It is high time organizations providing financial services focused on the operational risk arena. While credit and liquidity risks are well known and most financial organizations have tools in place to manage them, organizations need to consider operational risks as being equally important, if not more important.
Losses due to external events or the failure of processes, systems and human resources have been among the worst-case scenarios for organizations.
We have observed that financial institutions, even those in the big league, encounter organizational collapses largely due to:
• Lack of security
• Corrupt management practices
• Deficient information systems
• Impaired communication structures
• Inadequate business continuity plans
• Inferior transaction processes
• Insufficient physical security controls
• Non-compliance with government and industry-specific regulations
Scandals and frauds have pushed financial institutions in developed nations to the forefront of exposés. When the economic crisis broke out in 2008, it cost people their jobs and savings. The real miscreants exposed were the world’s top-listed financial institutions, which were shattered by internal control issues and inadequacies. Very few organizations escaped the catastrophic consequences. A massive flaw was observed at the Operational Risk Management (ORM) level that led to the financial crisis.
There have been considerable changes and improvements made since, but a few obstacles put financial services in a position that is hardly acceptable. Here are the most troubling obstacles or roadblocks:
1. Continuing dependency on traditional Risk Management methods
Unbiased and judicious evaluation of risk severity and risk probability cannot be deduced through traditional approaches, but many organizations still trust that traditional risk metrics are suitable for operational risks.
Today, in an age of overwhelming numbers of risks, a complex system of risk metrics and risk evaluations need to be adopted to control business processes. Simple observations or manual analyses hardly suffice for effective ORM.
2. Differences that widen the gap between ORM and Compliance
Fingers were pointed at regulators because of what were thought to be incompetent policies during the economic crisis. They have been in a high-alert mode since then. There has been constant revision of regulations, especially for organizations in the financial sector. The policies act as a second line of defence, the primary defences should be within individual organizations.
3. Inhibitions due to high costs
The capital required for setting up Operational Risk controls is perceived to be high, and businesses are hesitant to invest. As a matter of fact, many financial institutions, without the support of ORM, suffer from losses and high costs in dealing with frauds, operational issues, mounting fines, lawsuits and staffing issues.
Investing in the right ORM solution might involve significant costs in the beginning, but at a later stage, it will drive business and generate better ROI.
4. ORM is synonymous to looking at the big picture
Risks are changing on a regular basis, and so should risk management methods. Emerging risks can deflect an organization from its strategic goals overnight; robust Risk Management techniques and systems should enable an organization to identify such potential threats and enable it to react properly.
Analysts observe that some financial services are not up to the mark in focusing on their ability to face another crisis. These organization’s need to focus on Risk Management techniques and risk culture; no financial service can evade risks, the solution is to understand and prepare the enterprise for them.
Developing a new ORM system brings an opportunity; it has acts as a catalyst for finance-related businesses to optimize their risks
What should you be doing to build an effective ORM?
Integrate your enterprise controls and management including ORM under one platform. The intricacies and interactions involved in the Governance, Compliance and Risk (GRC) Management processes cannot be managed separately. The requisite solutions should be functioning simultaneously for smooth flow of business operations.
Design an ORM framework that brings inter-linked risks and risk controls like audits, compliance measures and fraud prevention disciplines together for effective analysis. Integrate continuous events and data models to find deep insights into ORM.
The digital revolution, mobile and cloud-based services have made banks and financial organizations vulnerable to cyber attacks. When you implement ORM solutions, make it a priority to incorporate cyber security.
In future years, ORM will take up an increasingly important role in the disciplines of financial services. Start learning and adopting the nuances of managing Operational Risks now, to save your company from potential issues in the future.
About The Author:-
Mohammed Nasser Barakat– Consultancy Director at CAREweb Corporate Governance Consultancy offering Governance, Risk & Compliance (GRC) software used by the well known global business organizations. Nasser is Certified Control and Risk Self Assessment Practitioner (CCSA) and has 8 years experience in Internal audit solutions, Operational risk management solutions and consultancy.
In future years, ORM will take up an increasingly important role in the disciplines of financial services. Start learning and adopting the nuances of managing Operational Risks now, to save your company from potential issues in the future.
About The Author:-
Mohammed Nasser Barakat– Consultancy Director at CAREweb Corporate Governance Consultancy offering Governance, Risk & Compliance (GRC) software used by the well known global business organizations. Nasser is Certified Control and Risk Self Assessment Practitioner (CCSA) and has 8 years experience in Internal audit solutions, Operational risk management solutions and consultancy.
Post a Comment