is categorized as unsystematic Risk. 5.3.2 Credit Risk “Credit risk is most simply defined as the potential that a bank borrower or counterparty will fail to meet its obligations in accordance with agreed terms. The goal of credit risk management is to maximize a bank's risk-adjusted rate of return by maintaining credit risk exposure within acceptable parameters. Banks need to manage the credit risk inherent in the entire portfolio as well as the risk in individual credits or transactions. Banks should also consider the relationships between credit risk and other risks. The effective management of credit risk is a critical component of a comprehensive approach to risk management and essential to the long-term success of any banking organization.”[12] Credit Risk is the risk that counterparty will fail to meet its obligations timely and fully in accordance with the agreed terms[13]. 5.3.3 Liquidity Risk: The Principles for Sound Liquidity Risk Management and Supervision[14] (BCBS 2008) defines Liquidity as “the ability of a bank to fund increases in assets and meet obligations as they come due, without incurring unacceptable losses.” Liquidity Risk arises then from adverse circumstances that hurdles a bank to normally operate and meet its liabilities when due. Funding Liquidity Risk occurs when banks are unable to secure funds at a reasonable cost from borrowing, Asset Liquidity Risk arises when banks face difficulties to generate liquidity from sale of assets.[15] 5.3.4 Operational Risk: The BCBS Principles for the Sound Management of Operational Risk defines Operational Risk as the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk, but excludes strategic and reputational risk.[16] Operational Risk was for a long time out of the radar of the corporates and scholars, it was not quite understood. Power writes: “Operational risk was conceived as a composite term for a wide variety of organizational and behavioural risk issues which were traditionally excluded from formal definitions of market and credit risk. The explosion of operational risk discourse gave new structure and rationality to what had traditionally been regarded as a risk management residual and negatively described as non-financial risk.”[17] The Bank of international Settlements (BIS) have categorized Operational Risk into four causal categories[18]: · Process · Business Process (lack of proper due diligence, inadequate/problematic account reconciliation, etc.) · Business Risks (merger risk, new product risk, etc.) · Errors and Omissions (inadequate/problematic security, inadequate/problematic quality control, etc.) · Specific Liabilities (employee benefits, employer, directors and officers, etc.) · People · Employee Errors (general transaction errors, incorrect routing of transaction, etc.) · Human Resource Issues (employee unavailability, hiring/firing, etc.) · Personal Injury – Physical Injury (bodily injury, health and safety, etc.) Personal Injury – Non–Physical Injury (libel/defamation/slander, discrimination/harassment, etc.) · Wrongful Acts (fraud, trading misdeeds, etc.) · Information Technology · General Technology Problems (operational error – technology related, unauthorized use/misuse of technology, etc.) · Hardware (equipment failure, inadequate/unavailable hardware, etc.) · Security (hacking, firewall failure, external disruption, etc.) · Software (computer virus, programming bug, etc.) · Systems (system failures, system maintenance, etc.) · Telecommunications (telephone, fax, etc.) · External Events · Disasters (natural disasters, non–natural disasters, etc.) · External Misdeeds (external fraud, external money laundering, etc.) · Litigation/Regulation (capital control, regulatory change, legal change, etc.) · Relationships · Legal/Contractual (securities law violations, legal liabilities, etc.) · Negligence (gross negligence, general negligence, etc.) · Sales Discrimination (lending discrimination, client Discrimination, etc.) · Sales Related Issues (churning, sales misrepresentation, high pressure sales tactics, etc.) · Specific Omissions (failure to pay proper fees, failure to file proper report, etc.) Gene Alvares attempted a mapping exercise between the Causal Categories and Basel Risk Types (Alvares, Global Association of Risk Professionals GARP studies. 