
The advancing tide of rationalisation

I spent a week in New York at the beginning of December, and I heard the dreaded 'R' word fall from the lips of op risk executives, technology vendors and consultants alike. Essentially, firms have woken up to the fact that they have put in place processes that overlap and are producing colossal levels of frustration at the business unit level. One op risk executive confessed to me that an analysis of the various regulatory 'information gathering' activities that take place at his bank every year has produced a shocking nine rounds of self-assessments that some business lines had to complete.
Now that's a lot of red tape. The overlap stems from self-assessment-type procedures that audit, operational risk, the SOX team, the compliance department and others are following within firms. Some firms are trying to better co-ordinate these various self-assessment programmes units, while others are creating distinct self-assessment units that are taking charge of the self-assessment programmes. Still other firms are putting one existing unit – such as operational risk – in charge of co-ordinating self-assessments across firms.
Indeed, one common theme was that there didn't seem to be a common theme as to how firms were implementing this rationalisation. The plan seemed to be dictated by internal politics, human resources and regulatory drivers at individual firms. There were as many combinations of rationalisation ingredients as there are personal ways to assemble fajitas.
But one trend seemed to stand out – that the role of the operational risk department as a result of this rationalisation process is growing. Firms are keen to make their compliance departments more 'risk-based' in response to regulatory demands, and to change their approach from one that is focused on ticking boxes to one that understands the challenges their business units face.
This is very exciting, and it is a theme that we will be touching on in our upcoming OpRisk Europe and OpRisk USA conferences. Operational risk executives should seek to outline the tone of the debate within their firms when it comes to these changes, and demonstrate that all of the hard work done over the past several years has created a 'ready-made' risk-based framework to deal with issues as varied as money-laundering prevention, internal fraud, processing errors and terrorist attacks.
I expect that 2007 will be a year of dynamic change for both operational risk and compliance executives, and I also believe that at the end of this year, many firms will be in a far stronger, risk-based place.
Have a good month!
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
More on Operational risk
Investment banks: the future of risk control
This Risk.net survey report explores the current state of risk controls in investment banks, the challenges of effective engagement across the three lines of defence, and the opportunity to develop a more dynamic approach to first-line risk control
Op risk outlook 2022: the legal perspective
Christoph Kurth, partner of the global financial institutions leadership team at Baker McKenzie, discusses the key themes emerging from Risk.net’s Top 10 op risks 2022 survey and how financial firms can better manage and mitigate the impact of…
Emerging trends in op risk
Karen Man, partner and member of the global financial institutions leadership team at Baker McKenzie, discusses emerging op risks in the wake of the Covid‑19 pandemic, a rise in cyber attacks, concerns around conduct and culture, and the complexities of…
Moving targets: the new rules of conduct risk
How are capital markets firms adapting their approaches to monitoring and managing conduct risk following the Covid‑19 pandemic? In a Risk.net webinar in association with NICE Actimize, the panel discusses changing regulatory requirements, the essentials…
Building resilience into ESG risk management
Risk and resilience continue to play an important role in the navigation of an increasingly uncertain world. Fusion Risk Management explores why it is equally crucial for technology to support organisations in addressing pertinent environmental, social…
Operational resilience: charting evolution, strengthening impact
Arming a business in preparation for robust operational resilience measures is not a one-step solution – it continues to evolve. The key to strengthening defences against all events – especially the unlikely but plausible – is to build business agility…
Operational resilience – Driving excellence and effective measurement in financial services
This webinar explores how to build resilience across an organisation, discussing actions and measures companies are currently taking to become more agile, adaptable and able to future-proof their business growth
Unlocking the potential of a firm-wide and systematic approach to operational resilience
This webinar explores best practices in response to regulatory policy and supervisory guidance, offering practical approaches to achieve a mature and robust operational resilience programme