Draft:Operational risk quantification

Introduction

Operational risk quantification refers to the set of statistical and analytical methods used to assess and model an organization's potential financial losses related to operational risk, i.e., losses arising from either internal failures (fraud, data entry errors, etc.) or external events over which the organization has limited control (natural disasters, epidemics, etc.). Thus, for a bank, the risk of a borrower defaulting is not an operational risk (it is a credit risk, which must be regulated by the bank's internal processes), but an error in granting credit (the bank advisor makes a mistake and accepts a loan they intended to refuse) is an operational risk.

Operational risk quantification is particularly well-developed in the financial sector. On one hand, it is one of the major risks in the field: market operations conducted in circumvention of the institution's processes can lead to losses amounting to billions of euros and jeopardizing the survival of an institution. On the other hand, losses are formally defined in the international regulations of the Basel Committee on Banking Supervision during the Basel II Accords (2004). This regulation defines them as "the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events".[1], and mandates their quantification in order to assess a portion of regulatory capital and economic capital (Pillar 2 / ICAAP), i.e., the amount of equity that financial institutions must hold to absorb a sufficient level of risk. This quantification also serves as a basis for calibrating risk appetite and assessing operational resilience, ensuring an institution's ability to maintain its essential activities during major shocks.

In practice, institutions rely on a combination of qualitative approaches, such as Risk and Control Self-Assessment (RCSA), and quantitative approaches, such as the Standardized Measurement Approach (SMA) and the Loss Distribution Approach (LDA).

Since the 2020s, in response to the emergence of systemic threats linked to climate risks and dependence on technological service providers, these methodologies have integrated forward-looking scenario analyses. These practices are framed by new supervisory standards (such as the European regulation DORA, Digital Operational Resilience for the financial sector and Amending regulations) and rely technically on machine learning and Big data processing.

Typology of methodological approaches

Financial institutions employ various methodological approaches to quantify their exposure to operational risk. The choice of model depends on the depth of historical data[2], regulatory constraints[3], and the institution's internal objectives regarding resilience[4].

Quantitative models are divided into two main categories. On one hand, statistical methods jointly evaluate the frequency and severity of historical losses. On the other hand, forward-looking scenario analyses estimate the impact of rare but critical events, such as cyberattacks, compliance litigation, or system failures[5]. By way of illustration, the global IT outage linked to the provider CrowdStrike in July 2024 or the ransomware attack that paralyzed the American subsidiary of ICBC bank in November 2023 constitute the type of major shocks evaluated by these scenarios[6][7]. Both approaches frequently rely on modeling techniques, such as Monte Carlo simulation, to generate loss distributions and calculate capital requirements at very high confidence levels (generally set at 99.9% by regulators)[8].

The implementation of these mathematical models, however, raises several technical challenges that are particularly well-documented by supervisory authorities[9]:

  • The scarcity of historical data and reporting biases, which are especially pronounced for extreme loss events;
  • The hyper-sensitivity of capital requirements to mathematical assumptions, notably regarding the shape of the distribution tail and correlation structures between risks;
  • The complexity of aligning pure statistical results with qualitative assessments from the field (such as the RCSA framework).

To address these limitations, banking and insurance institutions no longer use these models in isolation. They now systematically integrate quantitative measures with qualitative assessments within a comprehensive, multi-level risk management framework.

Standardized Measurement Approach (SMA)

The Standardized Measurement Approach (SMA) was introduced by the Basel Committee on Banking Supervision (BCBS) in December 2017 during the finalization of the Basel III accords. This method aims to simplify the calculation of capital requirements and reduce model variability, thereby ensuring better comparability between financial institutions[10]. The SMA definitively replaces the Advanced Measurement Approach (AMA), which previously granted banks a level of flexibility that was deemed too heterogeneous. In Europe, this standard is transposed by the CRR 3 regulation, applicable from 2025[11].

The capital requirement calculation is based on two key components[12]:

  • The Business Indicator (BI): it measures the bank's size via its income (interest, commissions). A high business volume, such as that resulting from the merger between UBS and Credit Suisse finalized in 2023, mechanically leads to an increase in the base capital requirement due to the systemic size of the new entity and the increased oversight from the regulator FINMA[13].
  • The Internal Loss Multiplier (ILM): this coefficient adjusts the capital according to the actual loss history. For example, a bank that has suffered massive legal litigation will see its ILM increase, forcing it to set aside more capital to cover potential future operational shocks[11].

