Scribd Logo
Upload

Welcome to Scribd!

  • Gestion Del Riesgo Operacional

    Uploaded by

    andrés_donosso
    139 views21 pages
    gestion del riesgo enfocado al riesgo operacional

    Original Title

    gestion del riesgo operacional

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    gestion del riesgo enfocado al riesgo operacional

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    139 views21 pages

    Gestion Del Riesgo Operacional

    Uploaded by

    andrés_donosso
    gestion del riesgo enfocado al riesgo operacional

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 21

    Rules for Risk: A Model for Managing Operational Risks

    Featuring operational risk expert Philippa Girling, former head of operational risk at Morgan Stanley and Nomura

    Sponsored by NOVEMBER 14, 2012

    Questions?
    To ask a question click on the question icon in the lower-right corner of your screen.

    OCTOBER 17, 2012

    Follow the Conversation on Twitter

    Use #HBRwebinar @HBRExchange

    Rules for Risk: A Model for Managing Operational Risks

    Featuring operational risk expert Philippa Girling, former head of operational risk at Morgan Stanley and Nomura

    NOVEMBER 14, 2012

    Rules for Risk: A Model for Managing Operational Risks


    Todays Speaker
    Philippa Girling Operational Risk Expert

    NOVEMBER 14, 2012

    RULES FOR RISK: A MODEL FOR MANAGING OPERATIONAL RISKS


    Philippa Girling, Esq., FRM,
    November 14th, 2012

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK
    Definition:
    Risk of loss resulting from failed or inadequate people, systems, processes or external events Includes legal risk Excludes reputational risk

    Philippa Girling 2012 Reproduction only with Permission

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK & SANDY


    Hurricane Sandy
    Power Connectivity Phones Physical damage Exchange shut down Life safety Business continuity & disaster recovery

    Philippa Girling 2012 Reproduction only with Permission

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK AT THE OLYMPICS


    People:
    Nervous athletes, opinionated officials, aggressive press, terrorists, disgruntled Londoners, (missing) security guards, confused volunteers, crazed fans, lost children, Heads of State, visiting dignitaries and the list goes on

    Processes and systems:


    Stadium building and preparation, ticket sales, transportation, opening ceremonies, closing ceremonies, Olympic village management, cleaning, feeding, running races, organizing matches, safety checks of the parallel bars, awarding medals, playing anthems, global broadcasting, keeping that darned flame alight and the list goes on.

    External Events:
    Two words London Weather.

    Philippa Girling 2012 Reproduction only with Permission

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK IN THE MARKETS


    Knight Capital
    Technology risk leads to $400m loss Process failure

    UBS Rogue Trader


    Kweku Adoboli Unauthorized trading leads to over $2b loss Some Societe Generale control failures repeat

    JP Morgan Whale
    Bruno Iksil leads trading strategy that results in at least $2b loss

    Standard Chartered and others


    $340m AML fine

    Philippa Girling 2012 Reproduction only with Permission

    10

    Rules for Risk: A Model for Managing Operational Risk

    MANY IMPACTS
    Financial
    Direct & indirect

    Reputational
    Share value decline

    Client Regulatory & Legal Life Safety

    Philippa Girling 2012 Reproduction only with Permission

    11

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK CATEGORIES


    Internal Fraud
    Losses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/discrimination events, which involves at least one internal party.

    External Fraud
    Losses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/discrimination events, which involves at least one internal party.

    Philippa Girling 2012 Reproduction only with Permission

    12

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK CATEGORIES


    Internal Fraud External Fraud Employment Practices and Workplace Safety
    Losses arising from acts inconsistent with employment, health or safety laws or agreements, from payment of personal injury claims, or from diversity/discrimination events

    Philippa Girling 2012 Reproduction only with Permission

    13

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK CATEGORIES


    Internal Fraud External Fraud Employment Practices and Workplace Safety Clients, Products & Business Practices
    Losses arising from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements), or from the nature or design of a product.

    Philippa Girling 2012 Reproduction only with Permission

    14

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK CATEGORIES


    Internal Fraud External Fraud Employment Practices and Workplace Safety Clients, Products & Business Practices Execution, Delivery and Process Management
    Losses from failed transaction processing or process management, from relations with trade counterparties and vendors.

