“Operational risk management of using electronic and mobile money”

The extensive use of electronic and mobile money causes additional risks, which complicates the work of electronic money issuers (EMIs) and the functioning of payment systems. The paper aims to investigate operational risk management in the process of using electronic and mobile money. A classification of operational risk types was carried out and the forms of their manifestation in payment systems using electronic and mobile money were characterized. The list of key risk indicators has been compiled to assess the operational risk factors of payment systems using mobile and electronic money; a classification of costs (losses) as a result of the implementation of operational risk events is proposed, dividing them into direct and indirect. Based on the statistics of the International Monetary Fund and the National Bank of Ukraine, the use of electronic and mobile money in certain countries of the world is analyzed. The results on the intensity of electronic money use are presented, and the value of the electronic money multiplier in Ukraine is calculated. To improve operational sustainability of EMIs, a general scheme for organizing the operational risk management process in payment systems using electronic and mobile money is presented. Particular attention is paid to the regulatory and supervisory measures aimed at supporting the operational sustainability of EMIs and payment systems under their control. The issues discussed in this paper are relevant for the debate directed at the implementation of balanced approaches to operational risk management in the process of using electronic and mobile money in developing and emerging economies.


INTRODUCTION
Recently, due to the spread of remote work, e-commerce, receiving social benefits and social assistance in connection with the COVID-19 pandemic, forced migration, electronic and mobile money are increasingly being used.The main advantages of using such money are high speed and low cost of money transfer, convenience, accessibility, personalization and anonymity.
Non-banking financial and non-financial organizations are increasingly entering the payment services market; various forms of external influence are intensifying, from natural disasters to cybercrime.All this contributes to an increase in the level of EMI riskiness and the functioning of payment systems.
The main sources of operational risk in payment systems using electronic or mobile money are information and communication technologies, hardware, software, communication networks and related human activities, which require a significant increase in the level of protection and necessitate the use of appropriate risk management methods and tools.Some experience has already been gained in managing operational risk arising in payment systems using electronic or mobile money.However, there is some uncertainty regarding the identification of operational risk by type, the use of methods and indicators to assess the impact of operational risk on the activities of issuers and users of electronic payment instruments.In addition, the lack of unified internationally agreed approaches to the regulation and supervision of the activities of non-banking EMIs and related payment systems hinders the process of improving operational risk management.