The objective is to eliminate model risk. By imposing predefined parameters, supervision becomes more uniform[14]. However, authorities require banks to supplement this prescriptive approach with forward-looking scenarios as part of their internal capital adequacy assessment process (ICAAP)[15].

Loss Distribution Approach (LDA)

The Loss Distribution Approach (LDA) is a statistical method used to estimate the total distribution of operational losses based on historical data. It separately models the frequency of events, often using Poisson or negative binomial distribution processes, and the severity of losses, generally fitted to heavy-tailed distributions such as Lognormal, Weibull, or Pareto laws[8][16]. Monte Carlo simulation is then used to derive aggregated loss distributions and determine the capital requirement at a 99.9% percentile[17].

This approach utilizes Extreme Value Theory (EVT) to model tail behavior, focusing on low-frequency but high-severity events. The use of mathematical copulas allows for the integration of dependency structures between different incident categories[16]. Furthermore, the Bayesian approach enables the integration of expert judgment with empirical data to compensate for the lack of historical data[18].

The implementation of LDA, however, requires a voluminous database, which constitutes a limitation for modeling rare events. A single extreme event can render statistical models obsolete. For example, the €4.9 billion loss suffered by Société Générale in 2008 (the Jérôme Kerviel affair) demonstrated the inability of history-based internal models to anticipate a loss of such magnitude, far exceeding all severity scenarios modeled up to that point[19].

These weaknesses, particularly the assumption that the past foreshadows the future, led supervisory authorities to progressively replace these internal models with the SMA standardized approach[20].

Expert-based scenarios

Since January 17, 2025, the European regulation DORA (Digital Operational Resilience Act) requires financial institutions to model scenarios of total interruption of critical services. These analyses are no longer based on past data but on plausible disruption situations. Scenario analysis based on expert judgment constitutes a qualitative approach to quantifying operational risk. Unlike strictly quantitative models such as LDA or SMA, this method is not limited solely to historical data. It relies on the knowledge of internal or external experts to evaluate the probability and potential impact of rare, emerging, or unprecedented events, such as major cyberattacks, failures of critical third-party providers, or systemic shocks[21].

The methodology relies on reverse stress testing: the expert identifies the breaking point (the scenario that would render the bank insolvent or unable to operate) and works backward to quantify the probability of occurrence[22]. These tests must cover a specific survival horizon, often set at 30 days for liquidity related to operational risks. Experts quantify these shocks via probability distributions with a confidence level aligned with Basel III requirements, namely 99.9%. This means the institution must be able to withstand an operational shock that statistically occurs only once every 1,000 years[23].

In practice, this approach is structured around workshops or individual interviews bringing together risk management professionals and business experts. Their empirical assessments are translated into probability-severity pairs, allowing for the generation of simulated loss distributions. This flexibility makes it possible to capture extreme risks that would elude purely statistical models[5]. For example, the widespread implementation of Business Continuity Plans (BCP) during the 2020 health crisis illustrated the importance of these scenarios in maintaining essential services despite the lack of comparable historical data for a modern pandemic[24].

The integration of these scenarios is a regulatory requirement within the framework of the Internal Capital Adequacy Assessment Process (ICAAP). It forms the foundation of stress tests and recovery plans. Supervisory authorities, such as the European Banking Authority (EBA) and the Bank of England, now require the rigorous quantification of these impact tolerances to ensure they align with the declared risk appetite[25].

To refine these projections, these hybrid models combine qualitative judgments with mathematical tools, frequently using Monte Carlo simulation to evaluate various business configurations or the effectiveness of security investments[26]. These analyses are employed to calibrate risk appetite, test interdependencies between failures, and assess the feasibility of continuity plans according to resilience frameworks (such as the PS6/21 policy statement in the United Kingdom)[4].

Exposure-based scenarios

Exposure-based methodologies were standardized by the ORX association, which brings together more than 115 global financial institutions, in its reference report from April 2023[27]. These approaches link losses to identified productive resources.

