OpRisk Management and Mitigation - from Assessment to Implementation
Operational Risk Management (ORM) is an effective tool for not only maintaining but increasing, bank profits, shareholder value, public perceptions and goodwill. Executed properly, improvements in ORM can lead to substantial financial, reputational and regulatory benefits – all this adds to increased profitability, greater financial stability and improved customer satisfaction. But to achieve these gains, financial institutions must apply a consistent and comprehensive approach to managing their operational risks. They must also understand that this approach is fundamentally different from the approaches that they use in managing market, credit and liquidity risks.
Bad Operational Risk Management has a severely negative effect on financial institutions in four very clear ways:
Actual operational risk losses are a direct hit to the income statement.
The market punishes companies, via the stock price, for operational risk failures and this loss could well exceed the actual financial loss experienced.
Lowered Credit Ratings, which raises the institutions cost of borrowing money in the marketplace.
Operational risk failures can vastly increase the cost of compliance by raising the level of regulatory scrutiny and complexity not to mention substantial penalties.
Objectives
The objectives of this training course is to provide all staff, irrespective of whether they work in the front-, middle- or back-office, with a sound foundation in the theory and practice of Operational Risk Management. This training is provided in a practical "hands-on" manner that allows them to implement what they have learned easily and effectively.
What this course covers
This course provides a complete structured package for learning in all main aspects of the subject of Operational Risk. It will enable participants to prepare and manage the planning and implementation of operational risk management processes in their bank/ financial institution or firm.
Key objectives and learning outcomes
The aim of the course is to provide:
Illustrate risk in all its facets
What the Basel Accords say about operational risk and its mitigation
Listing operational risk techniques for assessing, managing and mitigating operational risk
A link between ORM theory and practice
A clear road-map on how to implement an ORM structure in practice in a banking organization
DAY 01 (8:30 AM - 5:30 PM)
THE WHY, HOW & WHAT OF OPERATIONAL RISK
What is risk?
Operational Risk – The big picture
A short history of risk
Dimension & drivers of risk management
Business drivers
Regulatory drivers
Rating Agencies & risk
Cross-border implications
What is the value of Operational Risk Management?
Risk Types
How we categorize risks
What is covered under Basel II?
Risk categories
Basel’s risk coverage
Operational risk categorization
The financial risk management environment
The operational risk management environment
The technical Implications of operations risk management
Risk & Capital - An Introduction to Basel I, II and III
What is capital?
Capital in financial institutions
The BIS capital standards
Basel’s three pillars
Basle’s operational risk options
Implementation considerations
Implementation of Basel
The Pillar II maze
Implementation issues
Managing Operations Risk
The governance process
Setting risk management objectives
Building a risk culture
Examples of a staff risk culture
Examples of management risk culture
Why are risk cultures important?
Compliance requirements
Operational risk – definition and examples
Enterprise Risk Management
Key elements in managing operations risk
A selection of case studies to illustrate the material covered
The banking activity framework - the “Top-Down” approach of the BIS
Main areas affected by operational risk
Key Risk Factors
Operational Risk –Practical Examples
Participants are led through a series of operational risk failures in recent years aimed a illustrating the wide variety of operational risks that can be encountered.
Case Study: We take detailed look at the 2007, US$ 7.2 billion loss at SocGen, its causes, the key warning signals that were overlooked, and the consequences for the financial industry.
Key Elements in Managing Operational Risk
The core issues in managing operational risk
Risk Analysis
Determining the “Risk Appetite”
Risk impact/ Event frequency
Impact vs. Probability
A generic case study
Operational Risk Financing
Risk financing
Optimizing risk & reward
The cost of risk
The operational risk financing program
Operational risk financing mechanisms
How financing methods are applied
Methods & Models
Measurement methods
The Loss Modeling Method
Monte Carlo simulations
Operational risk & bank strategy
Quantitative & Qualitative approaches
Key Risk Indicators (KRIs)
Operational risk & the business cycle
Problems in identifying operational risks
COSO ERM Framework
COSO - an integrated risk management framework
The COSO framework
Codification of the 17 COSO Principles
The Black Swan
The challenges of outlier events for contingency planners
Understanding a “Black Swan” event and its principal characteristics.