LITERATURE REVIEW
Key concepts and recommendations for all stakeholders on the digital security risk are covered in the OECD Recommendation and Companion Document (OECD, 2015).Operational risk management in payment systems based on the use of electronic and mobile money is most often studied in the scientific literature in the context of the overall risk management of a company or payment system.In EU countries, the issuance of electronic money is regulated by Directive 2009/110/EC (ЕС, 2009).Authorities issuing licenses to electronic money issuers should be guided by this document.A general requirement for the risk management system is the need to ensure its effective integration into a single mechanism for managing a company as a whole (COSO, 2017).The issues of the economic nature, causes and forms of operational risk associated with the use of electronic and mobile money have been studied in detail by Onyiriuba (2016), Wonglimpiyarat (2016).Mobile money opens new opportunities for financially excluded adult (Demirgüç-Kunt et al., 2017).Suri (2017) described the future of mobile money in developing economies.Ahmad et al. (2020) notes the distinction between m-money and m-banking.There are different approaches to identifying the types and forms of manifestation of operational risk.So, Iivarinen et al. (2003) consider information, technological, administrative and criminal risks to be the main types of operational risk inherent in payment systems.Greenacre and Buckley (2015) list provider failure, EMI illiquidity, and fraud as types of operational risk.Dobler et al. (2021) distinguish five types of operational risk, namely, internal and external fraud, cyber risk, agency risk, business and investment risk, including the failure of a bank that serves an EMI.Gutierrez and Jeffrey (2006) distinguish information risk among the types of operational risk and determine the conditions for ensuring a company's information security.Chernobai et al. (2021) point to the dependence of the level of operational risk on the complexity of a company's business model.The influence of operational risk on other types of risks inherent in payment systems, in particular liquidity risk, is being actively studied (Merrouche & Schanz, 2010).Varga et al. (2021) draw attention to potential of reputational risk and loss.
At the same time, it should be noted that most researchers in the process of assessing the risks of EMIs' activities, in particular operational ones, are guided by the approaches developed by international organizations (Clark & Ebrahim, 2022).For example, the Basel Committee on Banking Supervision identifies seven types of operational risk in relation to banking activities (BCBS, 2011).The Bank for International Settlements has proposed new principles for the operational sustainability of banks, taking into account the rapid pace of information technology development and the COVID-19 pandemic (BIS, 2020).The OECD Digital Economy Outlook 2020 reviews trends in digital security risk and digital security policies (OECD, 2020a).
A separate area of research is the management of privacy risk in digital payment systems that may result from cyber-attacks or other types of external interference (Netscout, 2021) use the scenario analysis method.Barakat et al. (2014) propose to carry out such an assessment taking into account the level of information asymmetry.The socio-economic aspect of operational risk management, related to its impact on the level of financial inclusion, deserves attention (Naumenkova, 2015;Lashitew et al., 2019).
A separate line of research is the identification of sources and forms of compensation for losses in the event of operational risk realization.According to Aron (2018) the channels through which mobile money can affect the economy are many and not well-understood.Along with proposals for risk insurance and the creation of special innovation funds (Mishchenko et al., 2021), there are various proposals related to profit compensation (Del Gaudio et al., 2021) and the formation of EMI capital buffers.
The vast majority of authors quite rightly believe that operational risk management in EMI activities should be based on the general recommendations of national regulators for managing the risks of the functioning of payment systems (Kellogg, 2003;Ng et al., 2021).To prevent risks, almost all EMIs set limits on the amount of transactions.Microloans are provided depending on the amount of turnover of funds in a user's electronic account (IMF, 2021).
Given the importance of EMIs and the payment systems they use, there is a growing need for unified regulation and supervision of EMIs (BIS, 2012; OECD, 2020b; Ehrentraud et al., 2021).Katusiime (2021) emphasize the need to develop clear rules and procedures in order to reduce losses of electronic and mobile money users.It should be noted that international financial organizations and regulators are stepping up work on developing prin-ciples and improving the methodology for regulating and supervising the circulation and use of electronic and mobile money.Thus, the methodological approaches of the Bank for International Settlements (BIS, 2012) to organizing the supervision of electronic money as a payment system (the PFMI Principles) and the PISA rules, a system for the supervision of the use of electronic payment instruments developed by the European Central Bank (ECB, 2021), should not be overlooked.

AIMS AND METHODS
The paper aims to study operational risk management in the process of using electronic and mobile money.The study is based on the generalization of the results of using electronic and mobile money in certain countries of the world based on IMF data on the volume and structure of payments for 2015-2021.To calculate the value of the electronic money multiplier, the NBU data on the operations of Ukrainian banks with electronic money in 2014-2021 were used.
The study of operational risk management processes in the use of electronic and mobile money is based on the principles of effective operational risk management developed by the Basel Committee on Banking Supervision (BCBS, 2011); financial market infrastructure principles (BIS, 2012); COSO ERM 2017 Standards (COSO, 2017); Bank for International Settlements Operational Sustainability Principles (BIS, 2020); ECB Guidelines for Eurosystem Supervision of Electronic Payment Instruments, Schemes and Mechanisms (ECB, 2021).
According to Directive 2009/110/EC (EC, 2009), electronic money was considered to be a monetary value stored on a special electronic device, accepted as a means of payment by persons other than the issuer, and which is a claim on its issuer, while mobile money was considered as a form of electronic money, a feature of which is the service of payments using mobile phones or the Internet.At the same time, it was taken into account that, according to the PISA rules (ECB, 2021), electronic and mobile money are types of electronic payment instruments that allow the transfer of value or the fulfillment of payment obligations between users.Also, the key difference in the use of electronic and mobile money associated with the legal status and forms of EMIs, in particular, with the peculiarities of regulation and supervision of their activities, is considered.

