institute of operational risk (ior) scottish chapter 1 ... · mbbg. what is this data? what is it...
TRANSCRIPT
© The Institute of Operational Risk
Institute of Operational Risk(IOR)
Scottish Chapter1st Annual Conference
28th October 2011in conjunction with Glasgow Caledonian
University(GCU)
www.IOR-Institute.org
1. Why this area of Interest
2. How the Study Developed
3. What the Study Involved
4. Outcomes of the Study
5. New Considerations
6. Feedback
1. Why this area of Interest
2. How the Study Developed
3. What the Study Involved
4. Outcomes of the Study
5. New Considerations
6. Feedback
Operational Risk New Title, Old Phenomena
Credit
Operational
Market
'The risk of direct or indirect loss resulting from inadequate or failed internal processes, people and systems or from external events’
Basel II and the Three Pillars
BASEL IIPILLAR 1 PILLAR 2 PILLAR 3
CAPITAL REQUIREMENTS
SUPERVISORY REVIEW PROCESS
MARKET DISCIPLINE VIA DISCLOSURE
CREDIT RISK
MARKET RISK
OPERATIONAL RISK
1. Why this area of Interest
2. How the Study Developed
3. What the Study Involved
4. Outcomes of the Study
5. New Considerations
6. Feedback
OPERATIONAL RISK
Basic Indicator Approach
Standardised Approach
Advanced Measurement Approach
Internal MeasurementApproach
Loss DistributionApproach
ScorecardApproach
Research AimTo conduct a critical analysis of internal loss data collection within a
MBBG
What is this Data? What is it used for?
The collation of internal risk event data through risk event reporting and consideration of external loss data; (HBOS, 2008)
The data is used to enhance the adequacy and effectiveness of controls, identify opportunities to prevent or reduce the impact of recurrence, identify emerging themes, enable formal loss event reporting and inform risk and control assessments and scenario analysis (RBS, 2010)
1. Why this area of Interest
2. How the Study Developed
3. What the Study Involved
4. Outcomes of the Study
5. New Considerations
6. Feedback
Data Collection and Participation
Aim: To conduct a critical analysis of internal loss data collection within a UK financial institution
• Non-Probability Judgement Sample
• 15 Semi-Structured Interviews & 3 focus groups
• Retail Markets Orientation
Methodological Considerations
Group5 Participants
Divisional5 Participants
Business5 Participants
Policy Developed
Policy Implemented
Explicit Business Operations Knowledge
Implicit Business Operations Knowledge
BOARD
RISKOVERSIGHT
Eg: Risk, compliance, legal, health & safety, IT, security, etc.
RISK OWNERS
Business Operations
RISK ASSURANCE
Internal & external audit
Risk Committee Audit Committee
Three Lines of Defence: Research Sample
The three lines of defence model gives assurance that the standards in Group Policy Framework are being adhered to. (RBS, 2010)
1. Why this area of Interest
2. How the Study Developed
3. What the Study Involved
4. Outcomes of the Study
5. New Considerations
6. Feedback
Results and Discussion
• ORM as a ‘Value adding Function’
• Best Practice -‘Being able to know what went wrong and how much this has cost can help future understanding’
• Bottom -Up Approach – ‘Streamlined and a function of business as usual’
• Data Cleansing
– Data Integrity and Validity
• Engagement of the ORM function externally
– CPD & Learning – ‘marketing would have taken the loss out of their budget’
1. Why this area of Interest
2. How the Study Developed
3. What the Study Involved
4. Outcomes of the Study
5. New Considerations
6. Feedback
Risk Reporting & Escalation within the Call Centre Environment - Cognitive Risk Assessment
‘The ongoing monitoring and reporting of Operational Risk is a keycomponent of an effective Operational Risk Framework. Reports are used by the Operational Risk
function and by business management to understand, monitor, manage and control operational risks and losses.’
(Barclays, Pillar 3 Disclosure, 2010)
A cross-comparison of operational risk reporting behaviour and policy dissemination in the UK financial services environment.
The aim of this research is to investigate the operational risk reporting behaviour of call centres in the selling of financial products
• To analyse the development and dissemination of operational risk policy in the financial services industry
• To determine the main drivers and catalysts of operational risk reporting behaviour in call centres
• To determine whether antecedent factors have a role in the dissemination and application of operational risk policy i.e. staff turnover
Study Sample
All Call centre Operatives
All Call centre managers/supervisors
All Operational Risk Managers with Call Centre Oversight
Behavioural Intention as a Proxy for Risk Culture
ATT = AttitudeSN = Subjective NormPBC = Perceived Behavioural ControlBI = Behavioural IntentionB = Behaviour
BISN
PBC
B
ATT
Staff Training
Effort
Planning
Uncertainty
What does all this mean?
1. Empowerment of Staff – Is it worthwhile/effective?
2. Process Driven Environment – How prevalent is ‘people risk’ here?
3. Benchmarking Proxy – Is it reflected Geographically/Strategically?
» How well is policy disseminated?
» How do our lines of defence perceive the constructs?
4. Is our escalation procedure effective at the operations level? “The Bank Group has adopted a formal approach to operational risk event escalation. This involves the identification of an event, an assessment of the materiality of the event in accordance with a risk event impact matrix and appropriate escalation” (Lloyds, 2010)
5. Can we determine a measurable proxy for risk culture?
6. Can we test that proxy relatively across other business lines?