At the busy OpRisk Europe 2012 conference in London in June, leaders of the operational risk management industry expressed doubt over the outcome of regulatory reform efforts, and called on banks to make their own operational improvements.
Regulatory reforms begun in response to the financial crisis are now coming into force – but at the OpRisk Europe 2012 conference in London in June, participants from the industry were openly sceptical about whether the reforms would lead to actual improvements, let alone be enough to justify their implementation cost.
The move to separate the UK retail banking operations from investment banking operations would create the potential for operational risk, according to John Whittaker, group operational risk director at Barclays Group.
Other speakers condemned flaws in impending capital adequacy regulations. The Solvency II capital adequacy rules for insurers should be postponed indefinitely to allow the industry to focus on recovery, according to Lars Hansen, a risk and governance adviser at Swedish financial consultancy Superior, and formerly chief risk officer at SEB Life.
And regulators have also made mistakes in implementing the Basel capital adequacy rules for banks, the conference heard. A decision by the UK Financial Services Authority (FSA) not to compel large, sophisticated banks to implement the advanced measurement approach (AMA) to operational risk was a mistake, according to a senior risk manager and former regulator.
Regulators also warned about the risks involved in harmonising new regulation across multiple jurisdictions. This is an issue of particular importance in the European Union (EU), where the Basel III reforms have been split into two pieces of implementing legislation – a Directive that will be transposed into local law by each Member State, and a Regulation that has the status of binding EU-wide law. Operational risk managers will be among those to feel the effects of that move.
While banks struggle with compliance issues, they also need to be aware of the rising operational risk threats they face – and of the work they can do themselves to improve their internal operational risk management structures and procedures. In particular, banks need to be aware of the risks posed by their high-frequency trading (HFT) activities, according to David Ramirez, director of internal audit at Barclays Bank.
In addition, banks should be aware of the security risks – an algorithm responsible for millions of dollars in profits could be smuggled out on a single data stick, he said. “Three cases have come to court in the past five years of intellectual property theft related to HFT”, he pointed out.
Other speakers cautioned that op risk managers should beware of taking on too much responsibility. Having too large an operational risk team could encourage business line managers to pass any risk issues over to the risk department, rather than deal with it themselves, Chris Rachlin, head of operational risk in the UK at HSBC, told delegates.
The panel also voiced doubt over the value of risk self-assessment processes. “I am not sure we have seen enough out of the self-assessment processes to match the cost of running them”, John Wertheim, formerly Citi's head of operational risk for Europe, the Middle East and Africa, said. “It’s better to get the businesses to do a holistic self-assessment and use the risk function to support the businesses in that. There isn’t any correlation between risk control and self-assessment (RCSA) and lower losses.”
A poll of the audience reinforced the importance of making the business case for operational risk. Audience members were polled on what contribution they felt operational risk made to their business, and a majority – 54 per cent – highlighted its role in raising awareness and education of operational risk, while 21 per cent pointed to reductions in direct losses. Only 5 per cent said that the operational risk effort increased shareholder value.
Full article (Risk.net subscription required)
© Risk.net
Key
Hover over the blue highlighted
text to view the acronym meaning
Hover
over these icons for more information
Comments:
No Comments for this Article