How does Operational Risk Management fit into an organization's Strategic Planning? This presentation attempts to provide a functional and implementable response.
4. Overview – Strategic Planning
Strategic planning requires clarifying the overall purpose
and desired results of an organization, and how those results
will be achieved
It is a disciplined effort to produce fundamental decisions
and actions that shape and guide what an organization is,
what it does, and why it does it, with a focus on the future
5. Elements Of Strategic Planning
Strategy Task Force
Vision and Mission Statements
Values
Goals and Objectives
Tasks Required
Implementation Strategy
Monitoring of the Strategic Plan
6. Operational risk, broadly speaking, is the risk of loss resulting from
any malfunction in an organization
Such events include direct and indirect actions that may lead to
increased errors, system failures, acts of nature, non-adherence with
internal policies land regulatory stipulations
Operational Risk is the responsibility of all staff in an organization
– junior, middle and senior staff
Involves interfacing with all business units with all business areas
in the organization
6
Overview – Operational Risk Management
7. What Is Operational Risk?
‘the risk of loss resulting from inadequate or failed
internal processes, people and systems or from external
events’…Basel Definition
‘the risk of loss resulting from inadequate or failed
internal processes, systems or human factors, or from
external events. It includes the reputation and franchise
risk associated with business practices or market conduct
in which the Company is involved’…Citigroup Definition
7
8. Classification Of OpRisk
Operational risk can be classified as follows:
─The nature of the loss: internally inflicted or externally
inflicted
─The impact of the loss: direct losses or indirect losses
─The degree of expectancy: expected or unexpected
─Risk type, event type, and loss type
─The magnitude (or severity) of loss and frequency of loss
8
10. Case Study
Its 2008, CS Computer Ltd is about to review its strategic plan;
a few months ago, it concluded its Risk & Control Self
Assessment
Is there any need to refer to the output of its Risk Assessment?
What should be the drivers of its strategic planning?
What areas of its business require focus to achieve its growth
plan and desired first mover advantage with new business
opportunities?
11. Contents Of A Risk Register
Risk description
Risk owner
Risk Category
Cause of the Risk
Impact of the Risk
Probability / Frequency of
occurrence
Risk Rating
Contingency or Action plan
Cost of Mitigation
Deadline for
implementation
Current status
12. Planning For Superior Service Delivery
Develop Customer Service Policy
Build customer loyalty
Create a positive environment
Establish an image of quality & professionalism
Ensure prompt & effective customer complaints mgt
Ensure management awareness of key criticisms
Going the extra mile; beat competition
Develop customized services
Maintain customer feedback vehicle
Train all staff on service delivery and products
13. Operational Risk Management Enablers
Develop Customer Service Policy
Risk Governance
Build customer loyalty
Track business volumes and demographics of customers (reward
systems, promotions, special events) using Key Risk Indicators (KRIs)
Create a positive environment
Risk Assessments
Establish an image of quality & professionalism
Track customer, agencies and regulators’ ratings with KRIs
Prompt and effective customer complaints management
Track no. of customer complaints logged, treated and outstanding with
KRIs
14. Operational Risk Management Enablers (Cont’d)
Management awareness of key criticisms
Risk Reporting
Going the extra mile; beat competition
Peer group analysis by tracking relevant KRIs / Risk Reporting
Develop customized services
Review of customer behaviour / Trend Analysis from RCSA and KRIs
Maintain customer feedback vehicle
Track number of feedback, areas of business commended and areas not
mentioned at all (KRI, RCSA, Loss data collation)
Training on service delivery and products
Track number of staff trained on service delivery, product offering &
number of complaints against staff attitude and product knowledge (KRI)
15. OpRisk Management – Strategic Planning
• Risk Register / Log
• Identification of prevalent risks
• Prioritized list of risks
• Impacts identified
• Residual risks
• Risk Appetite & Tolerance Levels
Desired business model, organizational
structures and business strategies
17. OpRisk Delivers Risk Management
Proper Operational Risk Management ensures Effective Holistic
Risk Management as it minimizes overall risk exposures in the
organization
18. Prioritizing Risks In Your Organization
Risk prioritization must be based on the following:
The Risk Appetite of the organization
The Business Model of the organization
Regulatory Requirements
Business objectives in the short, medium and long terms
Risk – Reward Analysis
Response style of the organization
Maturity of the Risk-Aware Culture
18
20. Strategy & Risk Management Interplay
Strategy
RM
Objectives Assure Value-Creation Enhance Value
Value 1 Create new opportunities
Invest in new business activities that
promise gainful returns; expected to
exceed capital cost
Create new opportunities
Opportunity/threat identification /
mitigation in new activities, price deals to
compensate for such risks
Value 2 Improve performance
Increase returns on existing business
with better tech, processes, policies,
knowledge etc.
Improve performance
Measure loss exposure on cash flows.
Risk/Reward, aggregated capital,
scenario analyses, opportunity costs
Value 3 Harvest existing value
Evaluate, exit non-profitable business
Harvest existing value
Market analysis, risk mapping, risk
adjusted performance measurement
Value 4 Align risk-taking with risk appetite
Assurance that company is not gambling
its future; avoid risk averse behaviour or
excessive competitiveness
Align risk-taking with risk appetite
Discipline, focus & control, only take risks
equipped to handle, capital adequacy
22. Operational Risk Management
& Strategic Planning
Evaluate risk profiles for strategic plans for enhanced
decision-making in developing a more realistic and
achievable robust plan
Ensure that the policies, procedures, measures and
monitoring are established and continuously improved
Provide periodic updates / reports to the Board and
Management on identified risks, milestone achievements,
and residuals risks
23. Poor OpRisk Management Leads To…
Informal or reactive evaluation leading to either conservative
or exaggerated growth scenarios in developing strategic
plans
Subjective reasoning feeding the strategic planning process
Little or no risk adjustment mechanism
Inability to maximize potential for creating sustainable
competitive advantage
25. CONCLUSION
“For firms to succeed in this increasingly global and competitive
marketplace,
risk management must become a state of mind.
A systematic and proactive enterprise-wide approach to
managing risks is essential to
making risk management
an integral part of the company’s DNA”
ANURAG SAKSENA
– Chief Enterprise Risk Officer, Freddie Mac
26. Operational Risk
Management is the
Centre-piece of Risk
Management and an
OrgTanhizaatnionk’s yStoraute.g..y…
eneni.oduwole@dangote.com
Tel: 234-8033045896