RSS Feed
By M. Isi Eromosele
In today’s market, most financial services firms have a
Chief Risk Officer or even more specifically a Head of Operational Risk. Few
would argue that these roles exist as a means to solely satisfy regulators.
These roles are critical to protecting a firm’s earnings and
reputation. In addition, many have found that having a solid operational risk
strategy can deliver significant additional benefits.
Despite the importance of these roles, the day to day
responsibility for operational risk does not lie with the CRO or Head of
Operational Risk. These individuals are primarily responsible for promoting
proper management of and measurement of the amount of operational risk across
the organization. It is a firm’s Business Managers who control the resources
that control operational risk.
Unfortunately, not enough Business Managers engage in formal
operational risk strategies. As a result many firms face unnecessary threats to
the successful achievement of their financial objectives.
This needs to be addressed. Today, global financial
institutions face pressure to continuously tackle mounting regulatory change
and growing market scrutiny while striving to increase customer confidence,
drive competitive advantage, and optimize stakeholder value.
The Role of a Business Manager for Operational Risk
Business Managers play the most critical role in promoting a
controlled risk culture. As a manager, they have an obligation to ensure that
you and your staff are conducting business efficiently, honestly and fairly.
If your Business Manager does not keep this obligation,
regulators can impose sanctions on the firm and individual staff members who have
violated these requirements. Hefty damages, lost jobs and irreparable damage to
the firm’s reputation may follow if you do not constantly pursue effective
leadership and supervision.
Operational risk needs to be a priority in the management
agenda. Business Managers have specific responsibilities that they must carry
out in order to meet regulatory and fiduciary requirements.
A good operational risk methodology and management structure
will promote appropriate behavior.
It is also important to understand that a management
structure will need to complement the firm’s overall operational risk
methodology. A good operational risk methodology should be collaboration
between Operational Risk Managers and Business Managers to achieve
well-considered risk assessments.
These assessments should be based on thorough research into
all the risks which exist in each business unit, looking at the potential for a
loss on a near term basis as well as a worst case basis.
This will also vary by organization as some may feel a more
control based approach works for them, whilst others may believe examining
risks and controls along processes is more in keeping with the way they
consider things. This methodology will also likely include the usual
questionnaires, scorecards, causal factors, etc.
How to Identify And Avoid Management Failure
Identifying and avoiding the potentially negative
consequences of management failure or more importantly being a successful
Business Manager takes a great deal of effort. One can considerably improve the
chance of success by regularly reviewing the current management data and its
structure and being knowledgeable about some of the common mistakes business
managers make.
On a regular basis, Business Managers should examine and
review their current management systems and execution, identify areas for
improvement and make the necessary changes.
Critical to this review is the availability of timely,
complete and reliable related data. Where in most cases the Risk Management
team takes on responsibility for organizing, collecting and maintaining this
data, it is the Business Managers who can extract real value from it.
Business Managers should be taking the lead in using this
data to reduce losses by strengthening controls where necessary, perhaps
stream-lining some processes after examination and consultation with internal
audit.
More controls are not always the solution; simplifying
processes can improve controls too in certain situations. In this activity, the
Operational Risk Manager will prove an invaluable partner by doing nearly all
the work leaving the Business Manager to do what they do best and that is make
decisions based on recommendations.
There is usually a lot of data to be collected and kept up
to date. In addition, this data needs to be analyzed and regularly reviewed. To
maximize the benefits of this analysis, most mature financial firms should
endeavor to rely on a unified computer system that gives flexibility to a
manager to manipulate and analyze varied selections of related information.
This is very difficult to do when risk managers keep
different Governance, Risk and Compliance information in spreadsheets or in
different systems that were designed at different times with different
architectures. This fragmented approach often produces data barriers across
business units and leads to inefficient and costly maintenance and operations.
Firms that are able to readily access and use critical data
across traditionally disparate business unit silos, will be able to increase
their data integrity while more effectively quantifying, analyzing and
measuring the effectiveness of their Governance, Risk and Compliance
initiatives.
Having all this information in one, unified system that
allows busy Business Managers to quickly see all the different types of risks
and the state of controls in that part of the organization for which they are
responsible enables them to make good decisions about whether changes are
required.
M. Isi Eromosele is
the President | Chief Executive Officer | Executive Creative Director of Oseme
Group - Oseme Creative | Oseme Consulting | Oseme Finance
Copyright Control ©
2012 Oseme Group
0 comments:
Post a Comment