KPMG/RMA Operational Risk Management Excellence 2015 Global Heightened Practices Survey

Size: px
Start display at page:

Download "KPMG/RMA Operational Risk Management Excellence 2015 Global Heightened Practices Survey"

Transcription

1 KPMG/RMA Operational Risk Management Excellence 2015 Global Heightened Practices Survey Executive Report kpmg.com

2 1 KPMG/RMA Operational Risk Management Excellence

3 KPMG/RMA Operational Risk Management Excellence Initiative KPMG LLP (KPMG) and the Risk Management Association (RMA) teamed to initiate the first Operational Risk Management Excellence Get to Strong Survey in The objective was to give n financial institutions insights into leading industry operational risk management (ORM) practices in support of enhanced business value, strategy, and performance, heightened regulatory expectations for strong risk management, and Basel Advanced Measurement Approach (AMA) use test compliance in order to help gauge positioning against evolving industry practices, optimize their ORM frameworks, and enhance risk management. Since 2013, KPMG and RMA have continued to work with ORM leaders and regulators to expand the n survey to additional firms in Europe, the Middle East, and Africa () and Asia-Pacific (). Today, over eighty top financial institutions, including twenty global systemically important financial institutions (G-SIFIs), have completed the Operational Risk Management Excellence 2015 Global Heightened Practices Survey (the Survey ). KPMG and RMA have held ORM Excellence Executive Round Tables in New York, London, and Sydney as part of ongoing efforts to advance the ORM discipline and establish benchmark data on critical ORM themes and practices. KPMG and RMA appreciate those who have participated in the Survey and the Round Tables. The following pages highlight key Survey results and next steps in the global evolution of the ORM disclipine.* Table of Contents Executive Summary... 3 Survey Methodology and Background... 4 Operational Risk Management Processes and Functions... 6 Strategy and Value... 9 Stature, Risk Appetite, and Governance Assessment, Measurement, and Management Data, Analysis, and Reporting The Road Ahead *The full set of questions, quantitative responses, and qualitative inputs are only available to Survey participants.

4 3 KPMG/RMA Operational Risk Management Excellence Executive Summary The results of the Survey reveal that financial institutions continue to make important strides with respect to the following areas: Improved contribution of ORM to business/risk decisionmaking and strategic planning; Increased recognition of ORM contribution to business strategy and performance by the Board of Directors (Board) and other leaders; Improved standing of ORM with market, credit, and other risks; Broadened deployment of operational risk appetite at the enterprise, line of business, and other levels; Expanded use of standard risk taxonomies, assessment processes, and linkage to risk appetite; Improved processes to challenge, escalate, and communicate risks and issues; and Enhanced data quality for improved risk intelligence, decision-making, and reporting. There is, however, still work to be done by financial institutions as they strive towards operational risk excellence and strong risk management, including: Further positioning the ORM framework so that it is fully aligned with firm strategy and that operational risk is considered when launching and implementing significant strategic change; Expanding efforts to deploy qualitative and quantitative measures of operational risk appetite across business lines, legal entities, processes, and other key areas; Broadening efforts to identify, assess, measure, and manage operational risk against defined risk appetite levels and thresholds; Strengthening ORM s value at the business line level and continuing to enhance business line ORM maturity and ORM s impact on business performance; Reinforcing efforts to augment data governance, integrity, and aggregation for greater risk intelligence and actionable reporting and decision-making; and Broadening effective challenge of first line of defense risk data (e.g., risk and control self-assessments (RCSAs), key risk indicators (KRIs), loss events, and mitigation plans) and calibrating that data for increased accuracy, value, and use. Compliance with enhanced regulatory standards will likely pose considerable challenges to financial institutions operating in all jurisdictions. The three lines of defense (i.e., business lines, the risk management and compliance functions, and internal audit) will require extensive efforts and increased coordination in order to ensure compliance and drive optimal value as they address regulatory imperatives such as the Volcker Rule and the Liikanen and Vickers structural measures, multijurisdictional enhanced supervision and prudential standards, cyber security, third-party risk oversight, consumer compliance requirements, contemplated AMA methodology reforms, and the Basel Committee on Banking Supervision s Principles for Effective Risk Data Aggregation and Risk Reporting (BCBS 239), among others.

5 KPMG/RMA Operational Risk Management Excellence 4 Survey Methodology and Background The fifty-four question web-based Survey, which was developed in collaboration with leading institutions, focused on the following key areas of operational risk excellence and heightened regulatory expectations: Strategy and value: including queries about ORM s alignment with strategy and the benefits and objectives derived from the institutions enterprise ORM framework. Stature, risk appetite, and governance, including queries about the level of operational risk appetite deployment across the firms, the alignment of risk appetite with incentives, and ORM s standing with other risk types, such as market and credit risk. Assessment, measurement, and management, including queries about the institutions efforts to identify, assess, measure, and manage risk, as well as define and deploy forward looking indicators. Data, analysis, and reporting, including queries about the institutions efforts to accurately and completely aggregate, analyze, and report ORM exposures. The Survey consisted of multiple choice questions that gauged the evolution of ORM practices and deployment. For certain questions, participants could elaborate on their responses by providing qualitative inputs. Survey participants were comprised of n (44 percent), (33 percent), and (23 percent) financial institutions, including G-SIFIs and Basel AMA banks, non- AMA large banks, and mid-size banks. Survey results provided insights into evolving industry practices and areas where AMA and non-ama institutions diverge and regional differences exist. Among the AMA respondents, 63 percent of the North American participants were commercial banks, while 67 percent of participants and 60 percent of participants were universal banks. Among the non-ama respondents, 47 percent of the n participants and 36 percent of the participants were commercial banks, while 67 percent of participants and 36 percent of participants were universal banks. The remaining respondents included investment banks, brokerages, investment management firms, and insurance companies. Among the AMA institutions surveyed, 46 percent were headquartered in, 37 percent were headquartered in, and 17 percent were headquartered in. Among the non-ama institutions surveyed, 42 percent were headquartered in, 30 percent were headquartered in, and 28 percent were headquartered in. Among all AMA respondents, 83 percent of the Enterprise ORM Heads report to the Chief Risk Officer, with little variation among the regions, while the remaining ORM Heads report to either the Bank-Wide Risk Management Officer/Enterprise Risk Management (ERM) Officer, Chief Compliance Officer, or the Chief Executive Officer. Among non-ama respondents, 86 percent of the Enterprise ORM Heads report to the Chief Risk Officer, while the remaining ORM Heads report to either the Bank-Wide Risk Management Officer/ERM Officer, Chief Compliance Officer, or the Chief Financial Officer. Among all AMA respondents, 80 percent have been deploying their firms enterprise ORM framework for at least seven years, with little variation among the regions. Among the non-ama respondents, 75 percent of participants, 50 percent of participants, and 24 percent of n participants have been deploying their firms enterprise ORM framework for at least seven years (please see Chart 1).

6 5 KPMG/RMA Operational Risk Management Excellence Survey Methodology and Background (continued) Chart 1 How long has your firm s enterprise ORM framework been deployed? AMA 19% 56% 13% 13% 33% 56% 11% 40% 40% 20% 27% 53% 13% 7% 10 or more years 7-9 years 4-6 years 1-3 years Non-AMA 6% 18% 29% 47% 42% 33% 17% 8% 29% 21% 14% 36% 23% 23% 21% 33% 10 or more years 7-9 years 4-6 years 1-3 years May not equal due to rounding

7 KPMG/RMA Operational Risk Management Excellence 6 Operational Risk Management Processes and Functions As noted in Chart 2 below, AMA and non-ama respondents reported that the following processes and functions were directly under ORM management: Chart 2 What processes and functions are directly under ORM? AMA ORM policies 89% 97% Internal loss events 94% 89% 93% Risk Analysis 88% 89% 80% 87% Risk monitoring 94% 78% 80% 87% RCSAs 94% 56% 83% External loss events 89% 97% Scenario analysis/stress testing 88% 89% 90% KRIs 88% 78% 60% 80% ORM framework validation 81% 67% 80% Risk aggregation/risk profile 63% 67% 80% 67% ORM capital model 63% 89% 77% Risk/control testing 63% 44% 63% Risk appetite 56% 56% 60% 57% New product review 50% 56% 40% 50% Vendor risk management 38% 11% 40% 30% IT risk management 13% 67% 0% 27% BCP/DR 25% 0% 20% 17% Fraud/investigations 19% 11% 20% 17% Information security/cyber security 13% 11% 40% 17% Model governance 6% 33% 20% 17% Other 31% 0% 0% 17% Reputational risk management 0% 33% 20% 13% Financial controls/sox 13% 11% 20% 13% Compliance Physical security 6% 6% 0% 40% 10% 0% 20% 7%

