This includes the effectiveness and efficiency of their control environment to facilitate informed decision making, achieve strategic goals and meet the rising expectations of both internal and external stakeholders, such as regulators, investors and consumers.
Operational Risk is described by the Basel Committee on Banking Supervision as:
"the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. As such, operational risk captures business continuity plans, environmental risk, crisis management, process systems and operations risk, people related risks and health and safety, and information technology risks."
PwC brings together experience across all operational risk management components to help you take the best of efficient Operational Risk Management.
The success of Operational Risk Management is realised through the full implementation of an Operational Risk Framework tailored around five elements:
Appropriate governance is essential for effective and adaptable operational risk management. It is even more important for the people who are responsible for ownership of the ORM programme who will be unable to make a positive impact without a robust governance structure.
Is your risk culture where it should be?
To stay out of the headlines, companies should identify, monitor, and manage their risk culture.
Policies and procedures represent a vital "playbook" that aligns an organisation’s strategy and overarching policies to its operations, risk management and compliance responsibilities. At a time of continuous transformation and regulation, policies and procedures are even more important in a world requiring more transparency over their counterparties.
Internal and external events (gain or loss) are one of the most important components of the ORM framework as they are objective and related to actual events. With a regular data approach, this could lead to insights on how to prevent further risks.
Identify and map risks and mitigating controls to processes and procedures, and facilitate a Risk & Control Self-Assessment process. Identify operational or compliance risks where additional controls are required.
The current COVID-19 situation made concrete the exercise of stress test and business continuity.
KRIs are an essential part of the ORM framework to make both efficient and effective. However, most KRIs are either not complete or not covering the risks of the company.
Compiling all risk data (i.e. internal and external gain / loss data, RCSA, Scenario Analysis, KRIs) is a challenge. Taking the right decisions based on them is another.
The risks are better tackled when they are distributed within the company, and especially to key stakeholders who must receive adequate supporting information.
Organisation usually have multiple disconnected systems and often use Excel or Word documents to support their operational risk management day to day activities.
A tool can help streamline risk management processes, enhance operational risk incident management, ease data interpretation and reporting.
PwC's subject matter experts can provide you with a multilayer dedicated training curriculum to address the various aspects of the Operational Risk Management framework, specifically targeted to your company and your various teams (e.g. Front Office, Risk Management, Internal Audit, etc.).
Internal Audit Leader, Partner, PwC Luxembourg
Tel: +352 49 48 48 4226
Risk & Regulatory Partner, PwC Luxembourg
Tel: +352 49 48 48 2874