Operation Risk Consulting Services from Risk Concepts, Ltd.

dotMain Page
dotAbout Risk Concepts, Ltd.
dotRisk Management Services
dotOther Services
dotSeminars
dotAffiliates
dotEmail

Risk Concepts, Ltd.

More about: Enterprise Risk Management Services by RCL

RISK MANAGEMENT CHALLENGES

The most frequently encountered challenges to implementing successful Risk Management processes are:

  • Reporting of risk issues / solutions is fragmented.
  • Organizational "silos" (i.e., areas of managerial control) impede end-to-end analysis of risks and/or the implementation of appropriate, cost-effective solutions.
  • Risk is misunderstood.
  • Risk management policies are not comprehensive and/or are not supported by an adequate organization or effective methods.

To address these challenges, management must:

  1. Embrace the concept that risk (in all its forms) and change are the same.
  2. Understand that operational risk and operational exposure are not the same thing - although the two terms are routinely used interchangeably; exposure results from taking operational risk.

If management is unable to deal with even one form of risk well, the company's survival may be stake (unless it is somehow subsidized). At best, a company will lose market share, because of an inability to react to changing conditions. Managers leverage operational risk every day, just as they leverage market and credit risks.

Most organizational structures, and supporting policies, are designed to promote "silo" reporting by general type risk (e.g., credit risks are reported to a Credit Committee, market risks are reported to an Investment or Asset/Liability Management Committee).Hence, in order to introduce Enterprise Risk Management, management must first change the way that directors and executives have traditionally viewed the organization!

Depending on the industry, there are numerous or regulatory initiatives that encourage (and sometimes require) organizations to adopt enterprise risk management processes. For example, financial institution regulators have adopted, in one form or another, risk management guidelines from the following:

  • The Turnbull Report.
  • The Basel Committee.
  • The Australian/New Zealand Standards.

These, and numerous others, all recommend risk management programs designed to eliminate "gaps" in risk management reporting. This is because regulators face growing pressure to address operational risk - which, although misunderstood, is a major contributing factor in most high-profile financial disasters. Therefore, in spite of the challenges, regulators are likely to require financial institutions to implement firm-wide risk management regimes - i.e. Enterprise Risk Management.

While, for at least banks and related financial institutions, Credit Risk Management and Market Risk Management processes are largely well entrenched (albeit generally "silo-oriented" processes), Operational Risk Management has recently received increasing emphasis, to wit:

"The � operational risk measurement system � should play a prominent role in risk reporting, management reporting, internal capital allocation, and/or risk analysis. In addition, the � [entity] � must develop techniques for allocating operational risk capital to major business lines and for creating incentives to improve the management of operational risk throughout the firm."

Working Paper on the Regulatory Treatment of Operational
Risk Basel Committee on Banking Supervision 9/01

ENTERPRISE RISK MANAGEMENT

Enterprise Risk Management is defined as�

"A systematic method of identifying, assessing, communicating, managing and monitoring risks across activities, affiliates, functions or products, in a way that will build shareholder value over the long term."

And, the following the general guidelines support this definition:Risks should be managed using a product or process focus that cut across divisions and affiliates of the "organizational fabric."

Executive and Board oversight and reporting should be done by activity, rather than by risk type to avoid gaps.

  • Risks should be prioritized to facilitate their reporting and management.
  • Operational, Credit and Market risk management functions should work in integrated fashion.
  • Product risks are "owned" - and these risks are managed using standardized, organization-wide risk management methodology.

By the term "risk management methodology", we mean processes that provide the means to systematically identify and manage credit, financial and operational risks across corporate businesses and activities.