8 7 KPMG/RMA Operational Risk Management Excellence Operational Risk Management Processes and Functions (continued) Chart 2 (continued) Non-AMA ORM policies Internal loss events 94% 79% 91% RCSAs 92% 79% 91% Risk Analysis 92% 71% 88% Risk monitoring 88% 92% 79% 86% Scenario analysis/stress testing 88% 75% 71% 79% KRIs 82% 92% 64% 79% External loss events 88% 92% 43% 74% Risk aggregation/risk profile 76% 75% 64% 72% ORM framework validation 71% 75% 64% 70% Risk appetite 47% 67% 71% 60% Risk/control testing 47% 50% 50% 49% New product review 41% 42% 43% 42% ORM capital model 41% 33% 29% 35% Vendor risk management 24% 17% 36% 26% BCP/DR 41% 25% 36% 35% Fraud/investigations 18% 17% 43% 26% IT risk management 24% 17% 29% 23% Information security/cyber security Model governance 6% 25% 36% 6% 8% 36% 21% 16% Other 24% 17% 21% 21% Reputational risk management 0% 25% 29% 16% Physical security 6% 8% 36% 16% Compliance 0% 0% 43% 14% Financial controls/sox 24% 0% 0% 9% Multiple responses allowed

9 KPMG/RMA Operational Risk Management Excellence 8 Operational Risk Management Processes and Functions (continued) For the Other category, respondents noted insurance, fiduciary risk, business process transition risk, concentration risk, operational risk economic capital allocation, risk-based incentive compensation, SSAE 16 report reviews, BSA/AML, embedded second line operational risk officers, policy and corporate governance, privacy and international operational risk, and financial crime policies and standards. RESULTS COMPARISON The results of AMA and non-ama participants were generally in line. The major differences were: RCSAs in the region 56 percent of AMA respondents reported it was under ORM management versus 92 percent of non-ama respondents. External loss events in the region 100 percent of AMA respondents reported it was under ORM management versus 43 percent of non-ama respondents. Scenario analysis/stress testing in the region 100 percent of AMA respondents reported it was under ORM management versus 71 percent of non-ama respondents. ORM framework validation in the region 100 percent of AMA respondents reported it was under ORM management versus 64 percent of non-ama respondents. ORM capital modeling across all regions 77 percent of AMA respondents reported it was under ORM management versus 35 percent of non-ama respondents.

10 9 KPMG/RMA Operational Risk Management Excellence Strategy and Value ORM alignment with strategy is critical to achieving sustainable planning. While a significant portion of AMA respondents value add, and to ensuring effective risk identification, (50 percent in to 89 percent in ) noted assessment, and mitigation. However, reflecting the need for partial ORM alignment with strategy, these results bring into further positioning of the ORM framework, the survey revealed question whether operational risk is fully considered in launching that no more than 20 percent of AMA respondents in the and implementing significant strategic change (please see regions stated their ORM framework fully aligns with their firms Chart 3). strategy, or that risk is an integrated component in their strategic Chart 3 Does your ORM framework enable integrated risk and performance management in your firm? AMA 19% 50% 31% 11% 89% 20% 60% 20% 17% 63% 20% Fully Partially Beginning to Does not Non-AMA 18% 24% 47% 12% 25% 42% 25% 8% 21% 43% 29% 7% 21% 35% 35% 9% Fully Partially Beginning to Does not May not equal due to rounding

11 KPMG/RMA Operational Risk Management Excellence 10 Strategy and Value (continued) Chart 3 (continued) RESPONDENT COMMENTS When asked if their ORM framework aligns process, people, policy, and infrastructure against strategy in their firms, respondents stated: : This could be more transparent, but work has started. We are not there yet with linking processes to our RCSA or ORM framework. With the recent rollout of risk profiling, RCSAs, policy governance, and new product and initiative policies throughout the company, we are enhancing the alignment of these elements with strategic decisions. Each of these elements is considered in assessing strategic plans, launching new businesses and products, or implementing significant change. Our strategic planning policy and new business and product policy are relatively new and processes around them are not yet embedded and practiced to their full strength. : Our ORM processes support management s decisions, but they are not fully integrated into our strategy. We are in the midst of rolling out our framework across our critical processes (i.e., those rated high and very high) across all of our locations. Although our alignment of process, people, and policy is underway, our alignment of infrastructure and strategy still needs to be developed further. : Our business strategy and ORM review have taken place for the past two years, however, they are not formally linked to our ORM assessment. Rather, they act as a guide in assessing the impact. Our ORM framework is a key lens for our strategy development, but it does not always align all aspects of process, people, policy, and infrastructure as there may be alternative drivers/lenses. Our risk appetite and strategy planning discussions will be linked with the Board this year.

12 11 KPMG/RMA Operational Risk Management Excellence Strategy and Value (continued) Resetting ORM for Enhanced Value: When asked if their firm had reset its ORM framework to drive greater strategic value for their business and to meet heightened regulatory expectations, AMA responses across the three regions varied from 33 percent for participants to 50 percent for participants who reported their efforts were well underway, while 11 percent of participants and 50 percent of participants reported they had completed efforts to strengthen their ORM frameworks. For both AMA and non-ama respondents in, the ability to meet heightened regulatory expectations through strong risk management was a driving factor in their ORM framework reset, while AMA and non-ama respondents in and cited stress testing/scenario analysis as a key driver (please see Chart 4). Chart 4 Has your firm restructured / reset its ORM framework to drive greater strategic value for the business and meet heightened regulatory standards? AMA 13% 44% 31% 13% 11% 33% 22% 11% 11% 11% 50% 50% 17% 41% 24% 3% 3% 10% Restructure/reset Well underway: Initiated: 1-2 years complete 2+ years Non-AMA Just started: 0-1 year In planning Not pursuing 18% 29% 24% 24% 6% 8% 17% 33% 8% 25% 8% 14% 29% 29% 14% 7% 7% 7% 21% 30% 16% 19% 7% Restructure/reset Well underway: Initiated: 1-2 years complete 2+ years Just started: 0-1 year In planning Not pursuing May not equal due to rounding

13 KPMG/RMA Operational Risk Management Excellence 12 Strategy and Value (continued) Chart 4 (continued) RESPONDENT COMMENTS When asked if their reset supported regulatory requirements such as supervisory examinations, the AMA use test, and Dodd-Frank compliance, respondents stated: : It supports the AMA use test and is being embedded in the business for management decision-making; embedding the ORM framework is the foundation for strong enterprise risk management and heightened OCC expectations. It is not actually a reset, because the ORM framework continually evolves with the environment and our learning. Our parent is applying for and expected to receive AMA accreditation. The Basel AMA is a future consideration. While we have several Dodd-Frank activities underway across the organization and we are utilizing appropriate program management and assessment techniques, we have not linked Dodd-Frank compliance specifically to the ORM framework. : No comments received. : It enhances the robustness of our risk management. Our original framework supported these elements. Australia Securities and Investments Commission (ASIC) requirements. The framework elements can be used as a basis for most assessments, such as stress testing, scenario analysis, or incident analysis. So far, only our incident analysis and part of our business strategy planning have utilized this framework. Key Objectives & Benefits: In terms of objectives to be derived from resetting their ORM frameworks, enhanced internal control, risk mitigation, regulatory compliance, and information security were noted as the most important ones cited by respondents in the three regions. The majority of AMA respondents across the regions also mentioned the importance of enhancing their reputation, while a significant percentage of AMA and non-ama respondents both cited vendor risk management and product/ system implementations as additional top objectives. When asked to describe the benefits they derived from their ORM frameworks, a reduction in the frequency and severity of losses and an improved regulatory standing were two of the top priorities noted by respondents in all regions. Respondents also noted increased role clarity across the three lines of defense and greater knowledge of top risks and control issues. It is interesting to note that achieving strategic objectives/ return targets and improved customer satisfaction were not yet cited as broadly derived benefits. These benefits will likely increase across the industry as additional firms focus on strategy, value, and the use-test results (please see Chart 5).