2002). Mapping illustration between the Basel Committee’s proposed operational risk event classification scheme and Zurich IC2 format. (Alvarez, 2002)[19] References Georges Dionne, Risk Management: History and Critique, March 2013 Harrington and Neihaus, 2013, Georges Dionne, Risk Management: History and Critique, March 2013 Jorion and Khoury 1996, reference cited by Tariqullah Khan Habib Ahmed: Risk Management: An Analysis Of Issues In Islamic Financial Industry, 2001, Islamic Development Bank, Islamic Research and Training Institute Oldfield and Santomero (1997), reference cited by Tariqullah Khan Habib Ahmed: Risk Management: An Analysis Of Issues In Islamic Financial Industry, 2001, , Islamic Development Bank, Islamic Research and Training Institute Tariqullah Khan Habib Ahmed: Risk Management: An Analysis Of Issues In Islamic Financial Industry, 2001, Islamic Development Bank, Islamic Research and Training Institute Hubbard, Douglas (2009). The Failure of Risk Management: Why It's Broken and How to Fix It. John Wiley & Sons. (Wikipedia) Antunes, Ricardo; Gonzalez, Vicente (3 March 2015). "A Production Model for Construction: A Theoretical Framework". Buildings. 5 (1): 209–228. doi:10.3390/buildings5010209. (Wikipedia) BCBS - Principles for the Management of Credit Risk - final document, September 2000 BCBS - Principles for Sound Liquidity Risk Management and Supervision - final document, September 2008 BCBS Principles for the Sound Management of Operational Risk, 2011 Power p. 103 Cited by Johannes Gaus aus Böblingen, The Risks of Financial Risk Management, Master-Thesis, Economics of Financial Institutions European Business School, Department Corporate Management & Economics, Zeppelin University Marinoiu Ana Maria, Bucharest University of Economics, Faculty of International Business and Economics, Operational Risk In International Business: Taxonomy And Assessment Methods, Federal Reserve Bulletin, September 2003, Capital Standards for Banks: The Evolving Basel Accord BCBS, Basel II: The New Basel Capital Accord - third consultative paper April 2003 and Revised international capital framework, June 2006 Basel III: international regulatory framework for banks Sean Kenny, To What Extent were the Limitations of the Previous Basel Accords (I & II) overlooked by Basel III?, Master programme in Economic History, Lund University, School of Economics and Management, June 2011 BCBS- Pillar 2 (Supervisory Review Process), the New Basel Capital Accord, Principal 2 Basel II, Tamer Bakiciol Nicolas Cojocaru-Durand DongxuLu, December 2008 BIS, BCSB, Basel III: international regulatory framework for banks Basel Committee on Banking Supervision, Basel III: International Framework for Liquidity Risk Measurement, Standards and Monitoring, Dec 10, Bank for International Settlements. http://wwww.basel-ii-risk.com/basel-iii-guide-to-the-changes/ Ahmad Alharbi, Development of the Islamic Banking System, Journal of Islamic Banking and Finance June 2015, Vol. 3, No. 1 Syed Ehsan Ullah Agha, RISK MANAGEMENT IN ISLAMIC FINANCE: AN ANALYSIS FROM OBJECTIVES OF SHARI’AH PERSPECTIVE, International Journal of Business, Economics and Law, Vol. 7, Issue 3 (Aug.) 2015 Specifics of Risk Management in Islamic Finance and Banking, with Emphasis on Bosnia and Herzegovina, E.Kozarević, M.Baraković Nurikić & N.Nuhanović, Bahar/Spring 2014, Volume 4, Issue 1, Çankırı Karatekin University, Journal of The Faculty of Economics, and Administrative Sciences. Ioannis Akkizidis and Sunil Kumar Khandelwal, Financial Risk Management for Islamic Banking and Finance, Palgrave Macmillan. Standing Committee for Economic and Commercial Cooperation of the Organization of Islamic Cooperation (COMCEC), Risk Management in Islamic Financial Instruments, COMCEC Coordination Office, September 2014. ISLAMIC FINANCIAL SERVICES BOARD, GUIDING PRINCIPLES OF RISK MANAGEMENT FOR INSTITUTIONS (OTHER THAN INSURANCE INSTITUTIONS) OFFERING ONLY ISLAMIC FINANCIAL SERVICES, December 2005. Nurhafiza Abdul Kader Malim PhD, Islamic Banking and Risk Management: Issues and Challenges, Journal of Islamic Banking and Finance Oct.