Home > Expertise > Risk Management

Operational Risk Management

Representative Engagements

The global financial crisis underscores the significant improvements required of firms’ risk management capabilities and structures. While credit and market risk have been the focus of public attention, operational risk management programs have received the attention of business leaders.

 


Some of this attention is due to the capital calculation and asset segregation requirements under Basel and related country requirements, but strong operational risk management programs and management information systems identify inherent business risks earlier and protect business reputation. Specific “operational” events at the level of those occurring at Société Générale, Barings, or UBS are not the only reputational threats.  Loss of data, employee-related litigation, poor client complaint handling and smaller activities also draw negative attention.

Operational risk management, because of its breadth of subject matter and complexity of interrelationships across subjects, poses a significant challenge. It is difficult to anticipate and manage risks, including potential failures in people, processes or technology; internal control failures; and fraud or unethical behavior.  It is also difficult to balance having sufficient capital buffers to absorb the financial impact of adverse events without tying up capital unnecessarily.

Promontory is well-positioned to work with clients in this complex, multifaceted area.  The diversity of our experience means we bring together hands-on industry experience in managing business operations with deep regulatory expertise in supervising firms from  operational risk and capital perspectives.  We offer our clients lessons learned from our past experiences and our knowledge of current market best practices.

Promontory has advised numerous clients, at the board of directors level and below, across the full spectrum of operational risk management and measurement issues, including:

  • Designing and implementing effective integrated operational risk management programs
  • Evaluating operational risk management frameworks, including risk definitions, risk appetite, policies and procedures, loss event capture, and reporting;
  • Performing deep functional assessments and evaluating people, processes and technology, including leveraging our Data Protection/Information Security Group capabilities
  • Advising on risk modeling, stress testing, reverse stress testing, and other components of capital calculations
  • Providing innovative ideas on improving clients’ identification of and preparedness for emerging risks

Most important, Promontory works with client boards of directors to address issues at the core of operational risk management programs - corporate governance and corporate culture. These need to be supported by strong operational risk leadership and ongoing education and awareness programs, which Promontory delivers.

Representative Engagements

  • Performed a comprehensive review of the overall risk management framework and a deep dive into the operational risk component of a UK asset manager. The review included an assessment of and development of recommendations for, OR definition, review of risks by functional department, development of an improved risk register, improvement in control and mitigant identification, and a redesign of the Board and Exco management information pack. 
  •  Provided market knowledge and insights for a global retail bank that was seeking ways to develop a strong sense of risk awareness and a culture of escalation across the enterprise and within infrastructure groups.