14 13 KPMG/RMA Operational Risk Management Excellence Strategy and Value (continued) Chart 5 What benefits have you derived from your ORM framework? AMA Regulatory standing 88% 93% Loss avoidance/reduction (frequency and severity) 81% 89% 80% 83% Basel AMA qualification 63% 89% 77% Enhanced reputation 63% 44% 60% 57% Efficiency 38% 56% 40% 43% Strategic objectives/return 38% 22% 60% 37% Customer satisfaction 31% 22% 20% 27% Other 19% 22% 0% 17% Regulatory standing Loss avoidance/reduction (frequency and severity) Basel AMA qualification 88% 88% 6% Non-AMA 67% 64% 74% 75% 93% 86% 0% 14% 7% Enhanced reputation 53% 42% 43% 47% Efficiency 29% 50% 50% 42% Strategic objectives/return 29% 25% 21% 26% Customer satisfaction 29% 33% 29% 30% Other 6% 0% 21% 9% Multiple responses allowed

15 KPMG/RMA Operational Risk Management Excellence 14 Stature, Risk Appetite, and Governance ORM Maturity & Stature Banks operating with strong ORM frameworks evidence that operational risk has consistent stature with other risk types and demonstrate ORM maturity across all lines of business. Survey results indicate that there is still work to be done in all regions. For instance, among AMA institutions, only 60 percent of and 56 percent of n institutions state that the Board and Executive Management have fully elevated the stature of ORM within their enterprise risk management framework (please see Chart 6), while 67 percent of institutions acknowledged that ORM s stature has been partially elevated. For non-ama institutions, participants (50 percent) lead n (35 percent) and (21 percent) ones in responding that ORM s stature has been fully elevated. Chart 6 Has the Board and Executive Management elevated the institutional stature of ORM to align with business strategy and heightened regulatory standards? AMA 56% 25% 19% 67% 22% 11% 60% 40% 40% 40% 17% 3% Fully Partially Beginning to Not yet Non-AMA 35% 35% 18% 12% 50% 25% 8% 17% 21% 21% 36% 21% 35% 28% 21% 16% Fully Partially Beginning to Not yet May not equal due to rounding

16 15 KPMG/RMA Operational Risk Management Excellence Stature, Risk Appetite, and Governance (continued) The responses show the same trend for the question as to whether ORM receives equal time and attention from the Board and Executive Management as credit risk and market risk. The maturity of ORM business ownership continues to evolve, as AMA and non-ama institutions across regions recognize there is important work ahead to strengthen business ownership and operational risk maturity consistently across all lines of business. For example, only about 20 percent of AMA respondents in the three regions stated that business ownership and operational risk maturity are fully consistent across business lines. Full consistency was reported by even fewer non-ama institutions. Clear Roles & Responsibilities: Similarly, less than half of AMA respondents in each region stated that ORM roles, responsibilities, policies and procedures are clearly defined and understood by the first and second lines of defense. The majority of AMA respondents stated, however, that they have made partial efforts towards this goal. The responses of non-ama respondents demonstrated the same trend: less than half of non-ama respondents stated they have made full progress with these efforts, but about half (41 percent in and 50 percent in and ) stated that they have made partial progress. On a positive note, AMA respondents in the three regions almost universally reported that Risk Management and the Board firmly recognize ORM s value to the organization and its alignment with business strategy and performance. That recognition was also noted by Executive Management. However, recognition of ORM by the lines of business trailed recognition by other areas reinforcing that ORM use-test and value have yet to be fully embedded at the business line level. ORM Integration with Business Activities: It is encouraging to see that all AMA respondents in and, and almost 90 percent of n respondents, stated they have fully or partially integrated and embedded their ORM processes and systems into business activities across the enterprise. It was interesting to note that 50 percent or more of non-ama respondents in the three regions stated they have also embedded their processes and systems, or are working to do so.

17 KPMG/RMA Operational Risk Management Excellence 16 Stature, Risk Appetite, and Governance (continued) Risk Appetite & Governance Effectively defining a firm s risk appetite (i.e., the aggregate level and type of risk the Board and Executive Management are willing to assume to achieve the bank s strategic objectives and business plan, consistent with applicable capital, liquidity, and other regulatory requirements), and then monitoring and managing that appetite is a key element for strong risk management. Survey results indicate that firms are working to define and manage their risk appetite, but additional work is needed to fully deploy both qualitative and quantitative measures of operational risk appetite across the enterprise (please see Chart 7). Chart 7 Has the Board and Executive Management defined and cascaded operational risk appetite at the following levels? AMA Enterprise level 94% 78% 90% Business lines 56% 33% 80% 53% Entity 31% 22% 40% 30% Location 13% 22% 0% 13% Process 13% 0% 0% 7% Product 38% 44% 40% 40% Other 13% 33% 0% 17% None 0% 11% 0% 3% Non-AMA Enterprise level 88% 83% 86% 86% Business lines 35% 50% 57% 47% Entity 12% 17% 7% 12% Location 6% 8% 0% 5% Process 0% 8% 0% 2% Product 18% 25% 29% 23% Other 0% 17% 14% 9% None 12% 8% 7% 9% Multiple responses allowed

18 17 KPMG/RMA Operational Risk Management Excellence Stature, Risk Appetite, and Governance (continued) For example, almost all AMA and non-ama institutions in the three regions reported that they define operational risk appetite at the enterprise level. However, results vary significantly as to defining operational risk appetite at lower levels. For Instance, 33 percent () to 80 percent () of AMA respondents stated that they have defined and cascaded their operational risk appetite to the business line level. As chart 7 indicates, operational risk appetite below the business line is yet to be defined. However, several n AMA respondents commented that, while operational risk appetite was not defined below the business line level, operational risk key risk indicator (KRI) thresholds and tolerances were in place across processes. Operational Risk Appetite Monitoring & Management: With respect to operational risk appetite monitoring and management, a significant portion of AMA n and respondents indicated that ORM is fully escalating issues that exceed their firm s operational risk appetite; only 22 percent of AMA respondents did (please see Chart 8). However, 67 percent of non-ama respondents reported full escalation of issues outside of risk appetite/thresholds. Some respondents commented that consistency of escalation improves as their firms operational risk appetite matures and is defined in more quantitative terms. However, quantifiable measures of risk appetite that span and link operational risk taking, business performance, and compensation have yet to be deployed. Chart 8 Does ORM consistently escalate issues that are outside the firm s risk appetite/thresholds? AMA 56% 25% 19% 22% 44% 22% 11% 60% 20% 20% 47% 30% 17% 7% Fully Partially Beginning to Not yet Non-AMA 47% 24% 18% 12% 67% 17% 8% 8% 43% 21% 21% 14% 51% 21% 16% 12% Fully Partially Beginning to Not yet May not equal due to rounding

19 KPMG/RMA Operational Risk Management Excellence 18 Assessment, Measurement, and Management Integrated Risk & Performance Integrated risk and performance management is an increasing priority for many institutions. In a positive industry trend, the Survey noted that at least 80 percent of AMA respondents across the three regions stated their ORM framework fully or partially enables integrated risk and performance management, including regular metric reporting via dashboards. While non-ama response rates are relatively close to those by AMA respondents, non-ama institutions in and are in the beginning stages of the effort. It was also noted that the majority of AMA and non- AMA respondents across the three regions stated that ORM was fully integrated into their firm s ERM framework. Risk Assessment The ability to effectively identify, assess, measure, and manage risk is vital for operational risk excellence and strong risk management. Survey results show that operational risk assessment efforts continue to evolve and strengthen, including efforts to define and deploy forward-looking indicators. At least 69 percent of AMA respondents in the three regions fully or partially tie risk assessment identification, escalation, and management to their operational risk appetite (please see Chart 9). While the response rates for non-ama institutions in the three regions varied widely, 92 percent of non-ama respondents in stated that they fully or partially tie risk assessment identification, escalation, and management to their operational risk appetite. Chart 9 Do your operational risk assessment processes (i.e., RCSA, KRIs, loss data, and scenario analysis) tie to defined risk appetite thresholds for effective identification, escalation, and management of risk? AMA 44% 25% 25% 6% 11% 67% 11% 11% 20% 60% 20% 30% 43% 20% 7% Fully Partially Beginning to Not yet

20 19 KPMG/RMA Operational Risk Management Excellence Assessment, Measurement, and Management (continued) Non-AMA 18% 35% 35% 12% 42% 50% 8% 21% 43% 14% 21% 26% 42% 19% 14% Fully Partially Beginning to Not yet May not equal due to rounding With respect to forward-looking indicators, 60 percent () and 78 percent () of AMA respondents felt their ORM assessment processes fully or partially serve as forwardlooking indicators of current and emerging risk. As one would expect, results were less favorable for non-ama respondents. Efforts to develop forward-looking indicators and enhance their predictability are vital as firms work to strengthen their capabilities to identify and manage operational risk. Over 50 percent of AMA and non-ama respondents in the three regions stated that their ORM processes currently promote efficient risk taking and mitigation. Respondents stated efforts towards more efficient and effective risk taking and mitigation is evolving as business lines mature, risk appetite is further deployed, scenario processes gains robustness, and risk acceptance and/or mitigation alternatives are evaluated. Roles and Responsibilities: Consistent with the need to strengthen operational risk governance, over 50 percent of AMA respondents in the three regions confirmed the need to further clarify roles and responsibilities across the first and second lines of defense, including those impacting risk assessment in support functions, such as Finance, Human Resources, and Technology. For non-ama respondents, 8 percent () and 29 percent () stated they are just beginning efforts to clarify roles and responsibilities critical efforts for effective risk identification, assessment, measurement, and management.