We examine the nature of a Black Swan event
Challenges for Planners, Strategists and CEOs.
How can you mitigate a Black Swan event?
Case Study: Can recent outlier events, like the eruption of Iceland’s Eyjafjallajökull volcano, the Deepwater Horizon catastrophe and the Japanese Tsunami be seen as black swan events? Gain a deeper insight into some of the subtleties of operational risk in the real world.
Operations Risk & Basel (II and III)
The BIS definition of operational risk
BIS standards for managing operational risk
Basic Indicator Approach (BIA)
Business Lines Approach
Advanced Measurement Approaches (AMA)
Loss event types
Criteria for the Advanced Measurement Approach
All Basel material is current and up-to-date in terms of current BIS developments
Managing Operations Risk under Basel - A “Hands-on” approach
Basel Standards
Basel’s’ three approaches
"Sound Practices for the Management and Supervision of Operational Risk"
Principles for the management of operational risk
Sound operational risk governance
Each of the 11 Principles are examined in terms of their content, meaning and implementation factors
Responsibilities
DAY 02(8:30 AM - 5:00 PM)
IMPLEMENTATION
Developing an appropriate Risk Management Environment
Policy & structure
Developing an appropriate risk management environment
Implementation
Mapping risks to controls
Understanding risks, goals and priorities
Prioritizing risk based on probability & impact
Establishing responsibilities for risk management
Mapping risk strategies to categories of control
Designing & Documenting specific controls
Implementing risk management controls
Defining the Categories of Operational Risks
We examine the BIS categories of operation risk in terms of specific examples. The categories covered are:
Internal Fraud
External Fraud
Employment Practices and Workplace Safety
Clients, Products & Business Practices
Damage to Physical Assets
Execution, Delivery & Process Management
Business Disruption & System Failures
Products & Operations Risk
Case Study: The US Sub-Prime Mortgage Crisis
The 2008 Global financial crisis was triggered by the Sub-Prime Mortgage problem in the United States. This case study clearly illustrates how insufficient or total lack of attention to Operations Risk in the detail and stress testing of the Mortgage Product, its various derivatives as well as the processes and operations led to financial meltdown in the US and its contagion across the globe.
MANAGING OPERATIONS RISK – TOOLS & TECHNIQUES
Causes & Consequences – The Bow Tie
The math of operational risk management
Causes & consequences of loss events and what they tell us
The Bow Tie Diagram – building and using this method to create effective operational risk management controls
Methods for Assessing Operational Risks
Four basic assessment methods
Loss data collection (internal & external)
Using loss data
Internal data
External data
Scenario analysis
Using scenarios
Tabletop/ Desktop exercises
Making tabletop exercise effective
Why exercise? Why use scenarios?
Statistical techniques
Desktop Exercise: Scenarios form the basis for a desktop exercise in which participants use and develop their newfound operational risk management skills to work through the simulation of a real risk event.
A Risk Assessment Model
The process
Environmental survey
Technology inventory
Identifying & assessing the operational risks (including an illustrative operations risk management plan)
Minimum control requirements
Risk identification tools
Current Operations Risk Management Themes in Banking
New technologies and practices are changing the nature of bank operational risk in many dramatic ways. In this section we explore a selection of current “risk themes” and get to grips with how the operations risk profile is changing in the constant struggle between profit and prudence.
This is a fast changing area and this section of the course is being constantly updated.
Closing CASE STUDY
Kweku Adoboli – from rising star to rogue trader
This case study on a recent event provides an in-depth examination of operational risk management failures resulted in substantial losses to UBS. We look at what went wrong and why and what lessons can be learned from this series of events.
Why and how were the lessons of the 2007 SocGen event ignored?
Included in this case study we have a special section on rogue traders generally in which we deal with issues such as;
The psychology of the rogue trader
Types of traders
The FSA investigation and their findings
Ranking Adoboli in the rogue traders league
4:00 pm -4:30 pm - Course Wrap-up