MASTERING ADVANCED OPERATIONAL RISK

Operational risk, or the risk of loss resulting from inadequate or failed internal processes, people, or systems, is one of the most important and crucial areas that banks and financial services firms (Firms) face today. In this modern era of cyber attacks, rogue traders, and technology failures, establishing robust and cutting-edge operational risk best practices is imperative for Firms operating around the world. This requires a systematic approach to the control of all operational risks and the establishment of an effective Enterprise Risk Management (ERM) culture.

This superior and unique operational risk training course will provide Firms with training across a wide breadth of areas pertinent to operational risk management governance. Attendees will be trained in a wide range of areas such as developing new and cutting edge internal risk control functions, developing operational efficiencies, mitigation of enterprise-wide operational risk, support and control functions, and modern risk measurement and management techniques. The highly flexible and modular nature of the training course allows Firms to customise it according to their own specific internal needs. From a high level perspective the training course will set out key steps in developing an operational risk framework, defining the scope of business, developing a risk policy, documenting an Enterprise Risk Document, and the Three Lines of Defence. 

TRAINING PROGRAMME MODULES

MODULE 1: AML and KYC Frameworks

·       Overview of Legal Frameworks (Proceeds of Crime Act 2002, Terrorism Act 2000, Money Laundering Regulations 2007).

·       Establishing Advanced 'Detect and Control' Fraud and Manipulation Frameworks, Risk Sensitive Customer Due Diligence (CDD) Requirements, and Risk Assessment Policies.

·       Overview of the Fourth Anti-Money Laundering Directive (2015/849) (AMLD).

·       Transforming Investigative Processes with New AML/KYC Technologies.

MODULE 2: Basel II Operational Risk Frameworks

·       Basel II Operational Risks (Internal Fraud, External Fraud, Employment Practices and Workplace Safety, Clients, Products and Business Practices, Physical Asset Damage, Business Disruption and System Failures, Delivery, Transaction, and Process Management.

·       Identifying Core Business Operational Vulnerabilities and Setting Key Risk Indicators (KRIs) (Prediction, Metrics, Benchmarking, Status Monitoring).

·       Analysing, Mapping, and Managing Operational Risks, Mapping Causes to Events to Effect.

MODULE 3: Basel III Operational Risk Frameworks

·       The Basel Accords and the Three Pillar Basel Framework.

·       Basel II Changes to Capital Adequacy, Market Liquidity Risk, Stress Testing, Capital Requirements, Countercyclical Capital Buffers, Capital Conservation Buffers.

·       Establishing Effective Liquidity Coverage Ratio (LCR), Net Stable Funding Ratio (NSFR) and Basel Operational Risk Frameworks.

MODULE 4: Basel IV Operational Risk Frameworks

·       Basel 4 and the Single Standardised Approach to Operational Risk (Counterparty Risk, 2014; Market Risk, 2016, Interest Rate Risk, 2016), Standardised and Internal Model Based Approaches, and the Application of a Capital ('Output') Floor.

·       Higher Capital Requirements and Risk Weightings, Evolved Stress-Testing, and Macro-Prudential Tools.

MODULE 5: Establishing Operational Risk Appetites

·       Identifying and Classifying Operational Risk Categories.

·       Identifying Operational Risk Appetite and Control Appetite (Methodologies).

·       Identifying Potential Direct Losses (Fines, Client Relationships, Reputational Damage).

·       Identifying the Drivers of Reputational Risks, the Media and Reputation, and Managing Reputational Risk.

MODULE 6: Best Practices for Operational Risk Management Frameworks

·       Identifying Major Risks, Operational Risk Management Setup, Identification Tools, Root Cause Analysis (RCA), Historical Incident Data (Internal, External), Governance, Events and Losses, KRIs, Key Performance Indicators (KPIs), and Key Control Indicators (KCIs).

·       Defining Materiality of Operational Risk Measures (Loss Amount, KRI Breach, Operational value-at-risk (OpVaR), Red, Amber, Green Status (RAG)) in terms of Firm Business Objectives.

·       Identifying and Capturing Key Firm Risk Interdependencies.

·       Overview of Quantification Techniques (Scenario Analysis, Loss Distribution Approach, Scorecards).

MODULE 7: Modelling Operational Risk

·       Capturing Risks within the Risk Management Process (Inherent Risk, Residual Risk, Expected Risk, Targeted Risk, Control Risk).

·       Stress Testing and Scenario Analysis, Combining Loss Data and Qualitative Data.

·       Capital Modelling Methodologies.

·       An Overview of Risk Control Self- Assessment (RCSA), Loss Event Recording, and Operational Risk Capital Calculation.

MODULE 8: Risk Control Self-Assessment (RSCA)

·       Identification, Recording, and Assessment of Potential Material Risks, and Identification and Assessment of Risk Controls.

·       Evaluating Internal Risk Appetite and Organisational Tolerance.

·       Mapping Areas of Risk and Developing a Risk Prioritisation Map.

·       Developing an Effective Internal RSCA Framework (Frequency, Risk Exposures, Risk Questionnaires, Risk Incidents, Review of External Information, Methodologies, Stakeholder Review).

MODULE 9: Advanced Integration of Risk Frameworks

·       The Interaction of Operational Risk Management and Six Sigma and Lean.

·       Integration of Market Risk, Credit Risk, and Operational Risk Frameworks, Levels of Risk, Effectiveness of Controls Scale.

