SlideShare a Scribd company logo

The Scientific Approach to Mitigating Operational Risk

N
Nicolle Nelson

The document discusses the scientific approach to mitigating operational risk for mortgage lenders. It recommends taking a thorough inventory of current policies and procedures, identifying areas of highest risk, and creating an operational risk management plan. Key steps include conducting periodic risk audits, prioritizing processes based on efficiency and risk level, ensuring good quality data, and potentially outsourcing some risk management functions to lower costs and leverage outside expertise. Controlling operational risk requires examining all aspects of a business to safely manage risk given today's regulatory environment.

1 of 2
Download to read offline
September 2014 For Mortgage Lenders, Brokers, Correspondents and Wholesalers The Scientific Approach to Mitigating Operational Risk By Nicolle Nelson I n the years since the housing crisis, the phrase “operational risk” grew into a primary concern of every mortgage executive. Even by its tone, operational risk sounds ominous, but it’s an issue that’s omnipresent, given the ever-increasing number of regulations, investor requirements and agency guidelines that both mortgage servicers and lenders face. When it comes to mitigating operational risk, however, we need science, not science fiction. Regulators, investors, agencies and the other partners that mortgage companies work with need to see policies, audits and enforcement. The precise rules and duties may differ depending on who a firm works with, and vary across the myriad roles within an organization. No one is excused from these responsibilities, and mitigating operational risk requires a plan. Devising that plan — and the training and oversight necessary to implement it — requires lenders and servicers to conduct a scientific investigation into the policies, procedures and controls they already have in place. Mitigating operational risk is certainly complex, but it doesn’t need to be complicated. Whether a mortgage company is focused on meeting regulatory and investor requirements, reducing repurchase requests, avoiding fines or simply ensuring loans don’t default, adhering to a few fundamental steps can help mitigate operational risk. First, take stock of the current situation. What is holding the business together? Is risk currently being managed upfront, or is it an afterthought? To properly answer this question, lenders and servicers must take a good, hard look at their current processes. Because the mortgage chain is incredibly multifaceted, it helps to create a flowchart of what an individual business looks like. Whatever works, as long as the image of the business is detailed and thorough. For this reason, many firms today conduct periodic operational risk audits. The idea behind a risk audit is to match a company’s business goals with its current policies and procedures to ensure they are aligned. With the help of a qualified auditor, the risk audit will identify gaps and provide a clear picture of how to move forward. Lenders that conduct these audits periodically will have a clear understanding whether their operations are getting better or worse over time, and why. “At New Penn, we are very focused during our audit process on root cause analysis,” said Kevin Harrigan, senior vice president, chief risk officer at New Penn Financial. “Often times, internal audit functions become too focused on the reporting of loan-level events, and lose focus on the systemic underlying causes of those events.” Next, prioritize areas of risk. Once everything is mapped and all the details of the company are laid out, identify each separate process and rank them in terms of efficiency level, quality of data and potential for risk. To make sure every possible deficiency or weakness is identified, ask team members for help and request that they make their own list of all the operational risks they are aware of, especially if it has not been identified in any previous audits. It’s extremely important to keep past audits handy and talk to staff members who have reviewed them. For example, AnnieMacHomeMortgagemakessureallrelevantemployees Nicolle Nelson
are aware of the company’s past audits, including executive and senior managers and staff, said Matthew Buckley, the company’s executive vice president of compliance. “Companies should not put their audit findings on a shelf to collect dust,” he said. “They need to publish them to their staff, use the data to train and teach staff, make them better. Many staff members welcome this critical feedback because I do not believe that staff members approach their jobs with an attitude of indifference to quality.” The next step is to study existing policies. Collect all of the guidelines and processes and figure out if any are absent, superfluous, or too old to be useful, as well as any training procedures that accompany those policies. Be sure to consider things both individually at each stage of the loan process, as well as collectively as a whole. Keep an eye out for isolated processes for which there are no policies or training that may have escaped earlier notice. A major error some mortgage companies discover in this stage involves record keeping. To maintain compliance, it’s not enough to simply keep a record — it’s how the records are kept. For years, some lenders have relied on notes, not on actual data. But there’s a big difference between the two, said Rebecca Walzak, of rjbWalzak Consulting. “Because it’s in notes form, you can’t analyze it,” she said. “How do you improve a process if it’s not in data format?” Maintaining quality data is critical, agrees AnnieMac’s Buckley. “Having good data is the key. If your data is not good, you are blind. It’s the equivalent of trying to sail with a broken compass: you won’t know where you are and you won’t know how to get to where you need to be.” Oncethisisdone,draftanoperationalriskmanagementplan. Once a lender has a strong understanding of its risk policies and procedures, including any weak spots, the company can create and put in place an operational risk management plan designed to protect the business going forward. New Penn has integrated a combination of checkpoints into its loan manufacturing process, said Harrigan. “They include prefunding quality assurance findings, post-closing quality control results, investor audits and scorecards, and borrower complaint monitoring just to name a few,” he said. “Feedback received through these various channels is then aggregated and reviewed to determine if there are isolated training issues or a systematic fix is required.” It’s also critical at this stage for mortgage companies to form a risk management team, if one is not already in place. “The team should be made up of a group of people who really have the knowledge and depth of process,” said Walzak. “They need to be the ones looking at how each of these risks is embedded in the process. There are people out there who are now called operational risk people, but still, they are pretty isolated.” Finally, fill in the missing links. Speed bumps in this process are clear indicators that something is missing. It turns out many mortgage firms — even very large organizations, and most small ones — cannot mitigate operational risk on their own without incurring significant time and expense. The good news is that there’s a ton of help available. Some mortgage companies turn to outsourcers and other third-party support vendors that can take a good deal of the risk management processes off their shoulders. This may feel like a significant step that lenders and servicers, particularly regional-sized firms, may not be ready for, particularly from a cost perspective. But the key is finding an outsourcer with experience helping lenders of various sizes. And risk management outsourcing can take place on a per-unit pricing level, which makes it a manageable cost regardless of a company’s size. “When running a compliance department, you must be mindful of how your dollars are spent,” said AnnieMac’s Buckley. “Finding third-party support is critical in this effort. It is not cost effective to maintain certain functions in-house, while other functions should not be outsourced. Maintaining that balance is important.” Also keep in mind that a qualified risk partner can also help mortgage firms lower costs by taking on the burden off of meeting regulatory requirements. Such partners also have a large knowledge base of systems, policies, procedures and risk management used by other institutions that they can leverage strategies to benefit any lender. Controlling operational risk requires an examination of an organizationfromallstagesofitsbusiness.Whetherthisfunction is done in-house or with the help of an outsourcing partner, safely managing risk is mandatory in today’s environment. NicolleNelsonisavicepresidentatbusinessprocessmanagement firm SLK Global. ©2014 SourceMedia Inc. and Origination News. All rights reserved. SourceMedia, One State Street Plaza, New York, N.Y. 10004 (800) 367-3989