RESULTS AND DISCUSSION
The use of digital and mobile money as electronic payment instruments remains at a high level and continues to spread, covering new financial services markets.India, Indonesia, Italy, and Japan have become leaders in the use of electronic money.The largest number of payments using electronic money per inhabitant is observed in Japan and Indonesia, and the average value is in Italy, the USA, Japan, Singapore, and Switzerland.At the same time, the share of e-money payments in value of card and electronic payments in these countries in 2020 ranges from 11.77% in Japan to 28.41% in Indonesia.However, in many of the most economically developed countries such as France, Germany, the Netherlands and Spain electronic money is not widely used, and its share in the value of card and e-money payments varies between 0.02 and 0.35% (Table 1).
Compared to the use of e-money, the scope of mobile money is much wider and covers the vast majority of African countries and a significant number of countries in Asia and Latin America.Thus, in African countries, the number of registered mobile money accounts in 2020 amounted to more than USD 500 million, and the total amount of transactions made was USD 495 billion, which is equal to approximately 18-19% of the GDP of all countries of the continent (Coulibaly, 2021).
Mobile money is most widely used in East African countries such as Kenya, Mozambique, Rwanda, Uganda, Zambia, and Zimbabwe (Table 2).
Table 1.Relative importance of e-money payments in selected countries of the world in 2015 and 2020 (in value of card and e-money payments, %) Source: Calculated based on BIS Statistics (2020).An analysis of the use of mobile money shows their high popularity among low-income citizens who do not have a bank account or other access to the financial system.Today, EMIs, in cooperation with official financial institutions, telephone and trading companies, are expanding their activities and, in addition to payment services, can provide users with a wider range of financial services such as lending, savings, insurance, etc.The use of mobile money is also increasing due to the COVID-19 pandemic, the spread of remote work, online trading, receiving social benefits, social assistance, etc.Thus, during 2015-2021, balances on the wallets of mobile money users grew at an extremely high rate in Zimbabwe, Zambia, Guinea, Cameroon and Myanmar (Table 3).