21 KPMG/RMA Operational Risk Management Excellence 20 Assessment, Measurement, and Management (continued) Communication A large majority of both AMA and non-ama respondents indicated that communication between their first and second lines of defense on emerging operational risks and changes to the internal and external environment is an area that, although improving, needs strengthening. For instance, only 22 percent (), 25 percent (), and 40 percent () of AMA respondents felt communication was effective. Respondents noted that several governance structures were in place to support communication, including committees, working groups, risk assessment forums and structured meetings. Still, other respondents indicated that evidence of effective communication is difficult to provide and the tools and techniques to identify forward-looking and emerging risks are still in development (please see Chart 10). Chart 10 How effective is communication between the 1st and 2nd lines on emerging operational risks and on changes to the internal and external environment? AMA 25% 69% 6% 22% 67% 11% 40% 40% 20% 27% 63% 10% Effective Improving Non-AMA Limited Weak 18% 53% 29% 8% 75% 17% 21% 57% 14% 7% 16% 60% 21% 2% Effective Improving Limited Weak May not equal due to rounding

22 21 KPMG/RMA Operational Risk Management Excellence Assessment, Measurement, and Management (continued) Risk Taxonomies: An overwhelming majority of AMA and non-ama respondents in the three regions stated they have fully or partially established consistent ORM definitions and taxonomies across the first and second lines of defense. One respondent stated consistent definitions and taxonomies was the "corner stone" of their efforts to build effective ORM and ERM frameworks. Risk Assessment Convergence: In a positive development, 38 percent of AMA respondents in and stated they have established a consistent RCSA approach for multiple risk assessment types (i.e., ORM, compliance, and business continuity planning, vendor, and information technology security). Those figures increased to over 70 percent for AMA respondents in. As these efforts progress, firms can expect enhanced risk management effectiveness, integration, and efficiency.

23 KPMG/RMA Operational Risk Management Excellence 22 Assessment, Measurement, and Management (continued) Back Testing & Calibration institutions across the three regions have yet to begin back- No AMA respondents in and approximately testing efforts (please see Chart 11). This is an important area 20 percent of AMA respondents in and of focus, as the value derived from using ORM data for risk are fully conducting back testing to confirm the intelligence and decision-making requires confidence and accuracy and consistency of first line of defense operational accuracy in the data. risk assessments. In addition, at least 19 percent of AMA Chart 11 Do you conduct back testing to confirm the 1st line of defense is accurately and consistently assessing operational risk? AMA 19% 31% 31% 19% 22% 33% 22% 22% 60% 40% 17% 37% 23% 23% Fully Partially Beginning to Not yet Non-AMA 24% 24% 53% 8% 50% 25% 17% 8% 31% 62% 5% 33% 17% 45% Fully Partially Beginning to Not yet May not equal due to rounding Stress Testing: Fifty-six percent () and 80 percent () of AMA respondents reported they stress test ORM capital against economic cycles, downturns, and tail events via their Comprehensive Capital Analysis and Review (CCAR) or other activities. However, about 70 percent of non-ama respondents in and either do not maintain ORM capital or have yet to stress test it.

24 23 KPMG/RMA Operational Risk Management Excellence Assessment, Measurement, and Management (continued) Challenge Effective challenge of the first line of defense continues to initiatives. Nevertheless, survey results show there is still advance in the industry among AMA and non-ama institutions, more to be done to strengthen challenge activities (please see particularly with respect to RCSA tools and new product Chart 12). Chart 12 Does ORM provide effective challenge to 1st line (business lines) assessment, monitoring, mitigation, reporting, planning, and strategic/tactical decision-making? AMA 31% 44% 25% 11% 89% 40% 40% 20% 27% 57% 13% 3% Fully Partially Beginning to Not yet Non-AMA 13% 63% 25% 25% 42% 33% 7% 43% 43% 7% 14% 50% 33% 2% Fully Partially Beginning to Not yet May not equal due to rounding

25 KPMG/RMA Operational Risk Management Excellence 24 Assessment, Measurement, and Management (continued) Towards the goal of effective challenge, Survey results did show that 11 percent () and 40 percent () of AMA respondents fully leverage their ORM framework to challenge business model options and returns, including the assumptions, risks, and controls embedded in their new products, mergers, acquisitions, and divestitures. However, it was surprising to find that at least 20 percent of AMA respondents in the three regions have not yet started to apply effective challenge in these areas. With respect to non-ama respondents, it was encouraging to see that over 50 percent of respondents in the three regions are at least partially leveraging their ORM frameworks to enhance challenge and to foster better risk management. Risk Intelligence Accurate risk information provides the intelligence firms need to make informed, risk-based decisions in day-to-day activities and strategic planning. As noted elsewhere, while many respondents are making important strides to enhance the quality of their operational risk intelligence, there is still much work ahead. For instance, only 11 percent of AMA respondents in and 13 percent in state they have calibrated their ORM assessment processes to create reliable, actionable risk intelligence for decision-making. At the same time, 40 percent of AMA respondents in have calibrated their ORM assessment processes (please see Chart 13). Chart 13 Do your operational risk assessment processes calibrate against each other to create reliable, actionable risk intelligence for decison making? AMA 13% 63% 13% 13% 11% 56% 33% 40% 40% 20% 17% 57% 17% 10% Fully Partially Beginning to Not yet

26 25 KPMG/RMA Operational Risk Management Excellence Assessment, Measurement, and Management (continued) Chart 13 (continued) Non-AMA 12% 47% 41% 25% 50% 17% 8% 43% 21% 36% 12% 47% 28% 14% Fully Partially Beginning to Not yet May not equal due to rounding It was also interesting to note that, while robust risk intelligence is still being developed, at least half of AMA and non-ama respondents in the three regions stated that their operational risk intelligence is partially influencing management behavior. Further, both AMA and non-ama respondents stated business lines are maturing in both their ownership of risk and in business line use of "risk intelligence." As a result, the majority of AMA respondents in the three regions and a slightly smaller portion of non-ama respondents stated they were at least partially applying "risk intelligence" in business line decision-making. Metrics Reporting via ORM Dashboards: With respect to operational risk metrics and reporting (covered further in the next section), the data vary by region, with 22 percent of AMA respondents (versus 75 percent of n AMA respondents) stating their reporting includes ORM dashboards to alert Board and Executive Management of changing risk conditions and support decision-making. In addition, respondents also noted that enhancements to their KRIs and taxonomies for dashboard information are needed. Early Identification & Escalation: The responses regarding early identification and escalation show variations between the three regions as well. Fiftysix percent of AMA respondents in stated their operational risk KRIs include triggers for early warning notification and management of risk, while only 20 percent of AMA respondents did. In contrast, 60 percent of AMA respondents in felt they already had effective processes to escalate operational risk events, versus lower responses elsewhere. While the response rates differed by region, over half of all AMA and non-ama respondents stated they incorporated, or were well underway to incorporating, operational risk appetite and risk intelligence into their new business/product decisions to reflect process capacities and threats. Additionally, at least 30 percent of AMA firms across the three regions stated they have deployed scenario analysis to support capital planning, business decision-making, and process/system enhancement (versus less than 25 percent for non-ama respondents). However, near miss analysis has yet to be broadly deployed by several AMA and non-ama respondents a potentially significant area of risk intelligence yet to be developed.