Recommended

What is an IANS CISO Workshop? Factor 6
What is an IANS CISO Workshop? Factor 6What is an IANS CISO Workshop? Factor 6
What is an IANS CISO Workshop? Factor 6
IANS
 
Developing Superstar Project Managers
Developing Superstar Project ManagersDeveloping Superstar Project Managers
Developing Superstar Project Managers
EDR
 
How versus what
How versus whatHow versus what
How versus what
Thomas Lord
 
Alliance governance: Balancing Trust and Control in Dealing with Risk
Alliance governance: Balancing Trust and Control in Dealing with RiskAlliance governance: Balancing Trust and Control in Dealing with Risk
Alliance governance: Balancing Trust and Control in Dealing with Risk
Alex Todd
 
Matthew Stasior Project Bio 2016
Matthew Stasior Project Bio 2016Matthew Stasior Project Bio 2016
Matthew Stasior Project Bio 2016Matthew Stasior MBA
 
2008_Miami_OpRisk_Conf
2008_Miami_OpRisk_Conf2008_Miami_OpRisk_Conf
2008_Miami_OpRisk_ConfPeter Poulos
 
Legal Risk - New Thinking
Legal Risk - New ThinkingLegal Risk - New Thinking
Legal Risk - New Thinking
ComplyWith NZ Ltd
 
Workers' compensation survey 2016
Workers' compensation survey 2016Workers' compensation survey 2016
Workers' compensation survey 2016
Jonathan Belek
 

Recommended

What is an IANS CISO Workshop? Factor 6
What is an IANS CISO Workshop? Factor 6What is an IANS CISO Workshop? Factor 6
What is an IANS CISO Workshop? Factor 6
IANS
 
Developing Superstar Project Managers
Developing Superstar Project ManagersDeveloping Superstar Project Managers
Developing Superstar Project Managers
EDR
 
How versus what
How versus whatHow versus what
How versus what
Thomas Lord
 
Alliance governance: Balancing Trust and Control in Dealing with Risk
Alliance governance: Balancing Trust and Control in Dealing with RiskAlliance governance: Balancing Trust and Control in Dealing with Risk
Alliance governance: Balancing Trust and Control in Dealing with Risk
Alex Todd
 
Matthew Stasior Project Bio 2016
Matthew Stasior Project Bio 2016Matthew Stasior Project Bio 2016
Matthew Stasior Project Bio 2016Matthew Stasior MBA
 
2008_Miami_OpRisk_Conf
2008_Miami_OpRisk_Conf2008_Miami_OpRisk_Conf
2008_Miami_OpRisk_ConfPeter Poulos
 
