Risk governance
368
capital requirements attached to my assets?’ and ‘Can I afford to keep that amount 
of (non-productive) capital in reserve, or do I need to purchase insurance and to 
what value or limit of indemnity?’
It is generally accepted that operational risk concerns need to be integral to the 
management of a financial institution. It is often the case that management trainees 
within financial institutions spend some time in the risk management function, as 
they progress with their career in the general management side of the business. It is 
the intention that this involvement with risk management will create greater awareness 
before the individual progresses into other roles.
The measurement of operational risk in financial institutions is still proving to
be a challenge, especially during the global financial crisis, which has showed
that the extent of operational risk exposure was greater than most banks believed. 
Certain financial institutions are seeking to adopt risk management standards,
such as ISO 31000, the IRM standard and the COSO framework. Basel II does not 
prescribe or require any particular framework for use with operational risk manage-
ment, except that the adopted framework is conceptually sound and pays high regard 
to integrity issues.
There are other tensions that exist with the development of operational risk 
within financial institutions. In many cases, the quantification of operational risk is 
seen as a compliance requirement rather than a business opportunity. Given that the 
quantification of operational risk can be quite technical, there may be a tendency for 
management within an organization to feel that it is the role of the operational risk 
manager to take responsibility for this work.
The responsibility for the management of risk and the implementation of controls 
usually rests with the line managers. If this responsibility is not accepted, there is a 
danger that operational risk management will not be fully integrated into manage-
ment of the financial institution, with disastrous consequences.
Calculation of operational risk exposure is a requirement of Basel II, and financial 
institutions therefore have to undertake this work. Financial institutions are driven 
by increasing regulatory demands and other corporate governance pressures. Raising 
the level of operational risk awareness by quantifying the level of risk and explaining 
the full significance of risk management to relevant members of staff should be to the 
benefit of the organization. This increased awareness will enable the organization to 
identify the sources of operational risk and take appropriate cost-effective actions to 
optimize the level of operational risk exposure.
The US-based Risk and Insurance Managers Society (RIMS) has undertaken an 
evaluation of the causes of the global financial crisis. This evaluation considered the 
contri bution that could have been made by enterprise risk management (ERM) and 
the reasons for the failure in the application of ERM tools and techniques. RIMS
concluded that the global financial crisis was not a failure of ERM, but was caused 
by the following failures:
●
●
There was an over-reliance on the use of financial models, with the mistaken 
assumption that the ‘risk quantifications’ (used as predictions) based solely on 
financial modelling were both reliable and sufficient tools to justify decisions 
to take risk in the pursuit of profit.

Download 3.45 Mb.

Do'stlaringiz bilan baham: