FREE MEMBERSHIP Includes » ABL Advisor eNews + iData Blasts | JOIN NOW ABLAdvisor Gray ABLAdvisor Blue
Skip Navigation LinksHome / News / Read News


Many Financial Institutions Not Using Operational Risk Management to Challenge Business Models

November 12, 2018, 08:00 AM
Filed Under: Industry News

Aligning operational risk management (ORM) with strategy could enable strategic change, improve business performance and enhance customers’ experience for financial institutions. However, only half of firms surveyed with less than $250 billion in assets leverage ORM to challenge business models, according to a report by KPMG LLP and The Risk Management Association (RMA).

According to the Operational Risk Management Excellence Survey, larger institutions appear more advanced in aligning ORM with strategy, with 90 percent at or above $250 billion in assets leveraging ORM to challenge business models. 

“Aligning ORM with business strategy enables financial institutions to identify, assess and mitigate risks, while adding business value,” said Phillip Bray, Principal in KPMG LLP’s Operations and Compliance Risk services. “We’ve observed that, for many institutions, the first priority is to resolve regulatory issues and then take a broader look at how ORM is integrated into strategy.”

“While prioritizing compliance is understandable in this challenging regulatory landscape, institutions that cannot evolve their ORM from a check-the-box approach to one that informs the organization as a whole are not realizing the full value of their operational risk spend,” said RMA Chief Administrative Officer and Director of Operational Risk Edward J. DeMarco, Jr. “They are also missing opportunities that could be transformational to their businesses.”

Other Key Findings

Digital Transformation Spend Lacking: 20 percent at or above $250 billion and 27 percent under $250 billion are dedicating a portion of annual budgets to digital transformation, including automation and data and analytics.

Regulatory Checklists: Larger and smaller institutions agreed the following areas are most important to regulators: 

  • Operational risk aggregation / profile (92 percent)
  • Operational risk appetite (88 percent)
  • Information / cyber security (85 percent)
  • Risk control self assessments (85 percent)
  • Operational risk monitoring (81 percent)
  • Vendor risk management (77 percent)

Data Reporting: 27 percent and 21 percent, respectively, of larger and smaller firms have dashboards to report risk exposures and their impacts on business strategy and performance. This is down from 80 percent for larger firms in 2014.



Comments From Our Members

You must be an ABL Advisor member to post comments. Login or Join Now.