Legal Risk - New Thinking
Legal Risk - New ThinkingLegal Risk - New Thinking
Legal Risk - New Thinking
ComplyWith NZ Ltd
 
Workers' compensation survey 2016
Workers' compensation survey 2016Workers' compensation survey 2016
Workers' compensation survey 2016
Jonathan Belek
 
Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective TaskQualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
vimster
 
Aon FI Risk Advisory_product sheet-March 2015
Aon FI Risk Advisory_product sheet-March 2015Aon FI Risk Advisory_product sheet-March 2015
Aon FI Risk Advisory_product sheet-March 2015Evan Sekeris
 
NCUA's Examinations and Your Credit Union's Rights
NCUA's Examinations and Your Credit Union's RightsNCUA's Examinations and Your Credit Union's Rights
NCUA's Examinations and Your Credit Union's Rights
E Andrew Keeney
 
Introducing a whistleblower_hotline
Introducing a whistleblower_hotlineIntroducing a whistleblower_hotline
Introducing a whistleblower_hotline
WhistleBlower Security Inc
 
Justifying Qualitative Factors - 2015 Risk Management Summit
Justifying Qualitative Factors - 2015 Risk Management SummitJustifying Qualitative Factors - 2015 Risk Management Summit
Justifying Qualitative Factors - 2015 Risk Management Summit
Libby Bierman
 
Kick Start Your Fraud Prevention
Kick Start Your Fraud PreventionKick Start Your Fraud Prevention
Kick Start Your Fraud Prevention
WhistleBlower Security Inc
 
Taking the road to advanced approaches and heightened standards in risk manag...
Taking the road to advanced approaches and heightened standards in risk manag...Taking the road to advanced approaches and heightened standards in risk manag...
Taking the road to advanced approaches and heightened standards in risk manag...
Grant Thornton LLP
 
REM_compliance analyst resume revised 10-14-15
REM_compliance analyst resume revised 10-14-15REM_compliance analyst resume revised 10-14-15
REM_compliance analyst resume revised 10-14-15Robert May
 
CCAR & DFAST: How to incorporate stress testing into banking operations + str...
CCAR & DFAST: How to incorporate stress testing into banking operations + str...CCAR & DFAST: How to incorporate stress testing into banking operations + str...
CCAR & DFAST: How to incorporate stress testing into banking operations + str...
Grant Thornton LLP
 
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
WolfPAC - Integrated Risk Management
 
What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2
IANS
 
Tips for Implementing a Whistleblower Hotline
Tips for Implementing a Whistleblower HotlineTips for Implementing a Whistleblower Hotline
Tips for Implementing a Whistleblower Hotline
Case IQ
 
Boards of directors and compliance. four areas of inquiry
Boards of directors and compliance. four areas of inquiryBoards of directors and compliance. four areas of inquiry
Boards of directors and compliance. four areas of inquiryAndres Baytelman
 
CUSO vs. In-House: Growing Your Member Business Lending Portfolio
CUSO vs. In-House: Growing Your Member Business Lending PortfolioCUSO vs. In-House: Growing Your Member Business Lending Portfolio
CUSO vs. In-House: Growing Your Member Business Lending Portfolio
Libby Bierman
 
Risk Dashboard
Risk Dashboard Risk Dashboard
Risk Dashboard
Michel Rochette
 
Critical friends - Stakeholder panels (2007)
Critical friends - Stakeholder panels (2007)Critical friends - Stakeholder panels (2007)
Critical friends - Stakeholder panels (2007)
Utopies
 
Webinar slides on "Managing Partnerships in Microinsurance
Webinar slides on "Managing Partnerships in MicroinsuranceWebinar slides on "Managing Partnerships in Microinsurance
Webinar slides on "Managing Partnerships in Microinsurance
Impact Insurance Facility
 
Andamio de computadora w 1 k maycol
Andamio de computadora w 1 k maycolAndamio de computadora w 1 k maycol
Andamio de computadora w 1 k maycol
Maycol Merinos Garcia
 
Industrial Electronics transcript
Industrial Electronics transcriptIndustrial Electronics transcript
Industrial Electronics transcriptroy Patrick
 
Arbeitszeugnis
ArbeitszeugnisArbeitszeugnis
ArbeitszeugnisRamanathan Meyyappan
 
Saudi Aramco-Fire Safety in Health Care Facilities
Saudi Aramco-Fire Safety in Health Care FacilitiesSaudi Aramco-Fire Safety in Health Care Facilities
Saudi Aramco-Fire Safety in Health Care FacilitiesJonathan Gatus
 
Chocolate mountains
Chocolate mountainsChocolate mountains
Chocolate mountainsCatalina Linkava
 

More Related Content

What's hot

Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective TaskQualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
vimster
 