By card with a credit
The activity of an EMI, as a payment system organizer, involves the issuance of electronic or mobile money and their storage on transaction accounts, making payments between electronic wallets through a telecommunications network using a mobile phone or the Internet, manag-ing user funds, as well as managing an agent network.
One of the most well-known mobile money systems is the Kenyan payment system M-Pesa, created by the mobile operator Safaricom in 2007.Today, this system has more than 6.5 million users, making several million transactions daily, which provides the operator with about 13% of the profit.
Based on the M-Pesa system, similar payment systems have been created in South Africa, Lesotho, Mozambique, Tanzania, Afghanistan and many oth-  Since operational risk has a complex form of manifestation and is inherent in all aspects of EMI activities, segregation procedures are carried out to prevent the spread of EMI risks, that is, the separation of user funds from EMI assets in order to protect them in the event of an issuer's bankruptcy and to satisfy creditors' claims.
In most countries, segregation is carried out based on the introduction of the following measures: • creation of trusts for trust management (Afghanistan, Bangladesh, Kenya, Lesotho, Liberia, Malawi, Myanmar, Namibia, Rwanda, Tanzania, Zambia); • conclusion of fiduciary agreements (Latin American countries); • use of escrow accounts (India); • introduction of legal restrictions: electronic and mobile money of users are legally separated from EMI assets (Brazil, Chad, the Philippines).
In addition, to prevent risks, almost all EMIs set limits on the number of transactions.For example, the M-Pesa system sets absolute limits on one-time and daily fund transfers.A one-time transfer can be made up to 70,000 shillings (approximately 700 USD), and the one-day amount must not exceed 140,000 shillings.In South Africa, the amount of the money transfer depends on the account class established by an EMI (for a standard class account, no more than 5 thousand rands, and for a premium class, no more than 25 thousand rands).
Microloans in both systems are provided depending on the amount of turnover of funds in a user's electronic account (IMF, 2021).
In Ukraine, electronic money has been used since 2005, and its issuers are exclusively banks.In 2014-2021, the volume of issued electronic money increased by 3.0 times, the number of electronic wallets decreased by 31.8%, and the volume of transactions increased by 7.1 times.It should also be noted that the intensity of using electronic money was the highest in 2020 and 2021, when their multiplier equaled 321.7 and 272.5, respectively (Figure 1).
However, the use of electronic money in Ukraine has not received the expected distribution due to legislative restrictions on the maximum amount of funds that can be stored on electronic devices and the maximum amount of payments, as well as due to the introduction of mandatory identifi- cation of e-wallet users, as a result of which the share of electronic money payments in the total volume of payment transactions in 2021 was only 0.38%.Given the high level of restrictions on using electronic money in Ukraine, the main sources of operational risk in payment systems can be information and communication systems and external interference.
The results of the analysis indicate that the use of electronic money in Ukraine remains relevant and may receive new development.Given the situation in the Ukrainian energy sector, the risks and threats caused by full-scale war, there is a need to analyze the readiness of Ukraine to generate sustainable and reliable energy for digital development (Naumenkova et al., 2022).
Summarizing the above, the operational risk of payment systems using electronic or mobile money can be defined as the possibility of loss or other losses due to deficiencies in the functioning of information and technological systems, communication channels, EMI internal processes and policies, errors of personnel, users or agents, the actions of intruders, or as a result of the external factors.
It should be noted that the operational risk management system is a set of methods for analyzing and neutralizing risk factors, combined into a sin-gle mechanism for assessing, monitoring and corrective actions to maintain the operational sustainability of EMIs.
Therefore, the operational risk management process is subordinated to the solution of an important task such as ensuring the operational stability of EMIs, which allows us to consider it as a component of a company's management as a whole and increase its stability.
With this in mind, the operational risk management process should be primarily aimed at maintaining the operational sustainability of EMIs and preventing the occurrence of critical risks (Appendix A).
This process consists of the following steps: • risk diagnostics, including qualitative analysis (identification, categorization and prioritization) and quantitative analysis of operational risks; • risk management assessment: determination of key risk indicators (KRIs) and development of risk response measures; • risk monitoring: formation of relevant departments, analysis of response measures and adjustment of the risk management program.Let us consider in more detail the main stages of the EMI operational risk management process.
First of all, it is necessary to correctly determine the operational risk in payment systems using electronic and mobile money.Given the recommendations and guidelines of the IMF, BIS, BCBS, ECB, EBA and the central banks of individual countries, five types of operational risk can be distinguished, the most relevant today for payment systems operating based on the use of electronic and mobile money (Тable 4).
Each of the identified types of operational risk has its own factors of occurrence and forms of manifestation, which expose the EMI payment system to financial and other types of losses.Table 4 describes in detail the features and forms of manifestation of certain types of operational risk in electronic and mobile money payment systems.
Therefore, the key elements of identifying the risk of using electronic and mobile money should be the identification, registration and description of risk events, followed by an assessment of the • distortion or disclosure of information assets, termination of operation or damage to information systems and communication networks; • destruction, theft or disclosure of confidential information, seizure of funds or information assets, extortion and other forms of illegal influence; • intentional actions of EMI employees or third parties using information technologies aimed at information systems, software, communication networks and information assets in order to violate protection systems and create threats to information security; • natural disasters, man-made disasters, military conflicts, terrorism, accidents, vandalism

Information risk
Preventing the operation of information systems.