27 KPMG/RMA Operational Risk Management Excellence 26 Data, Analysis, and Reporting The ability to completely and accurately aggregate, analyze, and report ORM exposures is an essential capability of strong risk management and a requirement for global systemically important banks (G-SIBs) as noted in the BCBS 239 publication. Data related issues are becoming increasingly important to AMA and non-ama institutions as the regulatory community and business leaders continue to stress the importance of sound risk data governance, aggregation, integration, and reporting. The Survey reveals that the industry is continuing to make advancements with respect to data quality. For example, 86 percent of AMA and 65 percent of non-ama respondents stated that their ORM data is fully, or partially, supported by effective governance, standards, and data stewards. Only 13 percent of AMA and 35 percent of non-ama respondents stated they are beginning to, or have yet to, deploy effective data governance and standards (please see Chart 14). Chart 14 Is your operational risk data supported by clear governance, standards, and data stewards? AMA 50% 31% 13% 6% 56% 33% 11% 60% 40% 53% 33% 10% 3% Fully Partially Non-AMA Beginning to Not yet 41% 24% 24% 12% 33% 50% 8% 8% 29% 21% 21% 29% 35% 30% 19% 16% May not equal due to rounding Fully Partially Beginning to Not yet

28 27 KPMG/RMA Operational Risk Management Excellence Data, Analysis, and Reporting (continued) Furthermore, 87 percent of AMA and 51 percent of non-ama respondents state they validate, or partially validate, the accuracy and completeness of their ORM data through formal quality assurance (QA) processes. One respondent stated that, while some elements of their institution s QA process are quite new and are being refined, there is a comprehensive program in place that includes data quality validation and monitoring. Almost 70 percent of AMA respondents and 65 percent of non-ama respondents stated that their ORM dashboards were at least partially supported by integrated data and metrics (please see Chart 15). However, several respondents indicated that fully robust data quality is still on the horizon and management factors data accuracy and integrity into its decision-making and planning for this reason. Chart 15 Is your operational risk dashboard supported by robust and integrated data and metrics? AMA 38% 44% 13% 6% 33% 22% 33% 11% 40% 20% 40% 37% 33% 17% 13% Fully Partially Beginning to Not yet Non-AMA 12% 53% 24% 12% 25% 42% 25% 8% 7% 57% 7% 29% 14% 51% 19% 16% Fully Partially Beginning to Not yet May not equal due to rounding

29 KPMG/RMA Operational Risk Management Excellence 28 Data, Analysis, and Reporting (continued) RESPONDENT COMMENTS When asked if their operational risk dashboard was supported by robust and integrated data and metrics, respondents stated: : Not sure that it can be called robust yet. Several KRIs for the various business lines have been established within the last year. They are still developmental and being reassessed. We need to improve the quality of many of our KRIs, but there is still a lot of good information being gathered, shared, and applied to management decisions. The operational risk dashboard is supported by data and metrics, but it is currently more qualitative than ideal and not fully integrated with all elements of the framework. An effort is underway to enhance the dashboard with metrics and linkages with all elements of the framework. : Our dashboard looks at process and controls as well as their operating effectiveness on a monthly basis. Control defects are identified and form the basis of determining residual risk. : We apply a mixture of key indicators and qualitative judgment. A divisional operational risk dashboard has been completed that is also consolidated at the group level. Although robustness is subjective, there are indicators and/or controls identified for every risk type. We have multiple dashboards across all elements of our ORM framework based on key metrics.

30 29 KPMG/RMA Operational Risk Management Excellence Data, Analysis, and Reporting (continued) Operational Risk Reporting With respect to reporting, both AMA and non-ama respondents noted that, while they have comprehensive ORM reporting at the Board, Executive Management, and business line levels, they need to enhance their reporting across other areas, such as process, product, location, and legal entity (please see Chart 16). The importance of enhancing risk data aggregation and risk reporting across all material group entities was also echoed in the BCBS 239 publication. Chart 16 Do you have comprehensive reporting of operational risk and its impact on business strategy, performance, risk appetite, and capital at the following levels? AMA Enterprise 94% 80% 93% Board level 81% 90% Business lines 81% 89% 80% 83% Entity 38% 67% 40% 47% Location 19% 33% 60% 30% Process 6% 33% 20% 17% Product 13% 22% 20% 17% Other None 6% 6% 22% 0% 10% 0% 0% 3% Enterprise 76% Non-AMA 67% 79% 74% Board level 71% 75% 71% 72% Business lines 65% 75% 50% 63% Entity 29% 33% 29% 30% Location 18% 17% 7% 14% Process 24% 25% 7% 19% Product 6% 17% 0% 7% Other None 6% 6% 8% 0% 5% 8% 14% 9% Multiple responses allowed

31 KPMG/RMA Operational Risk Management Excellence 30 The Road Ahead Conclusion ORM remains critically important to the strategic success of all financial institutions, and Survey results reveal that important strides continue to be made across all regions by both AMA and non-ama institutions. ORM is improving its standing with other risk types and its contribution to business/ risk decision-making and strategic planning. Going forward, financial institutions will need to expand efforts to deploy qualitative and quantitative measures of risk appetite across business lines, legal entities, processes, and other key areas. Firms need to broaden efforts to identify, assess, measure, and manage operational risk against defined risk appetite levels and thresholds. They also will be expected to provide effective challenge to first line risk information and enhance data governance, integrity, and aggregation for greater risk intelligence and actionable reporting. As financial institutions move forward, they are also likely to face considerable challenges in meeting competitive business pressures and in complying with the heightened regulatory environment. Current and emerging regulatory imperatives will all require expanded efforts by risk management and business lines to strengthen ORM even as AMA requirements change. The financial services industry also continues to contend with identifying, quantifying, and mitigating risks embedded within their products and services as well as establishing an effective, measurable, and sustainable risk culture. Achieving this is particularly challenging, as operational risk resides in every business line and functional area of an institution and often surfaces in other risk areas. Nevertheless, the industry is seeing a distinct maturing of the ORM discipline across many leading financial institutions and an evolving awareness of ORM within business lines. Firms are no longer considering operational risk in isolation but, rather, are now seeking to link their ORM frameworks with their broader risk management initiatives. They are continuing to connect their strategic decision-making with their risk-taking activities in order to better communicate and cascade their risk appetites throughout their business lines. This involves enabling firms to understand the risks they are taking and providing those accountable with tools to actively monitor and assess these risks. While it is essential for financial institutions to proactively address increasingly stringent regulatory expectations, these requirements alone should not be used as a substitute for establishing an effective risk culture and strong ORM processes that will, in turn, provide invaluable strategic insights, better inform management of true products costs and emerging exposures, and guide capital planning efforts. The KPMG/RMA Operational Risk Management Excellence 2015 Global Heightened Practices Survey results are encouraging, as they confirm the industry is continuing efforts to further evolve ORM to provide enhanced business value and meet heightened regulatory expectations. Nonetheless, it is clear that there is still room for ORM to grow in order to truly become the third leg of the enterprise risk management stool alongside credit and market risk.

32 KPMG and the RMA appreciate the respondents support of this Survey and look forward to the further evolution of the ORM discipline. For additional information, please contact: Global Survey Leadership and Americas Region Hugh C. Kelly Principal and National Lead (retired), Bank Regulatory Advisory, KPMG LLP T: E: Phil Bray Principal, Operational Risk Management KPMG, LLP T: E: Edward J. DeMarco, Jr. General Counsel and Director of Operational Risk & Regulatory Relations/Communications, The Risk Management Association T: E: David L. Stone Director, Financial Services Risk Management, KPMG LLP T: E: Sylwia Czajkowska Associate Director, Operational Risk, The Risk Management Association T: E: Lisa M. Newport Associate Director, Americas Financial Services Regulatory Center of Excellence KPMG LLP T: E: Region Steven Shaw Senior Regional Consultant, Europe The Risk Management Association T: E: Prof. Dr. Thomas Kaiser Director, Financial Risk Management KPMG AG T: E: Andrea Antonio Colombo Senior Manager KPMG Advisory S.p.A. T: E: Region Chris Yip Senior Regional Consultant, Asia The Risk Management Association T: E: Mike Ritchie Partner in Charge, Advisory KPMG LLP T: E: Contributions by Seiji Kamiya, Partner, KPMG Japan; Gary Daniel Chia, Partner, KPMG Singapore; Simon Topping, Partner, KPMG Hong Kong; Gary Mellody, Partner, KPMG Hong Kong; Daniel Casey, Senior Associate, KPMG LLP; Dace Embrekte-Ives, Senior Associate, KPMG LLP; and Maja Parcinski, Senior Associate, KPMG LLP. kpmg.com rmahq.com 2015 KPMG LLP, a Delaware limited liability partnership and the U.S. member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights reserved. Printed in the U.S.A. The KPMG name, logo and cutting through complexity are registered trademarks or trademarks of KPMG International. NDPPS

Operational Risk Management Excellence Get to Strong Survey

Operational Risk Management Excellence Get to Strong Survey Operational Risk Management Excellence Get to Strong Survey Executive Report kpmg.com b KPMG/RMA Operational Risk Management Excellence Get to Strong Survey Executive Report Operational Risk Management

More information

Compliance Risk Management Survey A Point of View

Compliance Risk Management Survey A Point of View FINANCIAL SERVICES Compliance Risk Management Survey A Point of View July 2014 kpmg.com Compliance Risk Management Survey A Point of View 3 Introduction As the financial crisis unfolded, regulators looked

More information

Operational Risk Management Program Version 1.0 October 2013

Operational Risk Management Program Version 1.0 October 2013 Introduction This module applies to Fannie Mae and Freddie Mac (collectively, the Enterprises), the Federal Home Loan Banks (FHLBanks), and the Office of Finance, (which for purposes of this module are

More information

Transforming risk management into a competitive advantage kpmg.com

Transforming risk management into a competitive advantage kpmg.com INSURANCE RISK MANAGEMENT ADVISORY SOLUTIONS Transforming risk management into a competitive advantage kpmg.com 2 Transforming risk management into a competitive advantage Assessing risk. Building value.

