Operational Risk Management in Financial Institutions

Fitch Learning

Fitch Learning


Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Read more about Digital Transformation

Digital transformation is the process of adopting and utilizing state-of-the-art technologies in order to boost business activity, improve safety, and...

Read more about General Management Programs

The rapidly changing world of management obliges people to adapt to emerging trends of this industry. Modern general management responsibilities inclu...


Comprehensive course analysis

Unbiased reviews from past participants
Global companies alumni of this course worked for
Positions of participants who took this course
Countries where most past participants are from
Individual needs analysis

About the course

The goal of this two-day workshop is to build an understanding of the importance of operational risk management within the Banking and Finance industry.

Key Learning Outcomes:

  • Identify the sources of operational risk and how these arise within the context of financial institutions main business activities.
  • Understand the governance structures, systems, procedures and cultural aspects necessary for an organisation to successfully manage operational risk.
  • Build a knowledge of the main techniques for the measurement and quantification of operational risk and their relative merits and drawbacks.
  • Appreciate the approaches available to a bank under Basel III for the calculation of regulatory capital for operational risk and the supervisory requirements for each approach.

Analytic Overview

The aim of this section is to understand the nature of operational risk, identify typical occurrences of operational risk within a bank’s business model, and to consider external perspectives on the importance of operational risk management in rating and banking supervision.

Importance of Operational Risk as part of the firms risk inventory

Understanding the nature of operational risk: “Dimes and disasters”

Current industry drivers of increasing operational risk in financial institutions; complexity, innovation, technology, transaction velocity and litigation

Motivations to manage operational risk: financial loss, legal and regulatory requirements, reputational risks, capital management and planning

Management perspectives/requirements; understanding the risk, information systems, quantification, mitigation and hedging decisions, cultural and behavioural aspects

Identifying categories of operational risk in financial institutions:

  • Core operational capacity
  • People risks
  • Client relationships & Fiduciary risks
  • Transactional systems
  • Safe custody
  • Reconciliation and reporting
  • Fraud
  • Legal risk
  • Change and new activities
  • Expense volatility

External perspectives on operational risks:

  • Incorporation of operational risk criteria in rating agency methodologies
  • Regulatory and industry perspectives on the importance of operational risk control
  • Exercise: identifying sources of operational risk across business lines in a major financial institution

The ‘Next’ Operational Risk: Cybercrime

Cybercrime has evolved as the markets evolve and we continue embrace new technologies. Yet do we truly understand this new risk? Is our lack of knowledge a reason why so many risk professionals globally now speak in hushed voices about it being when - not if - cybercrime will bring down a financial institution?

As cybercrime is often classed as an operational risk we will cover the basics of the topic in the context of operational risk. Looking at some of the relevant cases (scams and scandals) that have forced regulators and financial organizations to adapt accordingly.

  • What is cybercrime?
  • Exploring cybercrime in numbers
  • Detailing the sources of cybercrime within financial institutions
  • Identifying the consequences of cybercrime
  • People: Line of Defence or Weakest Link?
  • Exercise: what can we do to protect ourselves and our employers?

Operational Risk Governance

The objective of risk management is to add maximum sustainable value to the activities of an organisation. It therefore needs to be a continuous and developing process that operates in conjunction with the development and implementation of the organisation’s strategy and whose aim is to increase the probability of achieving the overall objectives of the organisation and reduce the probability of failure.

To achieve this, operational risk management must be integrated into the organisation and led by the most senior management. This section of the course will therefore look at the key role of the board in setting an organisation’s operational risk policy and the key characteristics of how it is implemented.

  • Risk management process – Operational risk as an integral part of the enterprise risk management framework
  • Roles and responsibilities - of the board, senior management and support functions.
  • Evaluating corporate governance standards
  • 3 lines of defence – an explanation of the traditional three lines of defence and the allocation of risk responsibilities.
  • Exercise: Corporate Governance
  • Operational risk framework – how the components of operational risk management fit within strategy and risk policy.
  • Operational risk cycle – the components of the risk cycle: identification; assessment and measurement; mitigation and management; monitoring and reporting.
  • The role of culture in the organization-wide management of operational risk:
    • Why culture forms such an important aspect of operational risk management
    • Characteristics of poor vs. effective operational risk cultures
    • Fostering an effective risk management culture
  • Case study: Cultural aspects to operational risk

Management of Operational Risk

The objective of this section is to consider the main techniques used to identify and to manage operational risks, within a financial institution environment.

Objectives of operational risk management; avoidance of catastrophic losses, promote organisational understanding of operational risk, anticipate risks more effectively, objectively measure performance, change culture and behaviours, streamline products and services and ensure that adequate due diligence is performed in any takeovers or merger

Operational risk policy - the key components of an organization’s operational risk policy

Identifying the organization's operational risks through risk control and self-assessment

  • Risk Control and Self-Assessment (RCSA) techniques – advantages and disadvantages
  • Cultural aspects to the RCSA
  • Defining frequency and impact scales

Assessing the full range of potential impacts of operational risk

Understanding controls and how risk is modified

  • Relationship Inherent risk, residual risk, expected risk and targeted risk
  • Assessing how controls modify risk
  • Exercise: Identifying control functions

Scenario Analysis

  • Using the RCSA to identify likely scenarios
  • Scenario design techniques and avoiding assumptions/bias
  • Use of external data in scenario design
  • Exercise: Designing scenarios

Key Risk Indicator (KRI) Analysis

  • Types of KRI and relationship to risk levels
  • Characteristics of and identifying useful KRI’s
  • KRI calibration approaches

Operational risk incident recording

  • Objectives of risk incident recording
  • Internal data collection, parsing and emerging risks identification
  • The importance “Lessons Learned” processes
  • Impact of new products, processes, business lines and locations

Improving the organization's operational risk process

  • Strategies align operational risk to risk appetite: the ATAC matrix
  • Measuring progress and improvement

Bank Regulatory Capital Requirements for Operational Risk

The objective of this section is to compare the current environment for calculating operational risk capital requirements with the new standardized approach model that has been proposed by BIS/BCBS.

The challenges of calculating unexpected vs. expected loss for operational risk

The 'old' fundamental Basel approaches for operational risk capital requirements

  • The Basic Indicator Approach
  • The Standardised and Alternative Standardised Approach
  • The Advanced Management Approach (AMA)

The 'new' standardized measurement approach plus pros and cons

Case study: The real world: What are banks doing for Pillar 3?

How meaningful are today's Basel III Pillar 3 disclosures from financial institutions?

Operational Risk Management in Financial Institutions at Fitch Learning

From  $2,995
Add coaching to your course booking

Coaching can personalize and deepen learning for you and your organization.

Something went wrong. We're trying to fix this error.

Thank you for your application

We will contact the provider to ensure that seats are available and, if there is an admissions process, that you satisfy any requirements or prerequisites.

We may ask you for additional information.

To finalize your enrollment we will be in touch shortly.


Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Read more about Digital Transformation

When it comes to imposing digital frameworks and technologies, whether you’re trying to optimize particular units or the entire organization, you need to minimize the collateral damage in order to have a greater effect. However, it's not always that ...

Read more about General Management Programs

General Management Program courses offer an excellent opportunity to develop the knowledge and skills necessary to effectively turn all the best practices in marketing, HR, and innovation into actionable and beneficial strategies. After the successfu...

Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.

We are happy to help you find a suitable online alternative.