Insurers and banks are currently grappling with how best to model operational risk. Many firms struggle to come up with sensible figures that can past any proper validation criteria when faced with issues like limited applicable data, correlation with other risks, aggregation challenges, and the impact of prospective operational risks from the use of new technology.
McKinsey have an interesting article out suggesting a structured approach to the issue. The graphic below illustrates their approach.
click to enlarge
No one approach is ideal or applicable to all. Notwithstanding this, financial firms all too often focus on justifying a low operational charge to regulators in their capital modelling rather than ensuring that their approach can be embedded into their control framework as a practical risk management tool for management and employees to use in being continually vigilant of operational risks whilst offering tangible incentives to mitigate risk which are, by their nature, unanticipated.
This blog represents my personal views and is not reflective of the views or opinions held by any company or employer I work for currently or have worked for in the past. The views expressed herein are based solely upon publicly available data. No views expressed herein should be taken as an endorsement to take any particular course of action in the markets. The basis of this blog is that different views should be expressed and readers make up their own minds on the what they believe and act accordingly.
deconstructingrisk 