More information

RSA ARCHER OPERATIONAL RISK MANAGEMENT

RSA ARCHER OPERATIONAL RISK MANAGEMENT RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume

More information

How To Transform It Risk Management

How To Transform It Risk Management The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help

More information

Basel Committee on Banking Supervision. Review of the Principles for the Sound Management of Operational Risk

Basel Committee on Banking Supervision. Review of the Principles for the Sound Management of Operational Risk Basel Committee on Banking Supervision Review of the Principles for the Sound Management of Operational Risk 6 October 2014 This publication is available on the BIS website (www.bis.org). Bank for International

More information

Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

Operational Risk Management - The Next Frontier The Risk Management Association (RMA) Operational Risk Management - The Next Frontier The Risk Management Association (RMA) Operational risk is not new. In fact, it is the first risk that banks must manage, even before they make their first

More information

Capital Adequacy: Advanced Measurement Approaches to Operational Risk

Capital Adequacy: Advanced Measurement Approaches to Operational Risk Prudential Standard APS 115 Capital Adequacy: Advanced Measurement Approaches to Operational Risk Objective and key requirements of this Prudential Standard This Prudential Standard sets out the requirements

More information

Risk governance: OCC codifies risk standards, paving the way for increased enforcement actions

Risk governance: OCC codifies risk standards, paving the way for increased enforcement actions Regulatory February 2014 brief A publication of PwC s financial services regulatory practice Risk governance: OCC codifies risk standards, paving the way for increased enforcement actions The Office of

More information

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY PRESENTED BY: LEN WIATR, CHIEF RISK OFFICER Len s Risk Management Philosophy Build a

More information

OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT

OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT ERM as the foundation for regulatory compliance and strategic business decision making CONTENTS Introduction... 3 Steps to developing an

More information

Understanding and articulating risk appetite

Understanding and articulating risk appetite Understanding and articulating risk appetite advisory Understanding and articulating risk appetite Understanding and articulating risk appetite When risk appetite is properly understood and clearly defined,

More information

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Linking Risk Management to Business Strategy, Processes, Operations and Reporting Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles

More information

The Role of the Board in Enterprise Risk Management

The Role of the Board in Enterprise Risk Management Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance

More information

IT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP

IT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP IT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP IT Audit Perspective on Continuous Auditing/Continuous Monitoring INTRODUCTION New demands from the board, senior organizational

More information

Risk appetite in the financial services industry A requisite for risk management today

Risk appetite in the financial services industry A requisite for risk management today Risk appetite in the financial services industry A requisite for risk management today While the concept of risk appetite existed before the global financial downturn, the benign economic conditions that

More information

FINANCIAL SERVICES FLASH REPORT

FINANCIAL SERVICES FLASH REPORT FINANCIAL SERVICES FLASH REPORT OCC Finalizes Its Heightened Standards for Large Financial Institutions September 15, 2014 Transforming Heightened Expectations to Minimum Standards On September 2, 2014,

More information

INTERAGENCY GUIDANCE ON THE ADVANCED MEASUREMENT APPROACHES FOR OPERATIONAL RISK. Date: June 3, 2011

INTERAGENCY GUIDANCE ON THE ADVANCED MEASUREMENT APPROACHES FOR OPERATIONAL RISK. Date: June 3, 2011 Board of Governors of the Federal Reserve System Federal Deposit Insurance Corporation Office of the Comptroller of the Currency Office of Thrift Supervision INTERAGENCY GUIDANCE ON THE ADVANCED MEASUREMENT

More information

The New Third-Party Oversight Framework: Trust but Verify kpmg.com

The New Third-Party Oversight Framework: Trust but Verify kpmg.com Financial Services Regulatory Point of View The New Third-Party Oversight Framework: Trust but Verify kpmg.com The New Third-Party Oversight Framework: Trust but Verify 1 Financial services regulatory

More information

University of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007

University of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007 University of St. Gallen Law School Law and Economics Research Paper Series Working Paper No. 2008-19 June 2007 Enterprise Risk Management A View from the Insurance Industry Wolfgang Errath and Andreas

More information

Client Update Basel Committee 2015 Corporate Governance Principles

Client Update Basel Committee 2015 Corporate Governance Principles 1 Client Update Basel Committee 2015 Corporate Governance Principles NEW YORK Gregory J. Lyons gjlyons @debevoise.com Paul M. Rodel pmrodel@debevoise.com Eric T. Juergens etjuergens@debevoise.com Caroline

More information

Risk appetite as a dynamic management tool

Risk appetite as a dynamic management tool Risk appetite as a dynamic management tool Background The topic of risk appetite is at the centre of attention currently. There are various reasons for this: the financial crisis, which has made it clear

More information

IT Transformation. Moving Beyond Service Management to a Strategic Business Role. August 2013. kpmg.com

IT Transformation. Moving Beyond Service Management to a Strategic Business Role. August 2013. kpmg.com IT Transformation Moving Beyond Service Management to a Strategic Business Role August 2013 kpmg.com KPMG surveyed over 275 attendees at ServiceNow s Knowledge13 conference, here is what we learned. Key

More information

Risk management and the transition of projects to business as usual

Risk management and the transition of projects to business as usual Advisory Risk management and the transition of projects to business as usual Financial Services kpmg.com 2 Risk Management and the Transition of Projects to Business as Usual Introduction Today s banks,

More information

Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP

Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP Today's unpredictable business climate and challenging regulatory

More information

Principles for An. Effective Risk Appetite Framework

Principles for An. Effective Risk Appetite Framework Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective

More information

RISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2012)

RISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2012) RISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2012) Integrated Risk Management Framework The Group s Integrated Risk Management Framework (IRMF) sets the fundamental elements to manage

More information

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK ACCOUNTABLE SIGNATURE AUTHORISED for implementation SIGNATURE On behalf of Chief Executive Officer SAHRA Council Date Date

More information

The Definition of Leveraged Lending

The Definition of Leveraged Lending The Definition of Leveraged Lending Definitional Expectations for Financial Institutions Under the Final Guidance Leveraged Lending The March 2013 Interagency Guidance on Leveraged Lending ( Guidance or

More information

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012 GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental

More information

Managing Risk at Bank of America Corporation. Overview

Managing Risk at Bank of America Corporation. Overview Managing Risk at Bank of America Corporation Overview Risk is inherent in every material business activity that we undertake. Our business exposes us to strategic, credit, market, liquidity, compliance,

More information

Enhancing Audit Technology Effectiveness Key Insights from TeamMate s 2014 Global Technology Survey

Enhancing Audit Technology Effectiveness Key Insights from TeamMate s 2014 Global Technology Survey Key Insights from TeamMate s 0 Global Technology Survey Survey Results Portray Audit Committee Reporting Practices, Provide Useful Benchmarking Data This year s Internal Audit Technology Survey (IATS)

More information

Regulatory Practice Letter October 2011 RPL 11-23

Regulatory Practice Letter October 2011 RPL 11-23 Regulatory Practice Letter October 2011 RPL 11-23 Fed Report on Incentive Compensation Arrangements Horizontal Review Results Executive Summary In late 2009, the Federal Reserve Board ( Fed ) initiated

More information

Enterprise Risk Management: From Theory to Practice

Enterprise Risk Management: From Theory to Practice INSURANCE Enterprise Risk Management: From Theory to Practice KPMG LLP Executive Summary Enterprise Risk Management (ERM) is a structured and disciplined business tool aligning strategy, processes, people,