Leakage of information and its use contrary to the interests of EMI and users
• Violations in the operation of software, hardware, communication systems and infrastructure; • loss of physical media containing confidential information; • errors of specialists when working with IT systems; • unauthorized access to information systems using malicious software that violates the integrity, availability and confidentiality of information

Risk of errors in management processes
Violation of management processes, untimely or poor-quality performance of management functions and provision of services • -Lack of provisions, procedures, management structures; • -low level of management organization, lack of interaction of individual departments; • -shortcomings in the system of control and monitoring of operational risk events; • -irregular reconciliation of balance sheet, accounting, reporting, errors in accounting and reporting

Risk of user errors
Violation of disclosure requirements, embezzlement, fraud • Errors in user identification, in the use of technical means, in data entry and storage; • violation of the regulations or false interpretation of the terms of transactions; • legalization (laundering) of proceeds from crime; • exceeding the established limits on transactions; unauthorized access to electronic wallets; • loss (theft) of funds

Risk of errors in managing the network of agents
Violation of fiduciary obligations.Reducing the number of clients.

Conflicts with users
• Unintentional errors, intentional actions or omissions of ЕМІ agents and other related persons; • failure to comply with the user identification requirements, violation of the disclosure conditions or improper use of confidential information, failure to provide or provision of incomplete information to users; • unlawful collection of commissions, violation of the requirements of the instructions, fiduciary obligations; • erroneous interpretation of the terms of operations; • claims of users; • non-fulfillment of reporting obligations, errors in reporting http://dx.doi.org/10.21511/bbs.17(3).2022.12amount of losses (damages) and determining the potential impact on other types of risks (Figure 2).
To prioritize risks, information about operational risk events and their impact on business results, accumulated in the EMI database, allows you to determine the probability of realization and the potential level of losses.Usually, more complex types of risks are less likely to materialize, but the losses from them can be very large.And, on the contrary, simpler types of risk have a higher probability of realization, although they are characterized by a lower level of losses (Table 5).Note: Rating scale.Risk realization probability: low -1; medium -3; high -5.Potential risk of loss: low -1; medium -3, high -5.
An important step in diagnosing the priority of operational risks of payment systems using electronic and mobile money is to ensure the continuity of transfers and payments, to prevent the occurrence of critical risks and to ensure the operational sustainability of the payment system using electronic payment instruments.
With this in mind, special attention should be paid to the following indicators: • recovery point objective (RPO), the maximum time during which the system can lose its critical functions; and • recovery time objective (RTO), the time required to restore information systems and processes after a shutdown to normal operation conditions.
Quantitative risk analysis is a cost assessment of the consequences of their implementation and potential impact on all participants in the payment system.Quantitative analysis is carried out after qualitative analysis (identification, prioritization and categorization).Quantitative risk analysis allows you to more accurately determine the list of risk response measures, including the use of appropriate tools to protect against possible losses if risks materialize.
Summarizing EMI operation experience made it possible to identify and group the main types of for monitoring and investigating the event potential losses, shortfalls in planned income or the occurrence of other things as a result of implementing operational risk events (Table 6).

