Some of this attention is due to the capital calculation and asset segregation requirements under Basel and related country requirements, but strong operational risk management programs and management information systems identify inherent business risks earlier and protect business reputation. Specific “operational” events at the level of those occurring at Société Générale, Barings, or UBS are not the only reputational threats. Loss of data, employee-related litigation, poor client complaint handling and smaller activities also draw negative attention.
Operational risk management, because of its breadth of subject matter and complexity of interrelationships across subjects, poses a significant challenge. It is difficult to anticipate and manage risks, including potential failures in people, processes or technology; internal control failures; and fraud or unethical behavior. It is also difficult to balance having sufficient capital buffers to absorb the financial impact of adverse events without tying up capital unnecessarily.
Promontory is well-positioned to work with clients in this complex, multifaceted area. The diversity of our experience means we bring together hands-on industry experience in managing business operations with deep regulatory expertise in supervising firms from operational risk and capital perspectives. We offer our clients lessons learned from our past experiences and our knowledge of current market best practices.
Promontory has advised numerous clients, at the board of directors level and below, across the full spectrum of operational risk management and measurement issues, including:
- Designing and implementing effective integrated operational risk management programs
- Evaluating operational risk management frameworks, including risk definitions, risk appetite, policies and procedures, loss event capture, and reporting;
- Performing deep functional assessments and evaluating people, processes and technology, including leveraging our Data Protection/Information Security Group capabilities
- Advising on risk modeling, stress testing, reverse stress testing, and other components of capital calculations
- Providing innovative ideas on improving clients’ identification of and preparedness for emerging risks
Most important, Promontory works with client boards of directors to address issues at the core of operational risk management programs - corporate governance and corporate culture. These need to be supported by strong operational risk leadership and ongoing education and awareness programs, which Promontory delivers.