Strategic Shareholder Climate and Risk Financial Financial Barclays PLC 366 report information sustainability report Governance review review statements Annual Report 2022 Risk performance - Operational risk Operational risk All disclosures in this section are unaudited unless otherwise stated. Overview Key metrics Summary of performance in the Operational risks are inherent in the period a Group’s business activities and it is not During 2022, total operational risk losses 84% cost effective or possible to attempt to remained stable at £159m (2021: £163m) eliminate all operational risks. The of the Group’s net reportable operational while the number of recorded events for Operational Risk Framework is therefore risk events had a loss value of £50,000 or 2022 (2,965) increased from the level for focused on identifying operational risks, less 2021 (2,724). The total operational risk assessing them and managing them within losses for the year were mainly driven by the Group’s approved risk appetite. events falling within the Execution, Delivery 86% The Operational Risk principal risk & Process Management and External comprises the following risks: Change Fraud BASEL Event Type categories, which of events by number are due to External Delivery Management Risk; Data tend to be high volume but low impact Fraud Management Risk; Financial Reporting events. Risk; Fraud Risk; Information Security Risk; Operational risk profile Operational Recovery Planning Risk; 46% Within operational risk, there are a large Payments Process Risk; People Risk; of losses are from events aligned to number of smaller value risk events. In Physical Security Risk; Premises Risk; Risk External Fraud 2022, 84% (2021: 84%) of the Group’s Reporting; Supplier Risk; Tax Risk; reportable operational risk events by Technology Risk and Transaction volume had a value of less than £50,000 Operations Risk. The operational risk 53% each. Cumulatively, events under this profile is also informed by a number of £50,000 threshold accounted for only 31% of losses are from events aligned to connected risks: Cyber, Data, and (2021: 28%) of the Group’s total net Execution, Delivery and Process Resilience. These represent threats to the operational risk losses. A small proportion Management Group that extend across multiple risk of operational risk events have a material types, and therefore require an integrated impact on the financial results of the risk management approach. Group. For definitions of these risks refer to the Operational Risk section of the Barclays PLC Pillar 3 Report 2022. To provide complete coverage of the potential adverse impacts on the Group arising from operational risk, the operational risk taxonomy extends beyond the risks listed above to cover operational risks associated with other principal risks too. This section provides an analysis of the Group’s operational risk profile, including events above the Group’s reportable threshold, which have had a financial impact in 2022. The Group’s operational risk profile is informed by bottom-up risk assessments undertaken by each business unit and top-down qualitative review for each risk type. Fraud, Transaction Operations, Information Security and Technology continue to be highlighted as key operational risk exposures. For information on conduct risk events, see the conduct risk section.