Indirect losses (not represented in accounting)
• Decrease in the value of a company's assets; • early write-off of tangible, intangible and financial assets; • loss of user funds; • cash payments to customers and counterparties in order to compensate for losses caused through the fault of third parties; • cash payments to employees as compensation for losses caused to them by the company, out of court; • losses from erroneous payments; • expenses related to court decisions; • fines imposed by executive authorities; • costs to restore activities or eliminate the consequences of a risky event; • financial losses due to unfavorable transactions for the company • Decrease in the market value of a company; • lost income due to suspension of activities or non-execution of transactions due to a risk event; • shortfall in income as a result of non-fulfillment of obligations or execution of unprofitable agreements; • lost income as a result of reduced quality of services; • lost income due to leakage, loss or distortion of information; • fines of state and judicial bodies; • resolutions, acts of state bodies not related to the payment of fines; • temporary unavailability of user funds; • loss of customers To ensure the emergence of critical EMI risks, it is important to substantiate the system of key risk indicators (KRI), which characterize the change in the level of operational risk and can be used for early detection and quantitative assessment of the negative impact of risk factors.It is worth noting that such a list of KRIs should be determined by each company independently, depending on the working conditions and accumulated experience in risk management.
This study proposes a list of KRIs for assessing the operational risk factors of payment systems using mobile and electronic money: 1) the ratio of the number of failures in the execution of transactions to the total number of transactions performed during a certain period of time, %; 2) the share of transactions made over a certain period of time with signs of internal and external fraud in the total number of transactions for the same period, %; 3) the share of transactions made during a certain period of time in violation of the established limits in the total number of transactions for the same period, %; 4) duration of termination (restriction) of the system due to technical or technological violations, minutes; 5) duration of system recovery after the termination of activities in the case of a risk event, minutes; 6) interval between two consecutive events that led to the termination (limitation) of the functioning of the payment system, characterizing the continuity of its work; 7) the number of cases of unauthorized access to users' electronic wallets for a certain period of time; 8) amount of fines paid and compensation for losses as a percentage of operating income, %; 9) frequency of change (turnover) of ЕМІ agents and mediators during a certain period of time, %.
The level of operational risk management depends on the availability of tools for identifying, measuring, monitoring and controlling risk, the methodology for calculating actual and potential losses, as well as the procedure for monitoring the functioning of the EMI-controlled payment system.
Based on the analysis of the experience of managing payment systems, a scheme for organizing the operational risk management process for systems using electronic and mobile money can be proposed (see Figure 3).
To increase the level of operational risk management in a payment system using electronic or mobile money, a system of measures (Table 7) is proposed.The procedure for investigating significant operational risk events: • criteria for classifying events as significant; • the procedure for creating a working group to investigate events and organize its activities; • the procedure for escalating the results, approving measures to minimize the consequences of the event and prevent it in the future Along with the methods used by EMIs to assess and manage operational risk, the formation of a general regulatory and prudential landscape of their activities is important, since most of these companies are not subject to the prudential requirements of payment market regulators.As noted above, this issue becomes especially relevant due to the fact that large payment systems created by EMIs, due to significant volumes of transactions and a large number of participants, can be of systemic importance and significantly affect the stability of the entire financial system of a country.

Management
In this regard, the introduction by the payment market regulators of effective regimes for regulating and supervising the activities of EMIs in order to ensure their stable functioning on the market and strengthening mechanisms for protecting users' funds becomes an urgent practical task.Such regulation regimes can be considered as indirect methods of maintaining the operational sustainability of EMIs.Studying the experience of individual countries regarding the regulation and supervision of EMI activities allows generalizing the prudential approaches of money and payment market regulators aimed at reducing risks and supporting the stable functioning of payment systems using electronic and mobile money in such areas (Figure 4).
It is important to note that the high growth rates of mobile money use, the increase in the number of users, and the presence of a wide network of agents can expose EMIs to additional risks and contribute to an increase in the level of operational risk.With the increasing use of mobile money, e-wallet holders can use a variety of online services with different levels of protection, and therefore Table 7. Measures to prevent and limit the impact of operational risk factors to maintain proper operational sustainability of EMIs

Characteristics of measures
Compliance with information security and operational reliability requirements • implementation of information security standards; • periodic assessment of the security of software, services and apps; • periodic review of internal regulations, provisions and instructions for information security; • use of automated means of responding to signs of cyber-attacks; • prevention of unauthorized access; • differentiation of access to systems and data; • copying and archiving of data and information resources; • tightening of technological requirements for the transfer of funds and payments; • improvement of systems and technologies to protect software and hardware systems and information

Ensuring business continuity
• periodic software updates; • reservation of software and technical resources; • creation of reserve computing capacities; • regular testing of information systems and hardware and software systems

Strengthening monitoring and control of operational risk
• use of reliable user identification methods; • improvement of methods for identifying and preventing operational risk; • strengthening control over compliance with established rules and procedures; • monitoring and timely response to cyber-attacks; • regular stress testing of operational risk events based on the scenario analysis method Organizational and management measures to minimize the effects of operational risk • organization of a monitoring and control system for potential vulnerabilities; • improvement of the rules and procedures of activity and organizational and management structure; • timely provision of relevant information to users; • insurance in case of operational risk implementation; • creation of reserves to eliminate the consequences of operational risk implementation  Prudential measures support the operational sustainability of and payment using electronic mobile money raising the level of risk can happen automatically, regardless of users or EMIs.Under such conditions, risks can become systemic and pose a threat to the entire financial system of a country.
The formation of a common regulatory and prudential landscape of EMIs should be based on a system of regulatory and prudential measures aimed at supporting the operational sustainability of EMIs and payment systems controlled by them.
The proposed measures will help ensure the stable functioning of EMIs, taking into account the interests of the state and users of electronic and mobile money.

