Operational Risk Appetite, Governance & Indicators

Course Description This course is designed to provide a comprehensive training to managers and executives involved in operational risk. It is an essential building block for all institutions and risk managers who are willing to upgrade their operational risk management practices, share the best practices in the market and learn more about the current trends and approaches in operational risk today. The course is thaught by an international risk consultant and professional trainer, fully accredited member of the Institute of Risk Management and a professionnal member of the Institute of Operational Risk. It details the best practices in Operational Risk Management and addresses the most topical issues in the field. During this 3 day workshop, participants will learn how to: Discuss and Design a Risk Appetite Statement Create and Embed a Desired Risk Culture Set Up an Indicators Programme Identify Predictive KRI’s Deploy Useful Scenario Analysis Engage Key Stakeholders into Operational Risk Management Demonstrate Risk Management Value Benchmark Risk Management Practice Who Should Attend? Head of Operational Risk & Operational Risk Directors Operational Risk Managers Quality Assurance Managers Head of Operations and Operations Managers Compliance Officers and Directors Consultants and Contractors Internal Auditors Regulators Course Documentation All delegates will receive comprehensive course documentation for use before and during the program. This will enable them to return to their organization with an extensive and valuable source of information for future reference. Training Methodology The course is designed as a highly practical and interactive training on top current issues in Operational Risk Management. All sections of the workshop will include examples, group discussions and exercises. Basic knowledge in risk management and control is recommended. Active participation of the class is encouraged to benefit from the full value of the course.
Day 1 Risk Framework, Appetite and Governance Session 1 : Introduction: Risk, Losses and Benchmark The concept of risk Risk quiz: choose the most risky option Scope of operational risk Regulation in a nutshell Operational losses: heatmaps Benchmarking operational losses to gross income This introductory session will help the participants to warm up to the topics and concepts to be discussed over the three days. ORX heatmaps and examples of losses will be used to discuss their loss levels compared to others in the industry. Session 2 : Operational Risk Framework The fours actions of risk management: identify – assess – mitigate - monitor COSO framework Examples of banking operational risk frameworks Key implementation stages The pyramid of ORM actions: which level are you at? Exercise: Participants will review examples of best practices of top European financial institutions with regards to ORM Framework. They will position themselves with regards to market practices, and define steps to move their way up. Session 3: Risk Appetite Definition, Statement and Commmunication Strategy first, risk appetite next COSO guidance on risk appetite Definition and governance: communicating risk appetite How much is too much? Risk appetite statements: features and examples Assessing risk appetite: capital and other benchmarks Cascading risk appetite: indicators Monitoring risk appetite: dashboards Exercise: Participants will review examples of risk appetites statement in various banks and other industries. They will discuss their own appetite for risk with regards to their business objectives.  Session 4 : Operational Risk Governance Three lines of defence Three levels of operational risk management: strategic, tactical, dynamic Operational risk management: overlap and synergies with other functions Roles and responsabilities of the senior management, risk management, executive board The role of the CEO Make the risk committees effective Exercise: Participants will share practices and work on their own risk governance design. Day 2 Risk Assessment, Risk Management Session 1 : Loss Data Base, Management Information and Modelling Modern issues on loss data: the FSA view Data features: core losses and tail risks Analysing operational loss data: seek for insight MI and efficient reporting: examples and general rules Operational risk modelling in a nutshell Regulatory & economic capital for operational risk: the good, the bad and the ugly Case study: Real case op risk data analysis and story from an international banking institution, real case example of efficient reporting sheets in banks. Session 2 : Effective Risk and Control Self Assessment Definition and rules for RCSA: who does it, how to form the group, how to conduct the debates and expected outcome Tool: Impact / probability matrix: define the axes, define risk appetite and colors, position risks and impacts on a PI matrix Usage and choice when defining RCSAs: extreme cases or median cases, distribution or single points, inherent or residual risk, likelihood or frequencies Risk rating: when and how. Take the rating for what they are:indicative but not precise. Differentiate between qualitative and quantitative ratings. Highlight and assess your top risks: exercise Practical workshop: Participants will work in groups to draft their own probability / impact matrix for their activity. Each group will then present its results to the rest of the class. Session 3 : Translating Risk Appetite into Risk Indicators Cascading risk appetite using indicators at business level Good practices in designing an indicators program KRI: start with your top risks Indicators definitions: KPI, KRI, KCI. It all depends on context Indicators features: be SMART Management Information and Key Risks Indicators Class discussion: participants will share their experience with regards to the use of indicators in their organisation Session 4 : Selecting Predictive KRIs Assess your current indicators using a 7 criteria evaluation matrix Turn root causes into measurable proxies Review and Score your indicators to assess predictibility Example and case study: client satisfaction Class exercise: participants will work in groups to identify, rank and select possible predictive KRI for a given activity of their business, using a structured, demonstrated methodology. They will then share their results with the rest of the audience. Day 3 Scenario Planning, Risk Management Value and Risk Culture Session 1 : Scenario analysis and planning Regulation on data testing and scenario analysis: EBA guidance: generation – assessment – validation – incorporation Ten mistakes to avoid when running scenario analysis: behavioral biases and else What next? Risk mitigation planning and recommendation contingent to scenario analysis Exercise: What about us? Selecting relevant scenarii for your company Session 2 : How do you know it works? Measuring the effectiveness of risk management Tactical operational risk: measuring loss reduction Dynamic operational risk: operational efficiency Strategic operational risk: assessing strategic improvements Operational excellence Case study: cost-benefit analysis of an ORM programme for an international bank Exercise: assessing progresses made since the start of an ORM programme Session 3 : Implementing the Desired Risk Culture What is a risk culture? Definition Identifying the vital behaviours Allying with the opinion leaders Aligning staff measurement, training and risk objective Measuring the risk culture Session 4 : Wrap – up What we have learnt What is to remember What will change Course summary and close