There is no mistaking the amount of work that needs to go into making sure that a business runs smoothly, but how protected are companies from their one greatest weakness, themselves?
This article will be assessing the implications of not having a structured and well-resourced operational risk management team. I will also address the specific parts of operational risk, that we at Broadgate Search have seen in high demand and what measures companies are taking to manage this increase in demand for risk professionals.
Business Continuity & Disaster Protection
Business Continuity Management (BCM) procedures and Disaster Protection (DP) protocols are a critical part of operational risk that have a significant impact on every department of a Financial Services Institution. In previous years, we have seen the responsibility for such activities sit with the PCF -14, Chief Risk Officer. Over time, however, it has become increasingly common, in certain size organisations, for this function to be separated out from the wider risk management team. There has also been a growing trend for candidates to specialise in this area, particularly in Banking and Insurance institutions.
Risk Event Register Management
At Broadgate Search, we have seen a significant increase in the number of potential risks that Financial Services firms need to monitor for and maintain close control of. This can be seen by the ever present threat of cyber security and further IT risk for example. This has led to a need for more regular review and evaluation of risk registers by operational risk teams. Also, performing regular quality assurance checks on local and international risk events and how they are managed are becoming increasingly important. This has resulted in the need for more junior risk professionals within larger organisations to carry out these checks. I would also point out, however, that a number of opportunities are arising on the market for individuals with first line experience to move into operational risk roles. Certain firms see significant value in hiring such individuals given their hands on experience and product knowledge.
Internal controls / Risk Control Self-Assessments
Internal controls testing has become an area of operational risk in significant demand in recent months. Given that this function has not traditionally sat as part of the responsibilities of a Risk professional, we have seen a rising demand in the need for individuals to move from the third to second line of defense to hold such duties. Auditors have an attractive skill set for risk management teams given their core skill set of being able to review, examine and deal with controls and risk assessments. The demand for each member of the operational risk team, no matter the size of the organisation, to be proficient in risk control self-assessments (RCSA) is quickly becoming the norm within the Financial Services industry.
Regulatory implications on Operational Risk (AMA)
As the number of regulations from local and international regulators increases, the demand for controls processes to coincide with these increases also. One area of regulatory scrutiny that primarily affects credit institutions is BASEL III and its review of how operational risk is monitored and regulated. This has led to the need for individuals to monitor the capital requirement based on the operational risk failures in order for them to come under the microscope operational risk teams. Specific roles are now being created for designated individuals in this area of operational risk, thereby increasing the demand for Risk Management professionals in the Irish market.
For more information and to have a discussion about the above please contact Jake Calver at Broadgate Search on 01 237 4655.