    Philippa Girling 2012 Reproduction only with Permission

    15

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK CATEGORIES


    Internal Fraud External Fraud Employment Practices and Workplace Safety Clients, Products & Business Practices Execution, Delivery and Process Management Business Disruption and System Failure
    Losses arising from disruption of business or system failures

    Philippa Girling 2012 Reproduction only with Permission

    16

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK CATEGORIES


    Internal Fraud External Fraud Employment Practices and Workplace Safety Clients, Products & Business Practices Execution, Delivery and Process Management Business Disruption and System Failure Damage to Physical Assets
    Losses arising from loss or damage to physical assets from natural disaster or other events.

    Philippa Girling 2012 Reproduction only with Permission

    17

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK CHALLENGE


    Definition
    The risk of loss resulting from inadequate or failed internal processes, people and systems or external events

    Similar to other risk types:


    Rigor should be applied to the management of operational risk. Failure to properly manage operational risk can result in a misstatement of an institutions risk profile and expose the institution to significant losses Regulatory requirement Business drivers

    Different to other risk types


    Typically not directly taken in return for an expected reward Exists in the natural course of corporate activity

    Philippa Girling 2012 Reproduction only with Permission

    18

    Rules for Risk: A Model for Managing Operational Risk

    RISK MANAGEMENT GOALS


    Identify Assess Control & Monitor Mitigate & Hold capital as protection

    Philippa Girling 2012 Reproduction only with Permission

    19

    Rules for Risk: A Model for Managing Operational Risk

    THESE TENETS AT THE OLYMPICS


    All seven categories of operational risk were present in the headlines:
    Olympic badminton players disqualified for trying to lose - Internal Fraud London Olympics Fake Tickets Create Honeypot for Criminals - External Fraud Empty seats at Olympic venues prompt investigation - Clients, Products and Business Practices Dispute Between London Olympics and Musicians Union Heats Up - Employment Practice and Workplace Safety NATB calls London Olympics ticket distribution a failure - Execution, Delivery and Process Management Olympic security shortfall called absolute chaos - Damage to Physical Assets London 2012: Traffic jams and impact of Games Lanes - Business Disruption and System Failure

    Identify, assess, control and mitigate


    Management use a common model to identify and assess the impact of risks to their business. For each risk, the likelihood and consequence are identified, management controls and the frequency of monitoring are confirmed and results reported.
    Annual Report of the The London Organising Committee of the Olympic Games and Paralympic Games Ltd (LOCOG) p33

    See blog at www.pxgassociates.com for details

    Philippa Girling 2012 Reproduction only with Permission

    20

    10

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK FRAMEWORK

    Philippa Girling 2012 Reproduction only with Permission

    Governance

    21

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK FRAMEWORK

    Governance

    Culture and Awareness

    Philippa Girling 2012 Reproduction only with Permission

    22

    11

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK FRAMEWORK

    Governance

    Policies and Procedures Culture and Awareness

    Philippa Girling 2012 Reproduction only with Permission

    23

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK FRAMEWORK

    Governance

    Internal Loss Data RCSA* External Loss Data

    Scenario Analysis

    Key Risk Indicators

    Policies and Procedures Culture and Awareness

    * Risk & Control Self Assessments

    Philippa Girling 2012 Reproduction only with Permission

    24

    12

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK FRAMEWORK


    Reporting Measurement and Modeling

    Governance

    Internal Loss Data RCSA* External Loss Data

    Scenario Analysis

    Key Risk Indicators

    Policies and Procedures Culture and Awareness

    * Risk & Control Self Assessments

    Philippa Girling 2012 Reproduction only with Permission

    25

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK FRAMEWORK


    Reporting Measurement and Modeling Risk appetite
    * Risk & Control Self Assessments

    Governance

    Internal Loss Data RCSA* External Loss Data

    Scenario Analysis

    Key Risk Indicators

    Policies and Procedures Culture and Awareness

    Philippa Girling 2012 Reproduction only with Permission

    26

    13

    Rules for Risk: A Model for Managing Operational Risk

    GOVERNANCE
    Who owns operational risk function?
    CRO, COO, CFO?

    What does operational risk function own?


    Business continuity? SOX? Information Security? New product approval? Supplier risk management? Business line operational risk managers?