Unlike traditional expert-based scenarios, the Exposure, Occurrence, Impact (XOI) model decomposes risk into observable and auditable variables[28]:

  • Exposure (X): it quantifies the volume of units at risk. For example, for a fraudulent transfer risk, exposure corresponds to the total number of transactions processed annually (e.g., 10 million SWIFT transfers).
  • Occurrence (O): it expresses the probability of failure per unit. If the historical fraud rate is 0.001%, this frequency is adjusted based on the effectiveness of current anti-fraud controls.
  • Impact (I): it defines the financial loss per affected unit—for example, an average cost of €15,000 per incident, including regulatory sanctions and remediation costs.

The estimated total loss is the product of these factors: Loss = X × O × I. To capture uncertainty, institutions use Monte Carlo simulation with a minimum of 100,000 iterations[29]. This process generates a distribution curve where the 99.9% confidence point defines the economic capital required to cover an extreme "once-in-a-thousand-years" loss.

This method allows for the definition of very precise impact tolerances. For example, a bank may establish that an unavailability of its payment system exceeding 120 minutes would result in a capital loss exceeding its risk appetite, thereby triggering automatic investments in infrastructure redundancy[4].

Summary: Application Matrix

The following table summarizes how each approach is typically applied within an operational risk management framework[30]:

Application RCSA SMA LDA Expert-based Scenario Exposure-based Scenario (XOI)
Regulatory Capital (Pillar 1)
Economic Capital (ICAAP / Pillar 2)
Risk Appetite and Tolerances
Operational Resilience
Stress Testing

SMA and LDA are primarily associated with capital calculation. SMA provides the regulatory capital requirement under Pillar 1, while LDA remains widely used by large institutions for their internal capital estimates (Pillar 2) due to its statistical structure that allows for modeling the entire loss distribution[25].

Scenario analysis, for its part, is employed for forward-looking assessments, particularly ICAAP, risk appetite calibration, and supervisory stress testing. It enables the quantification of low-frequency, high-severity events that are imperfectly captured by historical data[21].

At the same time, structured scenario methods (such as the XOI approach) and exposure-based models strengthen this forward-looking dimension by linking potential losses to their operational drivers—internal processes, information systems, or dependence on third-party providers[28]. These approaches are integrated into operational resilience frameworks to evaluate tolerance thresholds and business recovery capabilities in the event of a major shock[4].

For its part, the Risk and Control Self-Assessment (RCSA) process indirectly feeds quantitative models. By identifying major exposures and vulnerabilities in control systems at all levels of the organization, the RCSA provides the qualitative input data necessary for developing scenarios, calculating internal capital, and defining risk appetite. This process maps the control environment in which statistical models are subsequently applied[31].

In practice, financial institutions never rely on a single tool but combine these different approaches in an integrated manner. This complementarity is required by supervisors to meet regulatory requirements, justify capital adequacy, and test the overall resilience of the institution against severe but plausible crisis scenarios[30].

Expansion of the scope of quantification

The evolution of operational risk quantification reflects a progressive convergence between regulatory simplification, model sophistication, and supervision that is now focused on resilience. Since the introduction of the Basel II framework, methodologies have transitioned from formulas based on volume indicators toward forward-looking approaches that integrate endogenous data and exogenous exposure vectors[32].

Driven by digital transformation, the scope of quantification now integrates advanced cybersecurity metrics. Modeling is no longer limited to compensating for financial losses but extends to measuring the institution's survival capacity. This assessment relies on standardized performance indicators such as Recovery Time Objective (RTO) and Recovery Point Objective (RPO). In Europe, the DORA regulation institutionalizes this approach by mandating threat-led penetration testing to validate these tolerance thresholds.

The urgency of these measures is highlighted by the continuous increase in the average cost of a data breach in the global financial sector, which reached $5.9 million in 2023—a 15% increase compared to 2020[33]. For example, the ransomware attack targeting the provider ION Trading in 2023 paralyzed the clearing activities of dozens of banks, illustrating the need to precisely quantify these technological interdependencies[34].

