Against the backdrop of well-publicized instances of fraud, wider systematic risks and compliance changes post-crisis, it is certain that there will be more stringent reporting requirements. In addition, regulators will become more prescriptive with management involvement in monitoring ongoing operations, as opposed to solely periodic reporting. Financial institutions have been spurred into appreciating the benefits arising from operational risk as the framework by which all other risks can be managed.
A successful operational risk management (ORM) strategy can help organizations meet the challenges posed by emerging technologies. It does so by providing a framework for managers to consider how risk exposures are changing, determine the amount of risk they are willing to accept and ensure they have the appropriate risk limiters in place.
For financial institutions specifically, there will be a shift in focus from purely short term profitability to demonstrating ongoing stability, by showing how both today’s and tomorrow’s requirements are being met through extensive scenario testing and modeling.
Those firms that have taken a strategic approach to risk, whether through existing awareness, or learning through the process of implementing an operational risk framework, have found that there has been an inevitable convergence of the traditionally separate roles of risk, operations, and IT.
Operational risk needs to be a part of the overall management of each business function, as opposed to a separate stand-alone reporting entity. Gone are the days where purchasing decisions were submitted by the risk department, and then the implementation handed to IT for final delivery to operations. In order to embed operational risk in the day to day actions of everyone involved in processes, there must be a blurring of the separation between operational risk and operations staff.
Risk has moved to the center of business strategies. The advantages in risk-based pricing and performance management are recognized not only by their own benefit, but for their overall contribution to the ongoing growth and stability of the bank. Long term shareholder value is created and maintained by the ability to accurately price risk into products and activities, as well as enabling the most efficient use of capital. Fundamentally, the view of risk and compliance as a purely harm minimization strategy is being superseded by the potential business creation capabilities that arise from best-in-class risk management solutions.
In response to shrinking margins, business process efficiencies will come to the fore as firms seek the per-unit cost reductions available through streamlined processes and industrializing scale. Meanwhile, responding to any changes in regulatory regimes will be an opportunity for far-sighted companies to take a fresh look at both risk management and operational process. There will be opportunities to evaluate and streamline the means by which data is captured and the rules by which it is governed. Enhanced monitoring and reporting capabilities which can be leveraged for operations management will enable further refinements, such as risk-based performance management.