Operational risk might be a new form of financial risk but disregard it at your peril, warns Mike Loginov, managing director of DNV IT global services UK
There are essentially three types of financial risk that can adversely impact the profitability of a company and its cashflow: credit risk, market risk and operational risk.
Credit risk is concerned with the risk to an organization’s credit, such as debt management or hedging, for example. By contrast, market risk focuses on the macroeconomic conditions that could have an impact on a company’s trading performance, such as a natural disaster or even an interest rate change.
The third area of financial risk is the newest type of risk to emerge, but it is attracting the most attention from the financial services industry and within organizations themselves. An example of the importance given to operational risk can be seen in the recent appointment within some FTSE 100 companies of Chief Risk Officers.
As its name suggests, operational risk is concerned with all risks related to a company’s operations, such as IT and systems disaster, project failures or risk of project failure, compliance, corporate governance and information security.
A significant driver behind the focus on operational risk comes as a result of legislation introduced in the wake of the Enron scandal. This raised awareness of a new level of responsibility that executives now face. For example, senior figures in an organization, such as the CEO or CFO, can no longer claim to be unaware of areas of potential high risk to the business and must also sign off the company’s annual accounts.
The importance of operational risk is unlikely to diminish any time soon either, especially with the largest piece of legislation ever to hit European financial services due to come into force in November. MiFID – the Markets in Financial Instruments Directive – will affect most FSA-regulated companies.
Part of the EU’s Financial Services Action Plan, it is designed to help create a single market in financial services. This has clear implications for operational risk; it introduces new complexities into the market associated with cross-border trading, for example. Changes to legislation and challenges they pose to companies are not limited to the EU.
Indeed, such legislation will make more demands on organizations to identify and monitor additional operational risks. Specifically, many organizations must not only ensure their teams are culturally prepared for the changes and requirements, but also that they have adequate systems and processes in place to provide the right level of visibility, an audit trail, a way of monitoring and tracking against previous milestones and a proactive method of acting on the information to hand.
Indeed, a critical success factor for effective financial risk management is being able to identify potential risks in advance and enable key members of the management team responsible for managing such risks to be informed, aware of the potential issues and able to take action to mitigate the risk.
Alerts are also useful in attracting the attention of managers to potential exceptions and events that could have an impact on the financial results of the company, such as a loss in revenue or increase in expenses. Vital for financial services companies is having an audit trail of activities for future and historical reference, and an archive where all this information can be stored and searched for easily. One of the features of risk is that it’s always evolving, so organizations need software that can adapt to meet their changing requirements.
All this means the task of managing operational risk requires companies to face some basic challenges:
- How to collect meaningful, reliable and pertinent information,
- How to deliver this to executives in a timely manner,
- How to collectively interpret it in order to take informed business action
- How to manage, control and trace the subsequent activities and responsibilites
- How to learn from previous and experiences (own and others)
A managed risk approach takes a strategic approach to risk management in identifying areas in the business where the major risks lie and quantifying the size of this risk from different perspectives –a financial or legislative perspective, for example. Managing financial risk effectively also requires tight collaboration and communication amongst key roles in the organization in order to share information quickly and effectively, discuss and comment on it and refer back to the data in future discussions.
This is why DNV has decided to partner with Attunity. As an organization, DNV is not affiliated to any third parties, which means we are in a position to work with only best-in-class solutions. We have a wealth of experience in the financial services sector, particularly in risk management, and what’s impressive about Attunity is their experience in bringing new and innovative applications to the marketplace.
We’re keen to work with Attunity to map our capabilities to the functionality available within Attunity’s software solutions and together deliver a high value, unique offering to the marketplace. Financial services firms cannot bury their head in the sand when it comes to managing financial risk. With the regulatory environment increasing and more threats facing financial services institutions than ever before, preparing for the worst isn’t just a precaution but a necessity in today’s climate.
To find out more please contact marketing@attunity.com