Saturday, December 31, 2011
There are several approaches to achieve this result.
* Approach the process: it is made from the process mapping an inventory of the various operational risks associated with tasks that make up these processes. For this, an analysis is required on the inputs, the transformation process and outputs delivered to the end of each process.
* Approach the interview operational: this process allows questionnaires from pre-established list the operational risks identified by the business as those who actually or potentially affect their operations.
Whatever the approach used to identify risks, it should be complemented by a comparison with a benchmark sector wise operational risk.
The result of this work should be formalized in a holder who submits a mapping type of process risks.
The risk assessment
From the operational risks established, it should conduct an assessment of risks. For this, a definition of criteria for risk assessment should be performed to objectify the evaluation process.
Observation of practices established in this field identifies the following criteria:
* Severity: is the maximum impact of the exposure or potential exposure to risk situations. This is the concept of gross exposure.
* Detection / Management: This is the company's ability to identify and respond to risk events. This is the concept of risk management device.
* Occurrence: This is the probability of occurrence of risk situations. This is the concept of frequency of events. To determine this probability should identify incidents occurring over the period and form the basis of historical intervene in the decision process.
In summary, the assessment of operational risk should be against these criteria, completed the evaluation of residual risk for the net risk.
This evaluation process of operational risk should be integrated as a milestone and indispensable in the process of establishment of the life cycle of projects and products.
Sunday, December 25, 2011
Despite the strengthening of regulations on risk management in recent years, the banking sector could not avoid. Subprime crisis, which by contagion has affected the rest of the economy, has highlighted the fragility of the various devices to control risks in force in the financial institutions, rating agencies and supervisors of financial markets. This weakness was also reflected in internal fraud which cost Society General 4.9 billion Euros.
It follows from these two major events the observation that the advent and implementation of new regulations do not allow companies to be fully exempt from risk factors to the origin of these losses. Indeed, recent actions by U.S. authorities to strengthen the financial sector by extending the powers of the Federal Reserve Bank and the European ideas and initiatives can only be effective if the various players take full ownership of their system risk management.
Appropriating the device operational risk management is putting in place a structured approach marked by a number of essential steps which include:
This is to define a framework that sets out the principles and rules of the potential risks have been shown to affect the company (benchmarks, risk governance committee ...). Indeed, the different activities and policies initiated by the company to expose operational risks can generate losses. These risks can be understood only with the establishment of a true corporate culture. The policy of operational risk management is the first step of this investment after the definition of its risk profile. It must be in perfect harmony with the various regulations, including Basel II, which involves the establishment of a regulatory monitoring for a regular update of this policy.
Finally the definition of a policy of operational risk management must be built in the same priority as commercial actions to prevent deterioration in the performance of the company.