He cited internal and external data volumes and inconsistencies between institutions in their op risk definitions as the primary challenges. “Op risk is such a broad issue that there is hardly a common definition available yet,” he said.
According to Kühborth, the issue of what to do with an op risk database once it has been established plays a major role in effective op risk management. The answer, he said, is proactive risk management. “Banks must use the collected data and resulting measures for risk reporting, management reporting, internal capital allocation and risk analysis,” said Kühborth. “Institutions that do not fully integrate an internal measurement methodology into their day-to-day activities and major business decisions cannot qualify for this approach,” he added.