The Bank of Albania has prepared some changes in the regulation "On operational risk management".

The new draft provides that the subject of this regulation will now be only non-bank financial entities, as well as savings and credit societies and their unions, licensed by the Bank of Albania.

Meanwhile, banks, electronic money institutions, and payment institutions will be subject to a special regulation, which provides for more detailed measures in operational risk management.

But, regardless of this, the Bank of Albania, based on its supervisory evaluations regarding the volume and complexity of the activity, or the level of exposure to operational risk, may decide that certain non-bank financial entities or savings-credit companies, which are entities of this regulation, to become subjects of the regulation "On operational risk management by banks, payment institutions and electronic money institutions".

In this case, the Bank of Albania will determine a time limit within which the subject must ensure the fulfillment of the requirements of the above regulation.

The changes in the regulation "On the management of operational risk" include some details in the definitions of strategic and operational risk, as well as specify the responsibilities of the relevant management links about the implementation of the requirements of this regulation.

Also, the draft regulation has provided some changes in the reporting annexes, with the aim of a more complete detail of the types of operational risks that the subjects of the regulation must monitor and identify.

Meanwhile, in the case when they will be subjects of the other regulation, "On the administration of operational risk by banks, payment institutions, and electronic money institutions", the subjects must administer the operational risk, applying the model of three lines of protection, wherein the first line includes business units and support functions, the second line includes the independent function responsible for operational risk management and the compliance unit, and the third line includes the independent control function.

Once approved by the Supervisory Council, the new regulations are expected to enter into force in 2025.