At the same time, the operational risk taxonomy has formally integrated Third-Party Risk Management (TPRM). The massive outsourcing to cloud computing service providers now generates a major systemic concentration risk. Indeed, approximately 70% of Cloud computing services in the European financial sector are concentrated among three dominant providers: AWS, Microsoft Azure, and Google Cloud[35]. To address this phenomenon, quantification increasingly relies on Graph theory to identify Single Points of Failure (SPoF) within outsourcing chains. Major incidents, such as the 2021 OVHcloud data center fire in Strasbourg, now serve as case studies for modeling data loss and estimating failover costs in the event of a critical provider's hardware failure[36].

Additionally, climate and environmental risks are the subject of intense methodological developments aimed at translating climate shocks into tangible operational losses. Physical risk involves quantifying direct damage to banking infrastructure. For example, in 2023, natural disasters generated $380 billion in global economic losses, a significant portion of which was uninsured, thereby increasing the risk of net loss for exposed financial institutions[37]. Concurrently, transition risk captures the increase in legal and non-compliance risks. This component notably includes fines and litigation related to greenwashing. The $25 million fine imposed by the SEC in 2022 on DWS, Deutsche Bank's asset management subsidiary, for misleading statements regarding its ESG criteria, marks the definitive entry of climate compliance into the quantitative calculation of operational risk[38].

Ultimately, operational risk management models are evolving from a strictly retrospective and segmented approach toward a systemic and forward-looking analysis. This new architecture is no longer limited to calculating a simple regulatory capital requirement. It allows institutions to define rigorous impact tolerances, thereby ensuring the maintenance of critical functions even in the event of an extreme but plausible shock, in accordance with the operational resilience principles issued by the Basel Committee on Banking Supervision[39].

Role of technology, data, and automation

The volume of financial data is growing exponentially. According to the research firm IDC, data generated by financial institutions recorded an average annual growth rate of 26% between 2018 and 2025[40]. This proliferation of unstructured information (Big data) is transforming the quantification of operational risk. Institutions are massively deploying machine learning algorithms. These models ingest millions of transactions per second to identify weak signals. In the area of anti-money laundering (AML), the impact is significant. The integration of deep learning has allowed some institutions to reduce false positives in the detection of suspicious transactions by up to 60%[41].

At the same time, behavioral analysis monitors the digital habits of employees. It detects anomalies in login patterns or access to sensitive data. This proactive monitoring aims to prevent massive internal fraud. Historically, the absence of these algorithmic safeguards allowed for major lapses, such as the unauthorized positions held by trader Kweku Adoboli, which cost UBS $2.3 billion in 2011[42].

Historically, collecting loss events required tedious manual processing. Today, natural language processing (NLP) automates the analysis of written or vocal communications. Algorithms extract semantics from emails, instant messages, and customer complaints. They automatically categorize incidents according to regulatory taxonomy. This technology has become indispensable given the proliferation of alternative communication channels. Between 2021 and 2023, the SEC imposed more than $200 million in fines on Wall Street banks for the unmonitored use of applications like WhatsApp by their employees[43]. The integration of NLP now makes it possible to ingest these massive flows to instantly detect transgressive vocabulary or systemic compliance failures[44].

Furthermore, Graph theory is used to model complex technological interdependencies. Operational losses rarely occur in isolation. Algorithms reveal hidden correlations between various internal and external factors. They map software supply chains to anticipate contagion effects. The 2020 cyberattack on the software company SolarWinds perfectly illustrates this hyper-connectivity risk. The malicious infiltration of a single update from this IT provider compromised the networks of thousands of companies and government agencies worldwide[45]. Network modeling helps anticipate these cascading vulnerabilities and evaluate a bank's global exposure to technology-driven systemic risk[26].

However, the integration of these technologies introduces a major vulnerability: model risk. The opacity of certain predictive algorithms poses a regulatory challenge described as the "black box" effect. A poorly calibrated model can lead to colossal financial and reputational losses. In 2012, a faulty high-frequency trading algorithm caused Knight Capital to lose $440 million in just forty-five minutes[46].