- Dec. 2015. Hennie van Greuning Zamir Iqbal, Risk Analysis for Islamic Banks, THE WORLD BANK Washington, D.C., December 2008. Ahmad Mohamed Rahim, Operational Risks in Islamic Profit Sharing Contracts and Ways to Overcome Them, MSc in Islamic Finance, The Global University of Islamic Finance, October 2014 (http://www.inceif.org/research-bulletin/operational-risks-islamic-profit-sharing-contracts-ways-overcome/) [1] Georges Dionne, Risk Management: History and Critique, March 2013, p. 1 [2] Harrington and Neihaus, 2013, Georges Dionne, Risk Management: History and Critique, March 2013, p. 1 [3] Georges Dionne, Risk Management: History and Critique, March 2013, p. 1 [4] Jorion and Khoury 1996, p. 2, reference cited by Tariqullah Khan Habib Ahmed: Risk Management: An Analysis Of Issues In Islamic Financial Industry, 2001,p. 26, Islamic Development Bank, Islamic Research and Training Institute [5] Oldfield and Santomero (1997), reference cited by Tariqullah Khan Habib Ahmed: Risk Management: An Analysis Of Issues In Islamic Financial Industry, 2001,p. 27, Islamic Development Bank, Islamic Research and Training Institute [6] Tariqullah Khan Habib Ahmed: Risk Management: An Analysis Of Issues In Islamic Financial Industry, 2001,p. 28, Islamic Development Bank, Islamic Research and Training Institute [7] Georges Dionne, Risk Management: History and Critique, March 2013, p. 6 [8] Hubbard, Douglas (2009). The Failure of Risk Management: Why It's Broken and How to Fix It. John Wiley & Sons. p. 46. (Wikipedia) [9] Antunes, Ricardo; Gonzalez, Vicente (3 March 2015). "A Production Model for Construction: A Theoretical Framework". Buildings. 5 (1): 209–228. doi:10.3390/buildings5010209. (Wikipedia) [10] Tariqullah Khan Habib Ahmed: Risk Management: An Analysis of Issues in Islamic Financial Industry, 2001, p. 28, Islamic Development Bank, Islamic Research and Training Institute [11] Tariqullah Khan Habib Ahmed: Risk Management: An Analysis of Issues in Islamic Financial Industry, 2001, p. 28, Islamic Development Bank, Islamic Research and Training Institute [12] BCBS - Principles for the Management of Credit Risk - final document, September 2000 [13] Tariqullah Khan Habib Ahmed: Risk Management: An Analysis of Issues in Islamic Financial Industry, 2001, p. 29, Islamic Development Bank, Islamic Research and Training Institute [14] BCBS - Principles for Sound Liquidity Risk Management and Supervision - final document, September 2008 [15] Tariqullah Khan Habib Ahmed: Risk Management: An Analysis of Issues in Islamic Financial Industry, 2001, p. 29, Islamic Development Bank, Islamic Research and Training Institute [16] BCBS Principles for the Sound Management of Operational Risk, 2011, p. 3 [17] Power p. 103 Cited by Johannes Gaus aus Böblingen, The Risks of Financial Risk Management, Master-Thesis, Economics of Financial Institutions European Business School, Department Corporate Management & Economics, Zeppelin University, p. 38 [18] Marinoiu Ana Maria, Bucharest University of Economics, Faculty of International Business and Economics, Operational Risk In International Business: Taxonomy And Assessment Methods, P. 196 [19] Marinoiu Ana Maria, Bucharest University of Economics, Faculty of International Business and Economics, Operational Risk in International Business: Taxonomy and Assessment Methods, P. 197