Op risk managers could be Covid long-haulers
New threats sprang from old sources in this year’s Top 10 op risks, belying a big drop in losses
New threats sprang from old sources in this year’s Top 10 op risks, belying a big drop in losses
Like many, operational risk managers were glad to see the back of 2020. Unlike most, their worries show few signs of easing. The giant sources of op risk engendered by the coronavirus – opportunistic cyber attacks, creative money laundering and vast new possibilities for internal fraud – aren't going anywhere, even as the world charts a course out of lockdown.
Among broad categories of concern, this year’s Top 10 Op Risks look superficially similar to previous years, with movement between them as expected: conduct and resilience risk have both risen up firms’ agendas, with more esoteric concerns like organisational change and talent risk dropping. Employee wellbeing was the sole new entry – both a welcome sign that managers are taking the human element seriously, and a worrying one that the scale of the problem is big enough to be top of mind.
Yet within each category, risk profiles have changed dramatically in ways that are difficult to predict and impossible to fully track. The threat of IT disruption remains the top collective concern, for instance, but conversations suggest that owes as much to insider threats from disgruntled employees – those on notice or paid leave who still have access to systems and controls, for instance, or sensitive data – as it does longstanding worries over outages and overloads.
And perhaps counterintuitively, the trend in op risk losses has been falling since the pandemic erupted, along with attendant capital numbers – 2020 marked a post-crisis low in both frequency and severity of losses, according to data from ORX News.
When might the increased array of threats firms face in the work-from-home era crystallise as loss events? That all depends. When modelling losses, firms tend to divide events between those stemming from conduct-related issues, and everything else. In part this is due to the difficulty of modelling the former, given it is skewed by infrequent, but catastrophically large losses.
But conduct losses are also a slow burn: fines for mis-selling, market manipulation and most forms of internal fraud take a long time to come to light, then hang around like a yoke on the neck for far longer – perhaps forever, in reputational terms.
“When we model, we assume that most conduct losses will show a three-to-five-year lag – whereas normal, transaction-style losses will appear within a one-year window. One year into Covid, we've not seen any transaction losses of any real note – so I don’t know whether we will now. But who knows what conduct looks like,” says the head of op risk capital at one European bank.
Covid has also exposed the limitations of point-in-time year-ahead forecasts, including Risk.net's Top 10 Op Risks survey. Few risk managers reported pandemic risk among their top concerns last year – one honest bank admitted to having drawn up a pandemic scenario, before dismissing it as unrealistic. It last appeared in 2013’s Top 10, in the wake of the Asian swine flu epidemic.
So, Risk.net is considering ways to shake up the format of the Top 10 Op Risks going forward, to try and make it more dynamic and informative for readers. What might that look like? A quarterly poll, to see how the main areas of concern for op risks managers evolve over the course of a year? A more granular survey that provides a detailed breakdown of perceived threats? Or a free-form exercise designed to identify emerging risks?
Let us know your thoughts: send suggestions to Tom.Osborn [at] Risk.net.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
More on Our take
Quants are using language models to map what causes what
GPT-4 does a surprisingly good job of separating causation from correlation
China stock sell-off will test securities firms’ risk managers
Regulatory measures to support stock market could add to risks facing securities sector
Why some UK pensions might choose to run on
Buyouts are booming but trustees are thinking about alternatives, too
Choppy inflation may be the worst inflation
Investors can build strategies to suit fast-rising prices, or slow-rising prices. What trips them up is the inflation foxtrot: slow, slow, quick, quick, slow
A dynamic margin model takes shape
New paper shows how creditworthiness and concentrations can be reflected into margin requirements
Why ‘Derivatives’ became ‘Markets’
The derivatives markets have changed drastically over the past decade. So has Risk.net’s coverage
Uncertain rates outlook poses challenge for corporate FX hedgers
Hedging programmes may need a revamp as EM/G10 rates differentials narrow
Europe’s half-baked benchmark switch leaves some dissatisfied
Users frustrated by narrow scope of euro transition, but replacing Euribor was never a euro group objective
Most read
- Quants are using language models to map what causes what
- Reluctantly, CME moves to clear US Treasuries
- The bank quant who wants to stop gen AI hallucinating