·       Developing Holistic Operational Risk and Compliance Frameworks (Integration of Governance, Risk and Compliance (GRC) Function with new Compliance Risk Sources (Customer, Product, Channels).

·       Aligning Risk Governance, Monitoring, and Testing approaches across existing Lines of Business.

MODULE 10: Operational Risk Management, Culture, and Conduct Risk

·       Establishing Sound Internal Governance and Culture, the Financial Conduct Authority (FCA) Sources of Conduct Risk (Inherent, Environmental, Structures and Business Conduct).

·       Relationships with the Board and Senior Management, Proactive Board and Senior Management Oversight, Operational Risk Senior Management Information and Oversight Reports.

·       Managing Conduct Risk (Competitors, Conflict of Interest, Corporate Governance, Culture, External Economic Factors, Reputation, Sales Practices, Technological Influences).

·       Managing Reputation Risk and Damage, Assessment of Conduct Risk Technologies.

MODULE 11: Implementing Effective Cyber Risk and Data Security Operational Frameworks

·       Identifying and Mapping Operational Threats, Vulnerabilities, and Weaknesses (Data Theft, Cyber Fraud, DDOS Attack, Intellectual Property Loss).

·       Effective Integration of Cyber Resiliency Frameworks into Operational and Technology Frameworks.

·       Monitoring, Auditing, and Testing Cyber Risk and Data Security processes and Managing Cyber Event Outcomes.

·       Evaluating Third Party Professional Risk Technology Solutions.

MODULE 12: Implementing Effective Recovery and Resolution Technology Frameworks

·       Business Continuity Planning and Building and Effective Disaster Recovery Plan (Objectives, Capital Costs, Underlying Business Requirements).

·       The Decision to Outsource Disaster Recovery Plan Development and Key Considerations.

·       Evaluating Technology Solutions for Data Security and Protection.

·       Key Considerations in Developing Effective Business Continuity Plans.

JOHN THACKERAY

John Thackeray is a Strategic Business Risk and Compliance Consultant  specializing in Risk Identification, Risk Frameworks, Governance and Compliance Programs.

He has over 25 years’ experience in Risk Management acquired through previous roles including assignments with Deutsche Bank, CitiGroup RBC and Societe Generale in the US and the UK.

He is the founder and the owner of RiskSmartInc, an expert risk consultancy firm that provides business risk and compliance consulting with a particular focus on writing policy, standards and procedures.  

RiskSmartInc clients include two major international Japanese Banks, a US Fixed income Broker Dealer; with an audience including the US Federal Reserve, the National Association of Futures and FINRA.

John has worked on numerous projects including the creation of different Prime Brokerage Platforms, the rebuilding of a Risk and Margin Platform (2010), the launching of two Risk Identification Programs (2015) for US Regional Bank for CCAR and for an IHC comprising a US Broker dealer and a US Regional Bank.

As Chief Risk Officer, he also set up a Risk Radar Model (2011) for Société Générale to facilitate a warning system for US banks.

At present,  RiskSmartInc is engaged in the writing of Credit Policy documents to enhance both governance and structure.

John is a specialist in Risk Management, Governance, Operational Risk, Credit and Market Risk, Liquidity Risk and Risk Assessment.

He also developed an expert knowledge covering Hedge Funds, Derivatives, Financial Institutions, Stress Testing. His skills include also Capital Management, Retail Banking, Treasury Management, Interest Rate Risk Management and Policy Writing.

TOM CLARK

Tom Clark is a senior and innovative Risk and Compliance Management Expert. He was previously the Head of Operational Risk at OpenWealth – Citi, now Genpact where he was in charge of risk strategy and development and proactively monitoring the legal and regulatory environment. At Citi Tom worked with a team of legal, Compliance and Governance professionals to put in place operational & regulatory improvements in order to increase the effectiveness of the control environment within the business. He also played a key role in effectively managing and resolving complex compliance issues including CASS6 and CASS7 events. Tom was also the founder and owner of Tom J. Clark Consultancy Limited, an expert risk consultancy firm. Some of the firm’s key achievements include acquiring sign-off for a ‘non-standards’ approach to client money reconciliations, pioneering a new governance structure to negotiate and manage escalated issues from commercial clients, and establishing a new and innovative Operational Events (Breaches and Incidents) process. His previous roles include more than eighteen years of experience at the Royal Bank of Scotland during which he acquired an expert knowledge of the financial and banking systems. This included roles such as Financial Planning Consultant (1993-1998); Training and Development Manager (1998-2002); Private Banking Manager (2002-2005); Regulatory Risk Manager (2005-2007); Regulatory Monitoring Manager (2007-2011). As Compliance Manager at Aegon (2011-2012) he played an active role in key compliance projects covering the Retail Distribution Review (RDR), Regulatory Reporting, Pension Reform, and was also responsible for establishing a Compliance Risk Universe and helping set-up the Compliance Assurance team. 

He has an Advanced Financial Planning Certificate from the Chartered Institute of Insurance (1998), an IPD Certificate in Training Practice from the Glasgow College of Commerce (2002), a Certificate of Mortgage Advice & Practice from the Institute of Financial Services (2004) and an Advanced Certificate in Regulatory Risk and Compliance from the Manchester Business School (2011).

Tom Clark developed strong skills in Risk Management, Operational & Regulatory Risk, AML and Client Money & Asset (CASS) regime, he also has a deep knowledge in Compliance, Banking, Investment, Assurance. He knows how to manage Enterprise Risk, Portfolios. His skills include also Retail Banking, Corporate Governance, Private Banking and Financial Planning.