CONCLUSION
This paper discusses the operational risk management in the process of using electronic and mobile money.The calculations obtained indicate an increase in the intensity of the use of electronic money in developing countries and Ukraine.Disclosing the content of operational risk and the forms of its manifestation in payment systems using electronic or mobile money, it is emphasized that operational risk management should be subordinated to the solution of the main task such ensuring the operational sustainability of EMIs.In the absence of unified approaches to managing operational risk of electronic money issuers, developing countries try to independently develop guidelines and recommendations, most often based on segregation measures and restrictions on the volume of transactions.
To maintain an appropriate level of operational risk management and protect against the occurrence of critical of electronic money issuers risks, a list of key risk indicators has been compiled to assess the operational risk factors of payment systems using mobile and electronic money.Based on the results of the study, a classification of costs (losses) as a result of the implementation of operational risk events is proposed, dividing them into direct (reflected in accounting) and indirect (not reflected in accounting).The paper presents a general scheme for managing operational risk of a payment system using electronic payment instruments in order to strengthen control over the occurrence of critical risks and maintain the operational sustainability of an EMI at an appropriate level.The scheme allows for logical and consistent work to organize and maintain the operational sustainability of an electronic money issuer in countries with fragile economies.
2019; Li & Liu, 2021).OECD report "The Role of Public Policy and Regulation in Encouraging Clarity in Cyber Insurance Coverage" examines the differences in the coverage of cyber losses and what types of losses are covered (OECD, 2020b).Akanfe et al. (2020) developed a methodology for calculating the privacy risk index and substantiated methods for ensuring privacy, which include the need to develop a company's privacy policy and comply with regulatory requirements.Gonzalez (2014) explored the issue of online risk management by strengthening organizational and technical support for the security of mobile devices and social networks.Haberly et al. (2019) assessed the impact of digital platforms on risk management.Del Gaudio et al. (2021) described the role of new ICTs in reducing operational risk and improving EMI stability.Rubio et al. (2021) investigated the features of operational risk monitoring.Akanfe et al. (2020) focus on improving methods for measuring, quantifying and qualitatively assessing operational risk.To estimate the real losses from operational risk, Bonet et al. ( er countries.In addition to M-Pesa, mobile money systems such as MTN Money in Uganda, Orange Money in Côte d'Ivoire, MoMo in South Africa and others are widely known.Therefore, in 2022, under the auspices of the Bank of Tanzania and with the participation of three banks and two mobile money platform operators, a new Tanzania Instant Payment System (TIPS) was created, combining the Tanzanian mobile payment market into a single system.

Source:
Elaborated by the authors based on NBU data (2021).

Figure 1 .
Figure 1.Issue and circulation of electronic money in Ukraine in 2014-2021

Figure 2 .
Figure 2. Scheme for organizing the identification and documentation of events that have resulted in operational risk

Figure 3 .
Figure 3. Scheme for organizing the operational risk management process in payment systems using electronic and mobile money

Figure 4 .
Figure 4.A system of regulatory and prudential measures aimed at supporting the operational sustainability of EMIs and payment systems under their control

Table 2 .
Number of mobile money transactions per 1,000 adult citizens in selected countries of the world in 2015-2021, units Source: Compiled by the authors based on IMF data (2021).

Table 4 .
Characteristics of operational risk manifestation forms in electronic and mobile money payment systems

Table 5 .
Estimation of realization probability, potential loss levels and risk exposure as a result of the impact of certain types of EMI activities' operational risk