    Philippa Girling 2012 Reproduction only with Permission

    27

    Rules for Risk: A Model for Managing Operational Risk

    CULTURE AND AWARENESS


    Be clear about the brand Market the benefits and expectations Train broadly Engage sponsors

    Philippa Girling 2012 Reproduction only with Permission

    28

    14

    Rules for Risk: A Model for Managing Operational Risk

    POLICIES AND PROCEDURES


    Regulatory expectation Engagement tool Best practice Audit tool Write:
    Operational risk policy
    Include standards, governance and monitoring and enforcement

    Loss data procures Assessment procedures Metric procedures Reporting procedures

    Philippa Girling 2012 Reproduction only with Permission

    29

    Rules for Risk: A Model for Managing Operational Risk

    LOSS DATA
    Internal loss data
    Set clear standards Provide training and tool Include regulatory and business requirements in design

    External loss data


    Tap available sources: Algo First, ORX, SAS

    Uses of loss data


    Identify risk areas and control weaknesses Agree mitigating actions and owners Prioritize risk reduction Provide information for RCSA and Scenario Analysis Identify potential metrics

    Philippa Girling 2012 Reproduction only with Permission

    30

    15

    Rules for Risk: A Model for Managing Operational Risk

    ASSESSMENT
    Risk and Control Self Assessment (RCSA)
    Workshop approaches Questionnaire approaches Scoring methods
    Score inherent and residual risk? Score control effectiveness (design and performance) Consider multiple impact categories

    Timing: annual, quarterly, continuous Attach metrics Tools available

    Philippa Girling 2012 Reproduction only with Permission

    31

    Rules for Risk: A Model for Managing Operational Risk

    SCENARIO ANALYSIS
    Process to identify rare catastrophic risks Uses:
    Input into capital calculation Engage business in very large operational risk discussion Identify key areas for risk mitigation

    Philippa Girling 2012 Reproduction only with Permission

    32

    16

    Rules for Risk: A Model for Managing Operational Risk

    METRICS AND KRIS


    Not everything that counts can be counted and not everything that can be counted, counts.
    Select metrics wisely Dont frisk the ant, while the elephant walks by

    Consider metrics after RCSA, attach to key risks and controls Define carefully Ensure clear ownership Quality check Use them as tools in the toolbox,

    Philippa Girling 2012 Reproduction only with Permission

    33

    Rules for Risk: A Model for Managing Operational Risk

    CAPITAL MODELING
    Basel II requirement that operational risk capital be held using an advanced measurement approach Include all four elements in capital model:
    Internal loss data External loss data Scenario analysis Business environment internal control factors

    Philippa Girling 2012 Reproduction only with Permission

    34

    17

    Rules for Risk: A Model for Managing Operational Risk

    REPORTING
    Never produce a so what report Provide risk analysis and require decisions Use reporting as escalation tool under governance structure Include:
    Relevant loss data trends and concerns (internal and external) Metrics analysis highlighting risk reduction or increases Assessment output and themes Progress on risk mitigating actions

    Design to suit the audience

    Philippa Girling 2012 Reproduction only with Permission

    35

    Rules for Risk: A Model for Managing Operational Risk

    RISK APPETITE
    Difficult to articulate Consider:
    Loss data limits Metrics thresholds Qualitative risk assessment scoring All impact types

    Philippa Girling 2012 Reproduction only with Permission

    36

    18

    Rules for Risk: A Model for Managing Operational Risk

    ENTERPRISE RISK MANAGEMENT


    Market

    ERM

    Reputational Geopolitical

    Philippa Girling 2012 Reproduction only with Permission

    37

    Rules for Risk: A Model for Managing Operational Risk

    OPERATIONAL RISK FRAMEWORK


    Reporting Measurement and Modeling Risk appetite
    * Risk & Control Self Assessments

    Governance

    Internal Loss Data RCSA* External Loss Data

    Scenario Analysis

    Key Risk Indicators

    Policies and Procedures Culture and Awareness

    Philippa Girling 2012 Reproduction only with Permission

    38

    19

    Rules for Risk: A Model for Managing Operational Risk

    Q&A
    Philippa Girling pxgirling@pxgassociates.com 973 460 2745

    Philippa Girling 2012 Reproduction only with Permission

    39

    Questions?
    To ask a question click on the question icon in the lower-right corner of your screen.

    OCTOBER 17, 2012

    20

    Thank you for joining us!


    This presentation was made possible by Zurich, a global leader in risk management services and insurance solutions. For more information about Zurichs portfolio of products and services, visit: www.zurichna.com

    Sponsored by NOVEMBER 14, 2012

    21

    You might also like