In addition, artificial intelligence algorithms can replicate discriminatory biases. In 2019, the credit-granting algorithm for the Apple Card, managed by Goldman Sachs, was investigated by New York regulators for alleged gender-based discrimination[47]. To prevent such lapses, authorities require strict explainability of automated decisions, independent model validation, and the systematic maintenance of human oversight[48]

Notes and references

  1. ^ Basel Committee on Banking Supervision (BCBS) (June 2004). "International Convergence of Capital Measurement and Capital Standards" (PDF). Bank for International Settlements. Paragraph 644, p. 137.
  2. ^ Basel Committee on Banking Supervision (June 2004). "International Convergence of Capital Measurement and Capital Standards: A Revised Framework (Basel II)" (PDF). Bank for International Settlements. p. 251.
  3. ^ European Banking Authority (November 2022). "2023 EU-wide stress test – Methodological Note" (PDF). EBA.
  4. ^ a b c d Bank of England; Prudential Regulation Authority (March 2021). "Building operational resilience: Impact tolerances for important business services (PS6/21)" (PDF). Bank of England.
  5. ^ a b Dutta, Kabir (2009). "Scenario Analysis in the Measurement of Operational Risk Capital: A Review". Journal of Operational Risk. 4 (3): 1–27. ISSN 1744-6740.
  6. ^ "Panne mondiale de Microsoft : clarifications et solutions de contournement". Solutions Numériques (in French). July 19, 2024.
  7. ^ "Industrial & Commercial Bank of China Financial Services: attaque de ransomware aux USA". AllNews (in French). November 10, 2023.
  8. ^ a b Frachot, Antoine; Moudoulaud, Georges; Roncalli, Thierry (2001). "Loss Distribution Approach for Operational Risk" (PDF). SSRN Electronic Journal.
  9. ^ Basel Committee on Banking Supervision (June 2011). "Operational Risk: Supervisory Guidelines for the Advanced Measurement Approaches" (PDF). Bank for International Settlements.
  10. ^ Basel Committee on Banking Supervision (BCBS) (December 2017). "Basel III: Finalising post-crisis reforms" (PDF). Bank for International Settlements. Section 7: Operational risk, p. 132.
  11. ^ a b European Parliament and Council of the European Union (June 19, 2024). "Regulation (EU) 2024/1623 amending Regulation (EU) No 575/2013 as regards requirements for operational risk (CRR 3)". Official Journal of the European Union.
  12. ^ Chapelle, Ariane (2019). Operational Risk Management: Best Practices in the Financial Services Industry. John Wiley & Sons. ISBN 978-1-119-54904-8.
  13. ^ La Tribune (June 12, 2023). "UBS-Credit Suisse: les risques d'une fusion géante". La Tribune (in French).
  14. ^ Gourieroux, Christian; Rochet, Jean-Claude (2018). "Model risk and the Basel regulations". Revue d'économie financière. 132 (4): 165–178.
  15. ^ EBA (2016). "Guidelines on ICAAP and ILAAP" (PDF).
  16. ^ a b McNeil, Alexander; Frey, Rüdiger; Embrechts, Paul (2015). Quantitative Risk Management: Concepts, Techniques and Tools. Princeton University Press. Chapter 10. ISBN 978-0-691-16627-8.
  17. ^ Yves Jégourel (2021). Financial Risks. La Découverte. Chapter IV: Operational Risk. ISBN 9782348064562.
  18. ^ Shevchenko, Pavel V. (2011). Modeling Operational Risk Using Bayesian Inference. Springer. ISBN 978-3-642-15922-0.
  19. ^ "L'affaire Kerviel, un traumatisme pour le contrôle des risques". Le Monde (in French). January 24, 2018.
  20. ^ Basel Committee on Banking Supervision (BCBS) (March 2016). "Standardised Measurement Approach for operational risk" (PDF). Bank for International Settlements.
  21. ^ a b Chapelle, Ariane (2019). Operational Risk Management: Best Practices in the Financial Services Industry. John Wiley & Sons. Chapter 13. ISBN 978-1-119-54904-8.
  22. ^ European Banking Authority (EBA) (March 18, 2022). "Guidelines on common procedures and methodologies for the supervisory review and evaluation process (SREP)" (PDF). Section 7.6.4: Reverse stress testing, p. 184.