More information

Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm

Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm Mike Brown Senior Vice President, Corporate Audit State Street Corporation Rich Reynolds Partner PricewaterhouseCoopers

More information

Enterprise Risk Management

Enterprise Risk Management Cayman Islands Society of Professional Accountants Enterprise Risk Management March 19, 2015 Dr. Sandra B. Richtermeyer, CPA, CMA What is Risk Management? Risk management is a process, effected by an entity's

More information

Investment Management: Rising to the Risk and Compliance Challenge kpmg.com

Investment Management: Rising to the Risk and Compliance Challenge kpmg.com KPMG Regulatory Risk and Compliance Practice Investment Management: Rising to the Risk and Compliance Challenge kpmg.com CONTENTS New Regulatory Frontiers: Forging Ahead in a Changing Landscape 1 A Proactive

More information

Scenario Analysis Principles and Practices in the Insurance Industry

Scenario Analysis Principles and Practices in the Insurance Industry North American CRO Council Scenario Analysis Principles and Practices in the Insurance Industry 2013 North American CRO Council Incorporated chairperson@crocouncil.org December 2013 Acknowledgement The

More information

ADVISORY SERVICES. Risk management in an evolving world. Making the case for social media governance. kpmg.com

ADVISORY SERVICES. Risk management in an evolving world. Making the case for social media governance. kpmg.com ADVISORY SERVICES Risk management in an evolving world Making the case for social media governance kpmg.com Risk management in an evolving world 3 Why good governance should be the foundation of your social

More information

How to stay competitive in a converging healthcare system kpmg.com

How to stay competitive in a converging healthcare system kpmg.com Managing risk in a transforming healthcare organization How to stay competitive in a converging healthcare system kpmg.com 2 Healthcare Risk Management Managing the risk of healthcare transformation Healthcare

More information

KPMG LLP Credit Risk Management Practices 2014 Survey on Credit Bureau Reporting

KPMG LLP Credit Risk Management Practices 2014 Survey on Credit Bureau Reporting KPMG LLP Credit Risk Management Practices 2014 Survey on Credit Bureau Reporting July 2014 kpmg.com Introduction Dear Colleagues: Credit reports play an important role in the lives of consumers. As the

More information

Developing a Free Credit Score Program. kpmg.com

Developing a Free Credit Score Program. kpmg.com Developing a Free Credit Score Program kpmg.com Developing a Free Credit Score Program 1 Introduction U.S. regulators, including the Consumer Financial Protection Bureau (CFPB), have begun urging lenders

More information

PART B INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS (ICAAP)

PART B INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS (ICAAP) Framework (Basel II) Internal Capital Adequacy Assessment PART A OVERVIEW...2 1. Introduction...2 2. Applicability...3 3. Legal Provision...3 4. Effective Date of Implementation...3 5. Level of Application...3

More information

Beyond risk identification Evolving provider ERM programs

Beyond risk identification Evolving provider ERM programs Beyond risk identification Evolving provider ERM programs March 2016 At a glance PwC conducted research to assess the state of enterprise risk management (ERM) within healthcare providers and found many

More information

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Board of Directors. March 2015. Ce document est aussi disponible en français. Guidance Note: Corporate Governance - Board of Directors March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance

More information

Risk Management Framework

Risk Management Framework Risk Management Framework Mandate and commitment Design of framework for managing risks Continual improvement of the framework Implementing risk management Monitoring and review of the framework Source:

More information

2015 GLOBAL ASSET MANAGEMENT SURVEY

2015 GLOBAL ASSET MANAGEMENT SURVEY 2015 GLOBAL ASSET MANAGEMENT SURVEY It's not what happens to you, but how you react to it that matters." -Epictetus A survey carried out globally by Linedata. INTRODUCTION It's not what happens to you,

More information

Driving business performance Using data analytics

Driving business performance Using data analytics Driving business performance Using data analytics January 2016 kpmg.com About data analytics Many companies are overlooking a significant opportunity to enhance decision making and improve performance

More information

Placing a Value on Enterprise Risk Management ADVISORY

Placing a Value on Enterprise Risk Management ADVISORY Placing a Value on Enterprise Risk Management ADVISORY Placing a Value on Enterprise Risk Management 1 In turbulent economic times, the case for investing in an enterprise risk management (ERM) program

More information

Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm

Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom kpmg.bm Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom 1 Connecting the dots:

More information

STRESS TESTING GUIDELINE

STRESS TESTING GUIDELINE STRESS TESTING GUIDELINE JUIN 2012 Table of Contents Preamble... 2 Introduction... 3 Scope... 5 Coming into effect and updating... 6 1. Stress testing... 7 A. Concept... 7 B. Approaches underlying stress

More information

Accenture Risk Management. Industry Report. Life Sciences

Accenture Risk Management. Industry Report. Life Sciences Accenture Risk Management Industry Report Life Sciences Risk management as a source of competitive advantage and high performance in the life sciences industry Risk management that enables long-term competitive

More information

Governance structures and leading. central banks

Governance structures and leading. central banks Governance structures and leading practices for risk management in central banks Helena Tejero, Division Head, Risks & Processes, Bank of Spain Central Bank Governance Forum 2014 IMF / Hawkamah, Dubai,

More information

The validation of internal rating systems for capital adequacy purposes

The validation of internal rating systems for capital adequacy purposes The validation of internal rating systems for capital adequacy purposes by the Banking Policy Department Under the new Basel II capital adequacy framework 1, banks meeting certain supervisory standards

More information

Enterprise Risk Management & Information Technology

Enterprise Risk Management & Information Technology Enterprise Risk Management & Information Technology Presented by Scott Perry and Gary Ross Slalom Consulting, San Francisco Agenda Introductions Session Objectives Overview of Enterprise Risk Management

More information

Prudential Practice Guide

Prudential Practice Guide Prudential Practice Guide SPG 220 Risk Management July 2013 www.apra.gov.au Australian Prudential Regulation Authority Disclaimer and copyright This prudential practice guide is not legal advice and users

More information

2012 US Insurance ERM & ORSA Survey Key results and findings

2012 US Insurance ERM & ORSA Survey Key results and findings www.pwc.com 2012 US Insurance ERM & ORSA Survey Key results and findings June 2013 Henry Jupe Director, Insurance Risk and Capital Practice henry.m.x.jupe@us.pwc.com Antitrust notice The Casualty Actuarial

More information

Enterprise Risk Management

Enterprise Risk Management Enterprise Risk Management Enterprise Risk Management Understand and manage your enterprise risk to strike the optimal dynamic balance between minimizing exposures and maximizing opportunities. Today s

More information

Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency. kpmg.com

Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency. kpmg.com Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency kpmg.com Leveraging data analytics and continuous auditing processes 1 Executive

More information

GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK

GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK SUPERVISORY AND REGULATORY GUIDELINES: PU-0412 Operational Risk 25 th November, 2013 GUIDELINES FOR THE MANAGEMENT OF OPERATIONAL RISK 1. INTRODUCTION 1.1. The Central Bank of The Bahamas ( the Central

More information

Insurance ERM Advances

Insurance ERM Advances Insurance ERM Advances Global Leaders Point Way for Regional Players By Penny Fosker, Mark Scanlon and Eric Simpson Towers Watson s most recent survey of insurers shows that the pace of enterprise risk

More information

Effective risk management

Effective risk management Effective risk management Our holistic and disciplined risk management program is designed to mitigate risks at all levels of our business in order to protect our clients interests. 2 Vanguard > Effective

More information

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,

More information

WHITE PAPER THIRD PARTY MANAGEMENT: FUNDAMENTALS

WHITE PAPER THIRD PARTY MANAGEMENT: FUNDAMENTALS THIRD PARTY MANAGEMENT: FUNDAMENTALS by Linda Tuck Chapman Sponsored by Third Party Management Fundamentals Third Party Management isn t new, but its importance is growing in every industry and the financial

More information

Integrated Risk Management:

Integrated Risk Management: Integrated Risk Management: A Framework for Fraser Health For further information contact: Integrated Risk Management Fraser Health Corporate Office 300, 10334 152A Street Surrey, BC V3R 8T4 Phone: (604)

More information

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus

More information

Oracle Financial Services Broker Compliance

Oracle Financial Services Broker Compliance Oracle Financial Services Broker Compliance Financial institutions with retail, wealth management, and private banking businesses recognize the direct relationship between rigorous compliance processes

More information

HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE

HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE I. Committee Purpose The Risk Committee is appointed by the Board of Directors of HSBC Finance Corporation (the Corporation ) and is responsible,

More information

Confident in our Future, Risk Management Policy Statement and Strategy

Confident in our Future, Risk Management Policy Statement and Strategy Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents

