Operational Risk

Risk produced by processes, people, systems or events

Since its initial recognition in the Basel II framework of 2004, the importance of Operational Risk (OR) has grown as a result of the financial crisis and other upheavals.  This development is illustrated within the timeline of guidelines published by the Basel Committee of Banking Supervision (BCBS), the European Banking Authority (EBA) and various national authorities.

The challenge that OR poses to financial institutions derives from the fact that supervisory requirements have to be adequately realised. At the same time they have to be integrated into existing processes and systems to create a consistent risk management framework. The establishment of an appropriate risk culture underpins all of this.

Our Approach

We support our clients through every stage from design and development through to the implementation or optimisation of the OR management framework:

  • Comprehensive enterprise-wide identification of OR on the basis of a risk inventory/map
  • Selection, analysis and implementation of appropriate risk indicators
  • Creation of and support within self-assessment/scenario analyses
  • Establishment of an internal loss database and its integration into the operational procedure (centralised/decentralised OR organisational)
  • Development and validation of OR quantification models
  • Designing recipient-oriented management reports
  • Designing OR stress tests
  • Development of an integrated risk management approach to encompass different areas (OR, Business Continuity Management (BCM), Compliance and IT Risk Management)

Our experience

  • Design, development and implementation of comprehensive OR frameworks for various German banks (self-assessment/scenario analyses, loss database, risk indicators).
  • Creation and implementation of an Advanced Measurement Approach (AMA) for OR at several German banks
  • Several OR model validations in pillar I and pillar II
  • Validation of an OR quantification model for a large insurance company
  • Design and application of an Integrated Risk Management system for various institutions in Germany (method integration of OR, BCM, Compliance and IT Risk Management)
  • Implementation of OR into an enterprise risk management system for a large Swiss bank
  • Merging of an internal control system (ICS) with OR for a private bank
  • Several OR gap analyses for status quo Identification at German banks