Aon FI Risk Advisory_product sheet-March 2015
Aon FI Risk Advisory_product sheet-March 2015Aon FI Risk Advisory_product sheet-March 2015
Aon FI Risk Advisory_product sheet-March 2015Evan Sekeris
 
NCUA's Examinations and Your Credit Union's Rights
NCUA's Examinations and Your Credit Union's RightsNCUA's Examinations and Your Credit Union's Rights
NCUA's Examinations and Your Credit Union's Rights
E Andrew Keeney
 
Introducing a whistleblower_hotline
Introducing a whistleblower_hotlineIntroducing a whistleblower_hotline
Introducing a whistleblower_hotline
WhistleBlower Security Inc
 
Justifying Qualitative Factors - 2015 Risk Management Summit
Justifying Qualitative Factors - 2015 Risk Management SummitJustifying Qualitative Factors - 2015 Risk Management Summit
Justifying Qualitative Factors - 2015 Risk Management Summit
Libby Bierman
 
Kick Start Your Fraud Prevention
Kick Start Your Fraud PreventionKick Start Your Fraud Prevention
Kick Start Your Fraud Prevention
WhistleBlower Security Inc
 
Taking the road to advanced approaches and heightened standards in risk manag...
Taking the road to advanced approaches and heightened standards in risk manag...Taking the road to advanced approaches and heightened standards in risk manag...
Taking the road to advanced approaches and heightened standards in risk manag...
Grant Thornton LLP
 
REM_compliance analyst resume revised 10-14-15
REM_compliance analyst resume revised 10-14-15REM_compliance analyst resume revised 10-14-15
REM_compliance analyst resume revised 10-14-15Robert May
 
CCAR & DFAST: How to incorporate stress testing into banking operations + str...
CCAR & DFAST: How to incorporate stress testing into banking operations + str...CCAR & DFAST: How to incorporate stress testing into banking operations + str...
CCAR & DFAST: How to incorporate stress testing into banking operations + str...
Grant Thornton LLP
 
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
WolfPAC - Integrated Risk Management
 
What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2
IANS
 
Tips for Implementing a Whistleblower Hotline
Tips for Implementing a Whistleblower HotlineTips for Implementing a Whistleblower Hotline
Tips for Implementing a Whistleblower Hotline
Case IQ
 
Boards of directors and compliance. four areas of inquiry
Boards of directors and compliance. four areas of inquiryBoards of directors and compliance. four areas of inquiry
Boards of directors and compliance. four areas of inquiryAndres Baytelman
 
CUSO vs. In-House: Growing Your Member Business Lending Portfolio
CUSO vs. In-House: Growing Your Member Business Lending PortfolioCUSO vs. In-House: Growing Your Member Business Lending Portfolio
CUSO vs. In-House: Growing Your Member Business Lending Portfolio
Libby Bierman
 
Risk Dashboard
Risk Dashboard Risk Dashboard
Risk Dashboard
Michel Rochette
 
Critical friends - Stakeholder panels (2007)
Critical friends - Stakeholder panels (2007)Critical friends - Stakeholder panels (2007)
Critical friends - Stakeholder panels (2007)
Utopies
 
Webinar slides on "Managing Partnerships in Microinsurance
Webinar slides on "Managing Partnerships in MicroinsuranceWebinar slides on "Managing Partnerships in Microinsurance
Webinar slides on "Managing Partnerships in Microinsurance
Impact Insurance Facility
 

What's hot (17)

Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective TaskQualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
Qualitative Risk Factors: How to Add Objectivity to an Otherwise Subjective Task
 
Aon FI Risk Advisory_product sheet-March 2015
Aon FI Risk Advisory_product sheet-March 2015Aon FI Risk Advisory_product sheet-March 2015
Aon FI Risk Advisory_product sheet-March 2015
 
NCUA's Examinations and Your Credit Union's Rights
NCUA's Examinations and Your Credit Union's RightsNCUA's Examinations and Your Credit Union's Rights
NCUA's Examinations and Your Credit Union's Rights
 
Introducing a whistleblower_hotline
Introducing a whistleblower_hotlineIntroducing a whistleblower_hotline
Introducing a whistleblower_hotline
 
Justifying Qualitative Factors - 2015 Risk Management Summit
Justifying Qualitative Factors - 2015 Risk Management SummitJustifying Qualitative Factors - 2015 Risk Management Summit
Justifying Qualitative Factors - 2015 Risk Management Summit
 
Kick Start Your Fraud Prevention
Kick Start Your Fraud PreventionKick Start Your Fraud Prevention
Kick Start Your Fraud Prevention
 
Taking the road to advanced approaches and heightened standards in risk manag...
Taking the road to advanced approaches and heightened standards in risk manag...Taking the road to advanced approaches and heightened standards in risk manag...
Taking the road to advanced approaches and heightened standards in risk manag...
 
REM_compliance analyst resume revised 10-14-15
REM_compliance analyst resume revised 10-14-15REM_compliance analyst resume revised 10-14-15
REM_compliance analyst resume revised 10-14-15
 
CCAR & DFAST: How to incorporate stress testing into banking operations + str...
CCAR & DFAST: How to incorporate stress testing into banking operations + str...CCAR & DFAST: How to incorporate stress testing into banking operations + str...
CCAR & DFAST: How to incorporate stress testing into banking operations + str...
 
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
The Role of the Chief Risk Officer Why You are the Most Important Person in Y...
 
What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2What is an IANS CISO Workshop? Factor 2
What is an IANS CISO Workshop? Factor 2
 
Tips for Implementing a Whistleblower Hotline
Tips for Implementing a Whistleblower HotlineTips for Implementing a Whistleblower Hotline
Tips for Implementing a Whistleblower Hotline
 
Boards of directors and compliance. four areas of inquiry
Boards of directors and compliance. four areas of inquiryBoards of directors and compliance. four areas of inquiry
Boards of directors and compliance. four areas of inquiry
 
CUSO vs. In-House: Growing Your Member Business Lending Portfolio
CUSO vs. In-House: Growing Your Member Business Lending PortfolioCUSO vs. In-House: Growing Your Member Business Lending Portfolio
CUSO vs. In-House: Growing Your Member Business Lending Portfolio
 
Risk Dashboard
Risk Dashboard Risk Dashboard
Risk Dashboard
 
Critical friends - Stakeholder panels (2007)
Critical friends - Stakeholder panels (2007)Critical friends - Stakeholder panels (2007)
Critical friends - Stakeholder panels (2007)
 
Webinar slides on "Managing Partnerships in Microinsurance
Webinar slides on "Managing Partnerships in MicroinsuranceWebinar slides on "Managing Partnerships in Microinsurance
Webinar slides on "Managing Partnerships in Microinsurance
 

Viewers also liked

Andamio de computadora w 1 k maycol
Andamio de computadora w 1 k maycolAndamio de computadora w 1 k maycol
Andamio de computadora w 1 k maycol
Maycol Merinos Garcia
 
Industrial Electronics transcript
Industrial Electronics transcriptIndustrial Electronics transcript
Industrial Electronics transcriptroy Patrick
 
Saudi Aramco-Fire Safety in Health Care Facilities
Saudi Aramco-Fire Safety in Health Care FacilitiesSaudi Aramco-Fire Safety in Health Care Facilities
Saudi Aramco-Fire Safety in Health Care FacilitiesJonathan Gatus
 
Winnebago County Sheriff's Dept Letter - Zuehlsdorf
Winnebago County Sheriff's Dept Letter - ZuehlsdorfWinnebago County Sheriff's Dept Letter - Zuehlsdorf
Winnebago County Sheriff's Dept Letter - ZuehlsdorfZachary Zuehlsdorf
 
La responsabilidad
La responsabilidadLa responsabilidad
La responsabilidad
Maycol Merinos Garcia
 
Kotter the heart of change
Kotter the heart of changeKotter the heart of change
Kotter the heart of changemasterinthecloud
 
Historical Approach on Doing Business in North Western Africa by Dr. Said El ...
Historical Approach on Doing Business in North Western Africa by Dr. Said El ...Historical Approach on Doing Business in North Western Africa by Dr. Said El ...
Historical Approach on Doing Business in North Western Africa by Dr. Said El ...
Said El Mansour Cherkaoui, Ph.D.
 
Oizom Polludrone > Smart Environmental Monitoring Solution
Oizom Polludrone > Smart Environmental Monitoring SolutionOizom Polludrone > Smart Environmental Monitoring Solution
Oizom Polludrone > Smart Environmental Monitoring Solution
Oizom
 
Slidedeck LOLA™
Slidedeck LOLA™Slidedeck LOLA™
Slidedeck LOLA™
Julien Tournier
 
DragonBill deck for Innovators Race 50.
DragonBill deck for Innovators Race 50.DragonBill deck for Innovators Race 50.
DragonBill deck for Innovators Race 50.
DragonBill
 
English deck - dictanova
English deck - dictanovaEnglish deck - dictanova
English deck - dictanova
Dictanova
 
Docs 2016
Docs 2016Docs 2016
Docs 2016
Oussama Kali
 
Cahier de-notes
Cahier de-notesCahier de-notes
Cahier de-notes
Oussama Kali
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
Michel Rochette
 

Viewers also liked (19)

Andamio de computadora w 1 k maycol
Andamio de computadora w 1 k maycolAndamio de computadora w 1 k maycol
Andamio de computadora w 1 k maycol
 
Industrial Electronics transcript
Industrial Electronics transcriptIndustrial Electronics transcript
Industrial Electronics transcript
 
Arbeitszeugnis
ArbeitszeugnisArbeitszeugnis
Arbeitszeugnis
 
Saudi Aramco-Fire Safety in Health Care Facilities
Saudi Aramco-Fire Safety in Health Care FacilitiesSaudi Aramco-Fire Safety in Health Care Facilities
Saudi Aramco-Fire Safety in Health Care Facilities
 
Chocolate mountains
Chocolate mountainsChocolate mountains
Chocolate mountains
 
Tasas y contribuc
Tasas y contribucTasas y contribuc
Tasas y contribuc
 
internship PP
internship PPinternship PP
internship PP
 
Winnebago County Sheriff's Dept Letter - Zuehlsdorf
Winnebago County Sheriff's Dept Letter - ZuehlsdorfWinnebago County Sheriff's Dept Letter - Zuehlsdorf
Winnebago County Sheriff's Dept Letter - Zuehlsdorf
 
La responsabilidad
La responsabilidadLa responsabilidad
La responsabilidad
 
Kotter the heart of change
Kotter the heart of changeKotter the heart of change
Kotter the heart of change
 
Historical Approach on Doing Business in North Western Africa by Dr. Said El ...
Historical Approach on Doing Business in North Western Africa by Dr. Said El ...Historical Approach on Doing Business in North Western Africa by Dr. Said El ...
Historical Approach on Doing Business in North Western Africa by Dr. Said El ...
 
Oizom Polludrone > Smart Environmental Monitoring Solution
Oizom Polludrone > Smart Environmental Monitoring SolutionOizom Polludrone > Smart Environmental Monitoring Solution
Oizom Polludrone > Smart Environmental Monitoring Solution
 
Slidedeck LOLA™
Slidedeck LOLA™Slidedeck LOLA™
Slidedeck LOLA™
 
DragonBill deck for Innovators Race 50.
DragonBill deck for Innovators Race 50.DragonBill deck for Innovators Race 50.
DragonBill deck for Innovators Race 50.
 
English deck - dictanova
English deck - dictanovaEnglish deck - dictanova
English deck - dictanova
 
Docs 2016
Docs 2016Docs 2016
Docs 2016
 
Cahier de-notes
Cahier de-notesCahier de-notes
Cahier de-notes
 
METAS
METASMETAS
METAS
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
 

Similar to The Scientific Approach to Mitigating Operational Risk

AML and OFAC Compliance for the Insurance Industry
AML and OFAC Compliance for the Insurance IndustryAML and OFAC Compliance for the Insurance Industry
AML and OFAC Compliance for the Insurance Industry
Rachel Hamilton
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
LexisNexis Benelux
 
MRM: PwC Top Issues
MRM: PwC Top Issues MRM: PwC Top Issues
MRM: PwC Top Issues
PwC
 
White Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic reviewWhite Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic review
LexisNexis Benelux
 
How Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksHow Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party Risks
MHM (Mayer Hoffman McCann P.C.)
 
A Paradigm Shift in Audit Process
A Paradigm Shift in Audit ProcessA Paradigm Shift in Audit Process
A Paradigm Shift in Audit Process
Padmapriya V
 
KYC Initiative
KYC InitiativeKYC Initiative
KYC InitiativeJeff Plein
 
Mc Gladrey Financial Institutions Services
Mc Gladrey Financial Institutions ServicesMc Gladrey Financial Institutions Services
Mc Gladrey Financial Institutions ServicesLinkedInLeo
 
Nick krest - best strategies for business success
Nick krest - best strategies for business successNick krest - best strategies for business success
Nick krest - best strategies for business success
Nickkrest
 
Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...
Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...
Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...
NAFCU Services Corporation
 
PwC Publication: TRID industry landscape 042216
PwC Publication: TRID industry landscape 042216PwC Publication: TRID industry landscape 042216
PwC Publication: TRID industry landscape 042216
Tom Gere
 
Trid industry landscape 042216
Trid industry landscape 042216Trid industry landscape 042216
Trid industry landscape 042216
Tom Gere
 
Montana-Paula-Krecicki
Montana-Paula-KrecickiMontana-Paula-Krecicki
Montana-Paula-KrecickiDaniel Paula
 
FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1Sudip Chatterjee
 
Compliance & data security – the way we work
Compliance & data security – the way we workCompliance & data security – the way we work
Compliance & data security – the way we work
Puneet Chopra
 
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Mubeen Yaqoob
 
From Startup To Success: Mastering Business Control For Growth By Ashish Agga...
From Startup To Success: Mastering Business Control For Growth By Ashish Agga...From Startup To Success: Mastering Business Control For Growth By Ashish Agga...
From Startup To Success: Mastering Business Control For Growth By Ashish Agga...
AshishAggarwal59143
 