More information

Consumer Goods and Services

Consumer Goods and Services Accenture Risk Management Industry Report Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and Services 2011 Global Risk Management Point of View Consumer Goods and

More information

BEYOND AMA PUTTING OPERATIONAL RISK MODELS TO GOOD USE POINT OF VIEW

BEYOND AMA PUTTING OPERATIONAL RISK MODELS TO GOOD USE POINT OF VIEW POINT OF VIEW BEYOND AMA PUTTING OPERATIONAL RISK MODELS TO GOOD USE AUTHORS Ramy Farha, Principal Tom Ivell, Partner Thomas Jaeggi, Principal Evan Sekeris, Partner A long history of incidents, ranging

More information

Enterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012

Enterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012 Enterprise Risk Management in a Highly Uncertain World A Presentation to the Government-University- Industry Research Roundtable June 20, 2012 CRO Council Introduction Mission The North American CRO Council

More information

www.pwc.com/modelrisk New supervisory guidance on model Overview, analysis, and next steps

www.pwc.com/modelrisk New supervisory guidance on model Overview, analysis, and next steps www.pwc.com/modelrisk New supervisory guidance on model risk management: Overview, analysis, and next steps Features of new guidance Issued as supervisory guidance (21 pages) not as a risk bulletin. This

More information

Guidance on Supervisory Interaction with Financial Institutions on Risk Culture. A Framework for Assessing Risk Culture

Guidance on Supervisory Interaction with Financial Institutions on Risk Culture. A Framework for Assessing Risk Culture Guidance on Supervisory Interaction with Financial Institutions on Risk Culture A Framework for Assessing Risk Culture 7 April 2014 Table of Contents Page Background... i Introduction... 1 1. Foundational

More information

Deriving Value from ORSA. Board Perspective

Deriving Value from ORSA. Board Perspective Deriving Value from ORSA Board Perspective April 2015 1 This paper has been produced by the Joint Own Risk Solvency Assessment (ORSA) Subcommittee of the Insurance Regulation Committee and the Enterprise

More information

How ERM programs evolve

How ERM programs evolve How to achieve excellent Enterprise Risk Management series www.pwc.com/us/ermexcellenceseries Article 3: June 2015 How ERM programs evolve Overview An organization s enterprise risk management (ERM) program

More information

An Oracle White Paper November 2011. Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime

An Oracle White Paper November 2011. Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime An Oracle White Paper November 2011 Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime Disclaimer The following is intended to outline our general product direction.

More information

Risk health check When is yours?

Risk health check When is yours? Risk health check When is yours? 2 This page has been left blank intentionally Rethinking enterprise risk management (ERM) Today s business leaders understand the importance of risk management but they

More information

fs viewpoint www.pwc.com/fsi

fs viewpoint www.pwc.com/fsi fs viewpoint www.pwc.com/fsi June 2013 02 11 16 21 24 Point of view Competitive intelligence A framework for response How PwC can help Appendix It takes two to tango: Managing technology risk is now a

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...

More information

Capital Requirements Directive Pillar 3 Disclosure. December 2015

Capital Requirements Directive Pillar 3 Disclosure. December 2015 Capital Requirements Directive Pillar 3 Disclosure December 2015 1. Background The purpose of this document is to outline the Pillar 3 disclosures for BlueBay Asset Management LLP ( BlueBay ). BlueBay

More information

Italy. EY s Global Information Security Survey 2013

Italy. EY s Global Information Security Survey 2013 Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information

More information

FINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework)

FINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework) ROLE OF Financial is an independent function responsible for ensuring the timely and accurate reporting and in-depth analysis of the operational results of the operating units (including business lines)

More information

MISSION VALUES. The guide has been printed by:

MISSION VALUES. The guide has been printed by: www.cudgc.sk.ca MISSION We instill public confidence in Saskatchewan credit unions by guaranteeing deposits. As the primary prudential and solvency regulator, we promote responsible governance by credit

More information

Vital Risk Insights kpmg.com

Vital Risk Insights kpmg.com Vital Risk Insights kpmg.com KPMG INTERNATIONAL business Using intelligence software to monitor indicators of governance, risk and compliance Success in today s global marketplace demands that leading

More information

ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES

ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES THOMSON REUTERS ACCELUS ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES PROACTIVE. CONNECTED. INFORMED. THOMSON REUTERS ACCELUS Compliance management Solutions Introduction The advent of new and pending

More information

Mission/Purpose: Committee Responsibilities:

Mission/Purpose: Committee Responsibilities: Joint Charter of the Risk Assessment Committees of the Boards of Directors of New York Community Bancorp, Inc., New York Community Bank and New York Commercial Bank The following states the Joint Charter

More information

Supervisory Guidance on Operational Risk Advanced Measurement Approaches for Regulatory Capital

Supervisory Guidance on Operational Risk Advanced Measurement Approaches for Regulatory Capital Supervisory Guidance on Operational Risk Advanced Measurement Approaches for Regulatory Capital Draft Date: July 2, 2003 Table of Contents I. Purpose II. Background III. Definitions IV. Banking Activities

More information

Practical Vendor Management to Minimize Compliance Risks November 12, 2015

Practical Vendor Management to Minimize Compliance Risks November 12, 2015 Practical Vendor Management to Minimize Compliance Risks November 12, 2015 v 1 Today s Speakers Ray Everett Principal Consultant & Director Product Management TRUSTe Charlie Miller SVP Shared Assessments

More information

Vendor Risk Management in the New Regulatory Environment. kpmg.com

Vendor Risk Management in the New Regulatory Environment. kpmg.com Vendor Risk Management in the New Regulatory Environment kpmg.com Vendor Risk Management in the New Regulatory Environment 2 Vendor Risk Management in the New Regulatory Environment Background Regulators

More information

BOARD OF GOVERNORS FEDERAL RESERVE SYSTEM

BOARD OF GOVERNORS FEDERAL RESERVE SYSTEM BOARD OF GOVERNORS OF THE FEDERAL RESERVE SYSTEM WASHINGTON, D.C. 20551 DIVISION OF BANKING SUPERVISION AND REGULATION DIVISION OF CONSUMER AND COMMUNITY AFFAIRS SR 12-17 CA 12-14 December 17, 2012 TO

More information

Understanding Financial Consolidation

Understanding Financial Consolidation Keynote Address Roger W. Ferguson, Jr. Understanding Financial Consolidation I t is my pleasure to speak with you today, and I thank Bill McDonough and the Federal Reserve Bank of New York for inviting

More information

Portfolio Management for Banks

Portfolio Management for Banks Enterprise Risk Solutions Portfolio Management for Banks RiskFrontier, our industry-leading economic capital and credit portfolio risk management solution, along with our expert Portfolio Advisory Services

More information

Take the right steps 9 principles for building the Risk Intelligent Enterprise

Take the right steps 9 principles for building the Risk Intelligent Enterprise Take the right steps 9 principles for building the Risk Intelligent Enterprise Contents 9 principles for building a Risk Intelligent Enterprise 2 The Risk Intelligent Framework 4 1. Is risk a threat or

More information

Sustainability reporting What you should know kpmg.com

Sustainability reporting What you should know kpmg.com SUSTAINABILITY Sustainability reporting What you should know kpmg.com b Sustainability reporting What you should know KPMG LLP (KPMG) defines corporate sustainability as adopting business strategies that

More information

KPMG Internal Audit 2015: Top 10 considerations for private equity firms. kpmg.com

KPMG Internal Audit 2015: Top 10 considerations for private equity firms. kpmg.com KPMG Internal Audit 2015: Top 10 considerations for private equity firms kpmg.com INTERNAL AUDIT TOP 10 CONSIDERATIONS IN 2015 1 Historically, private equity has been less regulated than other parts of

More information

Risk Management. Trends for Insurance Companies. Jeffrey Lovern Genworth Financial VP, Enterprise Risk Management Global Mortgage Insurance

Risk Management. Trends for Insurance Companies. Jeffrey Lovern Genworth Financial VP, Enterprise Risk Management Global Mortgage Insurance Risk Management Trends for Insurance Companies Jeffrey Lovern Genworth Financial VP, Enterprise Risk Management Global Mortgage Insurance Global Association of Risk Professionals March, 2014 Agenda Global

More information

Cyber Security and the Board of Directors

Cyber Security and the Board of Directors Helping clients build operational capability in cyber security. A DELTA RISK VIEWPOINT Cyber Security and the Board of Directors An essential responsibility in financial services About Delta Risk is a

More information