OPERATIONAL RISK MANAGEMENT (2 or 3 day programme)

Prerequisites

Basic knowledge of risk management and high level understanding of the financial industry.

Objectives

In recent years, several notable events, combined with an additional scrutiny from regulators and financial intermediaries have forced financial institutions to recognise the importance of operational risk.


As a consequence, the banking industry first, followed closely by the insurance undertakings, has been undergoing a surge of innovation and development in several areas to develop sound operational risk management practices and systems.


The management of operational risks concentrates on the proactive prevention of frauds or business disruption of financial institutions that cover four areas: employees, process, systems, and external attacks. Therefore, the needed skill set is rather broad and mixes traditional internal control/audit methods as well as very sophisticated quantitative risk management techniques.


Financial institutions also continue to face conceptual challenges, such as, what is operational risks and what is its scope? Should financial institutions be concerned with operational risks? If so, how should they be assessed and intelligently integrated with other risks? What are the best practices for the measurement and management of operational risks? In this course, we will provide the first discussion and an up-to-date treatment of all these issues. 

At the end of the course, the student should be able to:

• Have a view on main principles of risk management
• Understand the nature of operational risk
• Grasp the main concepts related to Operational Risk and specifically the notions of causes, events and impacts
• Explain the Operational Risk management process and its main components
• Understand the importance of support and control functions in mitigating Operational Risks
• Have a view on Enterprise Risk Management

 

Part 1: Operational Risk Scope and Framework

 

• Scope of Operational Risk

• Losses, near misses, impacts

• Benchmark of operational losses to gross income

• The four actions of Risk Management

• Frameworks: ISO, PRA

• Attributes of effective risk management

 

Case studies: Examples of Framework

 

• Maturity level and ORM development: the ORM Pyramid

• Examples of Operational Risk Frameworks in Banking and Insurance

• The ORM pyramid: which level are you at?

 

Group discussion and sharing of experience around a maturity model of ORM

 

Part 2: Regulation and Governance of the Risk Function

 

• Basel II and II for operational risk

• PRA expectations around the IMMMR framework

• FCA and Conduct risk: what to expect

• Three lines of defence

• Tone at the top the role of the CEO

• 1st line and 2d line of defense: the relationship

 

Case study and class discussion

 

Part 3: Risk Identification

 

• Tools and techniques for risk identification

• Exposures and Vulnerabilities

• The Risk Wheel

• Value Drivers

Part 4: Scenario Analysis and Planning

 

• Regulation on data testing and scenario analysis: EBA guidance

• Sound Process to make Scenario Analysis repeatable

• Assessing probabilities of rare events: fault trees and bayesian approach

• Acting on Scenarios

• Management: cold book for hot times

 

Group work: identify your top risks and class feedback, share practice on loss and risk reporting

 

Part 5: Designing and Selecting Preventive Key Risk Indicators

 

• Essential features of preventive KRIs

• KPI, KRI, KCI? concepts and examples per activity

• KRI must address risks, not events: know your risk drivers

• Classifying KRIs: Environmental, Stress, Causal and Failure

• KRI Design: Frequency - Trigger levels - Escalation criteria – Ownership - Data accuracy

 

Part 6: Root Cause Analysis, Human Error and Control Design

 

• Root Cause Analysis: the bow tie: benefits and application

• Why do we make mistakes?

• Typology and causes of human errors

• Understand and treat the cause of human error

• Prevention by design

 

Case study: 4 financial services companies

Group work: perform a root cause analysis, feedback to the class

 

Part 7: Effective Risk and Control Self Assessments

 

• Definition and rules for RCSAs

• Tool: Impact / probability matrix: shapes and forms, definitions

• Usage and choice when defining RCSAs: extreme cases or median cases, distribution or single points, inherent or residual risk, likelihood or frequencies

• Risk rating: when and how.

 

Group work: highlight top risks and controls in your process: comments and class sharing

 

Part 8: Implementing the Desired Risk Culture: a method

 

• Defining Risk Culture

• Acting on behaviours: the Influencer

• Necessary conditions: willingness and ability

• Risk Culture: DESIRE steps: Define – Inspire – Support – Enable – Reinforce - Evaluate

• Assessing risk culture

 

Group work: Plan your own culture change

United Business Institutes

Brussels

Tel: +32 (0)2 548 04 80

Fax: +32 (0)2 548 04 89

Rue de Namur 48

B-1000 Brussels

Belgium

Luxembourg

Tel: +352 27 99 01 82

Château de Wiltz

L-9516 Wiltz, Luxembourg

RCS No.: F9357
VAT: LU26254584

Shanghai

10F Tower B

Tongji United Square 

1398 Siping Road, Yangpu District

Shanghai P.R.China

200000

COPYRIGHT 2019 All Rights Reserved | United Business Institutes | Jobs @ UBI

  • LinkedIn - White Circle
  • Instagram - White Circle
  • Twitter - White Circle
  • Facebook - White Circle