The chief risk officer (CRO) and risk management team have a clear mandate – to become more effective in managing risk and to add value by being more proactive to the overall risk approach. MetricStream CRO Gaurav Kapoor believes the risk management group should strive to address the growing needs of global organisations, and meet the expectations of investors and board members
MetricStream has observed five key risk management trends from its engagements with several large organisations that rely on the MetricStream solution for managing operational, compliance and enterprise-wide risk.
1. A federated approach to risk management
This is a move away from the siloed world where most business units and functions in a bank work independently, with little or no collaboration between them. The rapid changes to this operational model have a lot to do with the recent regulatory reforms. The complexities and the business challenges created by the regulations demand that different business functions be deeply integrated and collaborated in their approach to analysing aggregated data and taking collective decisions.
In the federated structure, the enterprise risk function is aligned centrally with corporate governance and reporting, as well as distributed to lines of business, facilitating ownership and accountability for risk.
2. Real-time risk intelligence for rapid insight into the risk process
Effective risk governance requires more well-structured risk information to reach the board and its risk committee. The two are actively seeking comprehensive and real-time risk intelligence, and information and analysis on key emerging risks – not only financial risks such as credit or market risk. The risk intelligence must provide comprehensive information, highlight the key risk trends and ensure that the risks taken are well within the defined limits. It must also provide more granular data to help institutions remain in competition, and to better price their products and services. All of this information needs to be provided in real time so that appropriate action can be taken on a timely basis.
3. Monitoring and managing emerging risks
Emerging risks, although systemic in nature, have such a significant impact on the organisation that they can no longer be ignored. Financial institutions have found such risks can be devastating if not proactively addressed.
To be better prepared, most financial organisations are building up their ability to monitor and detect key emerging risks as part of their overall risk management efforts. They are taking a fresh look at their risk management processes and allocation of resources to ensure emerging risks are effectively identified, assessed and managed from strategic planning all the way down to day-to-day processes at all levels of the organisation. Risk analytics and reporting are being further strengthened to provide insight and real-time intelligence on, emerging risk trends.
4. Organisational structure for clear accountability and increased transparency
Today’s environment calls for greater collaboration and stronger relationships between the risk committee and the business unit. This encourages the free flow of information between the two entities.
The organisation has to be structured in a way that facilitates accountability and does not limit it only to the risk committee. Business units also need to be aligned to derive maximum value out of the centralised committee, and to ensure there is clear accountability and increased transparency in the entire risk management process.
5. Upgrading risk infrastructure and technological advancement
Most financial institutions are upgrading their technology infrastructure to manage enterprise-wide risks. They are migrating from their legacy systems, point applications and paper-based procedures to a web-based, integrated enterprise risk management system. The technological advancement allows the CRO to streamline and strengthen the risk management function, delivering more strategic value while lowering the costs of operations. Expected benefits include better enterprise-wide visibility, a transparent and collaborative environment, and data-driven decision-making.
The solutions and tools available today provide a reliable means to monitor access controls, observe closed-loop processes, and analyse important data and key risks.
MetricStream is the market leader for enterprise governance risk and compliance solutions, with specific offerings for managing operational risk, enterprise risk, compliance risk, internal audit, regulatory examinations, loss incidents and risk metrics. The solution comes pre-packaged with embedded best practices and a content library.
Click here to view the article in PDF format.
More on Operational Risk
New systems and processes necessary to prevent illicit money flows
Due diligence should have raised investors’ suspicions
Firms could be prosecuted for failing to prevent economic crime
In 2013 SEC increased formal orders of investigations by 20%
Sign up for Risk.net email alerts
Oxford professor David Vines argues that the carrot is as important as the stick
Sponsored webinar: IBM
Watch highlights of this year's London conference
Operational risk and the challenges of defining and dealing with conduct risk
There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.