Successfully reported this slideshow.

A brief overview of operational risk

1,346 views

Published on

Published in: Business
  • Be the first to comment

  • Be the first to like this

A brief overview of operational risk

  1. 1. Business SchoolMGT 307: Business & Risk Management ClassA Brief Overview of Operational RiskDiane Christina | diane.christina@apb-group.com
  2. 2. Operational RisksDefinition "The risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.“ Basel Committee of the Bank of International Settlements (2004) 2
  3. 3. Operational RisksScope Any aspect of the business process undertaken by the enterprise Internal Eksternal (Operational Failure Risks) (Operational Strategic Risks) People Political Adopted from Crouch , 1998 Process Taxation Technology Regulation Others Societal 3 Competition
  4. 4. Operational RisksThe universe of operational risks spans causes, events and consequences CAUSES EVENTS CONSEQUENCES Inadequate Legal Liability segregation of duties Internal Regulatory, Compliance Insufficient training Fraud & Taxation Penalties External Loss or Damage Lack of management Fraud to Assets EFFECTS supervision Monetary Employment Practices Losses Inadequate Restitution & Workplace Safety auditing procedures Clients, Products Inadequate security Loss of Recourse & Business Practices measures Damage to • Physical Assets Write-down • Business Disruption & System Failures • Reputation OTHER Execution, Delivery & IMPACTS Poor systems Process Management Forgone design 4 Business Interruption Income Poor HR policies
  5. 5. Operational Risks The types 5Adopted from A V Vedpuriswar , 2009
  6. 6. Operational RisksThe occurrence: from beginning to end of a business process BEFORE DURING AFTER Capacity Capability Availabilityie. People Risk Exposure ie. Models Risk Exposure ie. Delivered Risk ExposureAvailability or Capability Disclosure or Continuity of key person or 6of key people in their key Appropriateness of the other penaltiesroles parameters Adopted from Crouch , 2000
  7. 7. Operational RisksThe role and processess • Ensure operational risks identified and effectively and efficiently managed Identification • Reduce risk to predefined limits in cost- and effective manner classification • Ensure legal requirements and internally set limits are followed Assessment, Steering measurement decisions and mitigation Monitoring 7 Reporting and assurance
  8. 8. Operational RisksThe supporting elements 1. ORM Awareness 2. Risk and control self assessment 8
  9. 9. Operational RisksThe supporting elements: ORM Awareness 9
  10. 10. Operational Risks The supporting elements: RCSA Operatio Identify Assess Measure Mitigate nal Risk ProfileRisks: OR Exposure: • Control design • Compare• Process • Severity effectiveness expected losses• People • Frequency (HML) with a• System • Inherent risk • Control predefined risk• External • Residual risk operating acceptance events effectiveness limit (fully effective, • Raise an issueControl: partially and/or an• Preventive effective, not action plan• Detective effective) • Take an appropriate mitigation 10 steps
  11. 11. ERM is conceptually straightforward, its implementation is not…  You don’t become a famous writer by…  Reading a book  Reading about other authors  Watching someone else write  Similarly, you don’t become an “Enterprise Risk Manager” by…  Reading a book  Taking a course  Listening to a presentation 11Source: Midwestern Actuarial Forum Chicago
  12. 12. References• PRMIA Handbook “A Comprehensive Guide to Current Theory and Best Practices” Volume III: Risk Management Practices, 2004• Risk Management, Crouhy, Galai, Mark, McGraw-Hill, 2000• Canadian Institute of Actuaries, 2006• Operational Risk Management, A V Vedpuriswar, 2009• The Institute of Risk Management 12

×