  23. ^ Basel Committee on Banking Supervision (June 2004). "International Convergence of Capital Measurement and Capital Standards" (PDF). Bank for International Settlements. Paragraph 667, p. 144.
  24. ^ European Central Bank (ECB) (March 23, 2021). "ECB Annual Report on supervisory activities 2020".
  25. ^ a b EBA (March 18, 2022). "Revised Guidelines on common procedures and methodologies for SREP" (PDF).
  26. ^ a b Cruz, Marcelo G.; Peters, Gareth W.; Shevchenko, Pavel V. (2015). Fundamental Models in Financial Risk Management. John Wiley & Sons. ISBN 978-1-118-90724-5.
  27. ^ ORX (April 2023). "Exploring Risk Exposure Methodologies". ORX.
  28. ^ a b Condamin, Laurent; Naim, Patrick (2019). Operational Risk Modeling in Financial Services: The Exposure–Occurrence–Impact Method. Wiley. ISBN 978-1-119-50850-2.
  29. ^ Girling, Philippa (2013). Operational Risk Management. Wiley. ISBN 978-1-118-53245-4.
  30. ^ a b Chapelle, Ariane (2019). Operational Risk Management: Best Practices in the Financial Services Industry. John Wiley & Sons. Chapter 2: The Operational Risk Framework. ISBN 978-1-119-54904-8.
  31. ^ Chapelle, Ariane (2019). Operational Risk Management: Best Practices in the Financial Services Industry. John Wiley & Sons. Chapter 6. ISBN 978-1-119-54904-8.
  32. ^ Chapelle, Ariane (2019). Operational Risk Management: Best Practices in the Financial Services Industry. John Wiley & Sons. Chapter 1: What is Operational Risk?. ISBN 978-1-119-54904-8.
  33. ^ IBM Security (2023). "Cost of a Data Breach Report 2023".
  34. ^ European Banking Authority (EBA) (November 2019). "EBA Guidelines on ICT and security risk management (EBA/GL/2019/04)". Section 3: ICT and security risk management framework.
  35. ^ ESMA (2021). "Cloud outsourcing and the risks to financial stability" (PDF).
  36. ^ European Banking Authority (EBA) (February 2019). "EBA Guidelines on outsourcing arrangements (EBA/GL/2019/02)" (PDF). Title IV: Outsourcing process (Risk assessment).
  37. ^ Aon (2024). "2024 Climate and Catastrophe Insight".
  38. ^ Basel Committee on Banking Supervision (BCBS) (June 2022). "Principles for the effective management and supervision of climate-related financial risks" (PDF). Bank for International Settlements. Principle 8: Operational Risk, p. 8.
  39. ^ Basel Committee on Banking Supervision (BCBS) (March 2021). "Principles for Operational Resilience" (PDF). Bank for International Settlements. Principle 6: Business continuity planning and testing, p. 7.
  40. ^ Helena Schwenk (December 20, 2019). "Harnessing Data Analytics in Financial Services to Drive Customer Loyalty". International Banker.
  41. ^ Financial Action Task Force (FATF) (July 2021). "Opportunities and Challenges of New Technologies for AML/CFT" (PDF). Section 3: Artificial Intelligence.
  42. ^ The Guardian (November 20, 2012). "UBS rogue trader Kweku Adoboli jailed over 'UK's biggest fraud'". The Guardian.
  43. ^ Securities and Exchange Commission (SEC) (August 8, 2023). "SEC Charges 11 Wall Street Firms with Widespread Recordkeeping Failures". SEC Press Release.
  44. ^ European Banking Authority (EBA) (January 2020). "Report on Big Data and Advanced Analytics" (PDF). Section 3: Key pillars.
  45. ^ Kari Paul (December 15, 2020). "What you need to know about the biggest hack of the US government in years". The Guardian.
  46. ^ Securities and Exchange Commission (SEC) (October 16, 2013). "SEC Charges Knight Capital With Violations of Market Access Rule". SEC Press Release.
  47. ^ Sanya Mansoor (November 12, 2019). "A Viral Tweet Accused Apple's New Credit Card of Being 'Sexist.' Now New York State Regulators Are Investigating". Time.
  48. ^ Basel Committee on Banking Supervision (BCBS) (March 2022). "Newsletter on artificial intelligence and machine learning". Bank for International Settlements. Supervisory expectations and model risk management.

Category:Financial risk Category:Risk management

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.