Perspectives - Spring 2007 »
President's Letter
The Development of Operational Risk Management
Recent trends in business complexity, highly visible operational losses and the need to manage risks associated with them have provided focus on a discipline called operational risk management (ORM). Many of ORM's underlying component parts have been in place within companies for years. There is a new recognition, however, of the importance of identifying, understanding and measuring operational risk more intelligently, as well as weaving an effective web of controls.
ORM is defined by common risk frameworks as: "The risk of loss resulting from inadequate or failed internal processes, people and systems, or external events.
Management and regulators have been forced to ask questions like, "What else beside credit and market losses can put our firm at substantial risk? What is operational risk? How do we define, measure, and best manage it? Can we mitigate these risks? Can we think about risk on a truly enterprise-wide basis so we are not blind-sided in the future?"
Signs of evolution are beginning to appear in the approach organizations are taking to ORM. Until recently, more than 75 percent of ORM functions were lead by information technology areas. A growing practice that aligns more with overall company goals is moving ORM functions from Information technology to roles such as a Chief Risk Officer.
Operational risk has been a challenge for companies for years. Even with the increase in frequency of ORM-related news, operational risk management has not been recognized for its full potential. Events resulting in large losses have occurred before, but recent regulatory and compliance changes have increased the visibility of these events. Although operational events have caused both mass embarrassment and even collapse, they were widely considered to be aberrations. Thus, operational risk didn't attract such significant attention until loss events at a number of financial firms caused significant losses, management shakeups, reorganizations, and a new focus on operational risk.
Our experiences and lessons learned will help you to decide the best course of action to mitigate operational risks. Our strategies for operational risk management have helped companies achieve success with these initiatives, and they will work for your organization.
Jeff Schreiner
President
Continuum Worldwide