One of the practical realities we live with on a daily basis is that, unfortunately at times, something will go wrong. Cynical as it sounds, Murphy really was an optimist. A good part of what risk management is about is trying to prevent events from happening, but despite our best efforts, things still go wrong. … Continue reading
To all my faithful readers – first, I want to offer apologies that I did not post anything new this week. I have a great many topics in process and had every intention, but as I’ll explain in a minute, this week was a bit overwhelming (in a very good way.) Second, I wanted to … Continue reading
“In preparing for battle I have always found that plans are useless, but planning is indispensable.” – Dwight D. Eisenhower If there is one area of management where I am consistently disappointed it is in the areas of strategic technology planning. In fact, in over 15 years of advising clients I have only seen a … Continue reading
When I do presentations on operational risk management, there is an exercise that I use that not only gets people engaged, but it helps make a very important point about assessing risk. I tell the participants that they (as super-elite risk managers) are being asked to perform a very critical assessment exercise, one that could … Continue reading
At this point virtually every business has come to the realization that social media is here to stay and is an intrinsic part of how we communicate. If Facebook were a country it would be twice the size of the US. Eighty percent of companies use social media for recruitment and 95% use LinkedIn.[1] Like … Continue reading
Over the last few days I was in Washington, DC where I spoke at a bank risk management conference. It was a busy trip, but I did have a little time to visit the National Archives, which displays the US Constitution, the Declaration of Independence and the Bill of Rights. Profound documents that evidence the … Continue reading
The practice of managing operational risk has effectively been around forever, but Operational Risk Management (ORM) as a formal program is one of the newest of the risk management disciplines. Operational risk represents a significant area of potential losses for any organization, but it is extremely hard to quantify and arduous to manage. ORM covers … Continue reading
Another day, another shockingly spectacular operational risk event, this time a rogue trader at UBS causing a $2.3 billion loss. As I understand it, the underlying actions occurred over a span of several years, involved fraudulent transactions that he was able to enter and manipulate, lacked sufficient dual controls and had no clear enforcement method … Continue reading
I am becoming increasingly convinced that one of the most under-managed areas of risk management is model risk. Often when I see risk managers at bank conferences I pose the question, “Do you have a completed inventory of all key models used for decision making, including risk ratings and validation schedules?” This is always an … Continue reading
To echo the standard preamble of numerous similar articles on this subject, on June 28, 2011, the Federal Financial Institutions Examinations Council (FFIEC) released their anticipated Supplement to Authentication in an Internet Banking Environment, amending the original guidance released in 2005 and 2001. The supplement provides updated guidance based on both recent and emerging threats … Continue reading
Thank you for visiting OpRisk Advantage. Hopefully the information you find here will help you in the advancement of your own Operational Risk Management program. Please feel free to comment on any of the content you find here, just remember to be civil, respectful and constructive. You can also send comments, questions and topical suggestions … Continue reading