Garwood Underwriters Roundtable
Garwood Underwriters RoundtableGarwood Underwriters Roundtable
Garwood Underwriters RoundtableRita Garwood
 
An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...
An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...
An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...
Dr. Amarjeet Singh
 
Reducing Regulatory Capital
Reducing Regulatory CapitalReducing Regulatory Capital
Reducing Regulatory Capital
Compliance Consultant
 

Similar to The Scientific Approach to Mitigating Operational Risk (20)

AML and OFAC Compliance for the Insurance Industry
AML and OFAC Compliance for the Insurance IndustryAML and OFAC Compliance for the Insurance Industry
AML and OFAC Compliance for the Insurance Industry
 
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
Anti-Money Laundering and Anti-Bribery and Corruption Systems & controls: Ass...
 
MRM: PwC Top Issues
MRM: PwC Top Issues MRM: PwC Top Issues
MRM: PwC Top Issues
 
White Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic reviewWhite Paper: A summary of the FSA thematic review
White Paper: A summary of the FSA thematic review
 
How Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksHow Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party Risks
 
A Paradigm Shift in Audit Process
A Paradigm Shift in Audit ProcessA Paradigm Shift in Audit Process
A Paradigm Shift in Audit Process
 
KYC Initiative
KYC InitiativeKYC Initiative
KYC Initiative
 
Mc Gladrey Financial Institutions Services
Mc Gladrey Financial Institutions ServicesMc Gladrey Financial Institutions Services
Mc Gladrey Financial Institutions Services
 
Nick krest - best strategies for business success
Nick krest - best strategies for business successNick krest - best strategies for business success
Nick krest - best strategies for business success
 
Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...
Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...
Quantivate Vendor Management Solution Improves Efficiency and Reduces Risk (C...
 
PwC Publication: TRID industry landscape 042216
PwC Publication: TRID industry landscape 042216PwC Publication: TRID industry landscape 042216
PwC Publication: TRID industry landscape 042216
 
Trid industry landscape 042216
Trid industry landscape 042216Trid industry landscape 042216
Trid industry landscape 042216
 
Montana-Paula-Krecicki
Montana-Paula-KrecickiMontana-Paula-Krecicki
Montana-Paula-Krecicki
 
FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1
 
Compliance & data security – the way we work
Compliance & data security – the way we workCompliance & data security – the way we work
Compliance & data security – the way we work
 
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
 
From Startup To Success: Mastering Business Control For Growth By Ashish Agga...
From Startup To Success: Mastering Business Control For Growth By Ashish Agga...From Startup To Success: Mastering Business Control For Growth By Ashish Agga...
From Startup To Success: Mastering Business Control For Growth By Ashish Agga...
 
Garwood Underwriters Roundtable
Garwood Underwriters RoundtableGarwood Underwriters Roundtable
Garwood Underwriters Roundtable
 
An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...
An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...
An Analysis of Factors Influencing Customer Creditworthiness in the Banking S...
 
Reducing Regulatory Capital
Reducing Regulatory CapitalReducing Regulatory Capital
Reducing Regulatory Capital
 

The Scientific Approach to Mitigating Operational Risk

  • 1. September 2014 For Mortgage Lenders, Brokers, Correspondents and Wholesalers The Scientific Approach to Mitigating Operational Risk By Nicolle Nelson I n the years since the housing crisis, the phrase “operational risk” grew into a primary concern of every mortgage executive. Even by its tone, operational risk sounds ominous, but it’s an issue that’s omnipresent, given the ever-increasing number of regulations, investor requirements and agency guidelines that both mortgage servicers and lenders face. When it comes to mitigating operational risk, however, we need science, not science fiction. Regulators, investors, agencies and the other partners that mortgage companies work with need to see policies, audits and enforcement. The precise rules and duties may differ depending on who a firm works with, and vary across the myriad roles within an organization. No one is excused from these responsibilities, and mitigating operational risk requires a plan. Devising that plan — and the training and oversight necessary to implement it — requires lenders and servicers to conduct a scientific investigation into the policies, procedures and controls they already have in place. Mitigating operational risk is certainly complex, but it doesn’t need to be complicated. Whether a mortgage company is focused on meeting regulatory and investor requirements, reducing repurchase requests, avoiding fines or simply ensuring loans don’t default, adhering to a few fundamental steps can help mitigate operational risk. First, take stock of the current situation. What is holding the business together? Is risk currently being managed upfront, or is it an afterthought? To properly answer this question, lenders and servicers must take a good, hard look at their current processes. Because the mortgage chain is incredibly multifaceted, it helps to create a flowchart of what an individual business looks like. Whatever works, as long as the image of the business is detailed and thorough. For this reason, many firms today conduct periodic operational risk audits. The idea behind a risk audit is to match a company’s business goals with its current policies and procedures to ensure they are aligned. With the help of a qualified auditor, the risk audit will identify gaps and provide a clear picture of how to move forward. Lenders that conduct these audits periodically will have a clear understanding whether their operations are getting better or worse over time, and why. “At New Penn, we are very focused during our audit process on root cause analysis,” said Kevin Harrigan, senior vice president, chief risk officer at New Penn Financial. “Often times, internal audit functions become too focused on the reporting of loan-level events, and lose focus on the systemic underlying causes of those events.” Next, prioritize areas of risk. Once everything is mapped and all the details of the company are laid out, identify each separate process and rank them in terms of efficiency level, quality of data and potential for risk. To make sure every possible deficiency or weakness is identified, ask team members for help and request that they make their own list of all the operational risks they are aware of, especially if it has not been identified in any previous audits. It’s extremely important to keep past audits handy and talk to staff members who have reviewed them. For example, AnnieMacHomeMortgagemakessureallrelevantemployees Nicolle Nelson
  • 2. are aware of the company’s past audits, including executive and senior managers and staff, said Matthew Buckley, the company’s executive vice president of compliance. “Companies should not put their audit findings on a shelf to collect dust,” he said. “They need to publish them to their staff, use the data to train and teach staff, make them better. Many staff members welcome this critical feedback because I do not believe that staff members approach their jobs with an attitude of indifference to quality.” The next step is to study existing policies. Collect all of the guidelines and processes and figure out if any are absent, superfluous, or too old to be useful, as well as any training procedures that accompany those policies. Be sure to consider things both individually at each stage of the loan process, as well as collectively as a whole. Keep an eye out for isolated processes for which there are no policies or training that may have escaped earlier notice. A major error some mortgage companies discover in this stage involves record keeping. To maintain compliance, it’s not enough to simply keep a record — it’s how the records are kept. For years, some lenders have relied on notes, not on actual data. But there’s a big difference between the two, said Rebecca Walzak, of rjbWalzak Consulting. “Because it’s in notes form, you can’t analyze it,” she said. “How do you improve a process if it’s not in data format?” Maintaining quality data is critical, agrees AnnieMac’s Buckley. “Having good data is the key. If your data is not good, you are blind. It’s the equivalent of trying to sail with a broken compass: you won’t know where you are and you won’t know how to get to where you need to be.” Oncethisisdone,draftanoperationalriskmanagementplan. Once a lender has a strong understanding of its risk policies and procedures, including any weak spots, the company can create and put in place an operational risk management plan designed to protect the business going forward. New Penn has integrated a combination of checkpoints into its loan manufacturing process, said Harrigan. “They include prefunding quality assurance findings, post-closing quality control results, investor audits and scorecards, and borrower complaint monitoring just to name a few,” he said. “Feedback received through these various channels is then aggregated and reviewed to determine if there are isolated training issues or a systematic fix is required.” It’s also critical at this stage for mortgage companies to form a risk management team, if one is not already in place. “The team should be made up of a group of people who really have the knowledge and depth of process,” said Walzak. “They need to be the ones looking at how each of these risks is embedded in the process. There are people out there who are now called operational risk people, but still, they are pretty isolated.” Finally, fill in the missing links. Speed bumps in this process are clear indicators that something is missing. It turns out many mortgage firms — even very large organizations, and most small ones — cannot mitigate operational risk on their own without incurring significant time and expense. The good news is that there’s a ton of help available. Some mortgage companies turn to outsourcers and other third-party support vendors that can take a good deal of the risk management processes off their shoulders. This may feel like a significant step that lenders and servicers, particularly regional-sized firms, may not be ready for, particularly from a cost perspective. But the key is finding an outsourcer with experience helping lenders of various sizes. And risk management outsourcing can take place on a per-unit pricing level, which makes it a manageable cost regardless of a company’s size. “When running a compliance department, you must be mindful of how your dollars are spent,” said AnnieMac’s Buckley. “Finding third-party support is critical in this effort. It is not cost effective to maintain certain functions in-house, while other functions should not be outsourced. Maintaining that balance is important.” Also keep in mind that a qualified risk partner can also help mortgage firms lower costs by taking on the burden off of meeting regulatory requirements. Such partners also have a large knowledge base of systems, policies, procedures and risk management used by other institutions that they can leverage strategies to benefit any lender. Controlling operational risk requires an examination of an organizationfromallstagesofitsbusiness.Whetherthisfunction is done in-house or with the help of an outsourcing partner, safely managing risk is mandatory in today’s environment. NicolleNelsonisavicepresidentatbusinessprocessmanagement firm SLK Global. ©2014 SourceMedia Inc. and Origination News. All rights reserved. SourceMedia, One State Street Plaza, New York, N.Y. 10004 (800) 367-3989