1 Rules for Risk: A Model for Managing Operational Risks Featuring operational risk expert Philippa Girling, former head of operational risk at Morgan Stanley and Nomura NOVEMBER 14, 2012 Sponsored by Questions? OCTOBER 17, 2012 To ask a question … click on the “question icon” in the lower-right corner of your screen.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1
Rules for Risk: A Model for Managing Operational Risks
Featuring operational risk expert Philippa Girling, former head of operational risk at Morgan Stanley and Nomura
NOVEMBER 14, 2012Sponsored by
Questions?
OCTOBER 17, 2012
To ask a question … click on the “question icon” in the lower-right corner of your screen.
2
Follow the Conversation on Twitter
Use #HBRwebinar
@HBRExchange
Rules for Risk: A Model for Managing Operational Risks
Featuring operational risk expert Philippa Girling, former head of operational risk at Morgan Stanley and Nomura
NOVEMBER 14, 2012
3
Today’s Speaker
Philippa GirlingOperational Risk Expert
Rules for Risk: A Model for Managing Operational Risks
NOVEMBER 14, 2012
Philippa Girling, Esq., FRM,November 14th, 2012
RULES FOR RISK: A MODEL FOR MANAGING OPERATIONAL RISKS
6
4
Rules for Risk: A Model for Managing Operational Risk
People: Nervous athletes, opinionated officials, aggressive press, terrorists, disgruntled Londoners, (missing) security guards, confused volunteers, crazed fans, lost children, Heads of State, visiting dignitaries and the list goes on
Processes and systems:Stadium building and preparation, ticket sales, transportation, opening ceremonies, closing ceremonies, Olympic village management, cleaning, feeding, running races, organizing matches, safety checks of the parallel bars, awarding medals, playing anthems, global broadcasting, keeping that darned flame alight and the list goes on.
External Events:Two words – London Weather.
9
Rules for Risk: A Model for Managing Operational Risk
Internal FraudLosses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/discrimination events, which involves at least one internal party.
External Fraud Losses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/discrimination events, which involves at least one internal party.
12
7
Rules for Risk: A Model for Managing Operational Risk
Employment Practices and Workplace Safety Losses arising from acts inconsistent with employment, health or safety laws or agreements, from payment of personal injury claims, or from diversity/discrimination events
13
Rules for Risk: A Model for Managing Operational Risk
Clients, Products & Business Practices Losses arising from an unintentional or negligent failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements), or from the nature or design of a product.
14
8
Rules for Risk: A Model for Managing Operational Risk
Execution, Delivery and Process ManagementLosses from failed transaction processing or process management, from relations with trade counterparties and vendors.
15
Rules for Risk: A Model for Managing Operational Risk
Definition“The risk of loss resulting from inadequate or failed internal processes, people and systems or external events”
Similar to other risk types:Rigor should be applied to the management of operational risk.
Failure to properly manage operational risk can result in a misstatement of an institution’s risk profile and expose the institution to significant losses
Regulatory requirement
Business drivers
Different to other risk typesTypically not directly taken in return for an expected reward
Exists in the natural course of corporate activity
18
10
Rules for Risk: A Model for Managing Operational Risk
All seven categories of operational risk were present in the headlines:Olympic badminton players disqualified for trying to lose - Internal FraudLondon Olympics Fake Tickets Create ‘Honeypot’ for Criminals - External Fraud Empty seats at Olympic venues prompt investigation - Clients, Products and Business PracticesDispute Between London Olympics and Musicians Union Heats Up - Employment Practice and Workplace SafetyNATB calls London Olympics ticket distribution a failure - Execution, Delivery and Process ManagementOlympic security shortfall called “absolute chaos” - Damage to Physical AssetsLondon 2012: Traffic jams and impact of Games Lanes - Business Disruption and System Failure
Identify, assess, control and mitigateManagement use a common model to identify and assess the impact of risks to their business. For each risk, the likelihood and consequence are identified, management controls and the frequency of monitoring are confirmed and results reported.
Annual Report of the The London Organising Committee of the Olympic Games and Paralympic Games Ltd (LOCOG) p33
20
See blog at www.pxgassociates.com for details
11
Rules for Risk: A Model for Managing Operational Risk
Internal loss dataSet clear standardsProvide training and toolInclude regulatory and business requirements in design
External loss dataTap available sources: Algo First, ORX, SAS
Uses of loss dataIdentify risk areas and control weaknessesAgree mitigating actions and ownersPrioritize risk reductionProvide information for RCSA and Scenario AnalysisIdentify potential metrics
30
16
Rules for Risk: A Model for Managing Operational Risk
To ask a question … click on the “question icon” in the lower-right corner of your screen.
21
Thank you for joining us!
NOVEMBER 14, 2012
This presentation was made possible by Zurich, a global leader in risk management services and insurance solutions. For more information about Zurich’s portfolio of products and services, visit: