Many Financial Institutions Not Using Operational Risk Management To Challenge Business Models: KPMG And RMA Survey

05 December 2018
Knowledge Base

Aligning operational risk management (ORM) with strategy could enable strategic change, improve business performance and enhance customers’ experience for financial institutions. However, only half of firms surveyed with less than $250 billion in assets leverage ORM to challenge business models, according to a report by KPMG LLP and The Risk Management Association (RMA).

According to the Operational Risk Management Excellence Survey, larger institutions appear more advanced in aligning ORM with strategy, with 90 percent at or above $250 billion in assets leveraging ORM to challenge business models. For more, please click here.
“Aligning ORM with business strategy enables financial institutions to identify, assess and mitigate risks, while adding business value,” said Phillip Bray, Principal in KPMG LLP’s Operations and Compliance Risk services. “We’ve observed that, for many institutions, the first priority is to resolve regulatory issues and then take a broader look at how ORM is integrated into strategy.”
“While prioritizing compliance is understandable in this challenging regulatory landscape, institutions that cannot evolve their ORM from a check-the-box approach to one that informs the organization as a whole are not realizing the full value of their operational risk spend,” said RMA Chief Administrative Officer and Director of Operational Risk Edward J. DeMarco, Jr. “They are also missing opportunities that could be transformational to their businesses.”

Other Key Findings

  • Digital Transformation Spend Lacking: 20 percent at or above $250 billion and 27 percent under $250 billion are dedicating a portion of annual budgets to digital transformation, including automation and data and analytics.
  • Regulatory Checklists: Larger and smaller institutions agreed the following areas are most important to regulators:
    – Operational risk aggregation / profile (92 percent)
    – Information / cyber security (85 percent)
    – Risk control self assessments (85 percent)
    – Operational risk monitoring (81 percent)
    – Vendor risk management (77 percent)
  • Data Reporting: 27 percent and 21 percent, respectively, of larger and smaller firms have dashboards to report risk exposures and their impacts on business strategy and performance. This is down from 80 percent for larger firms in 2014.

About the Survey

KPMG LLP (KPMG) and The Risk Management Association (RMA) updated and redeployed the Operational Risk Management Excellence Survey completed across North America, Europe and Asia in 2014 by over 85 leading financial institutions, including 20+ Global Systemically Important Banks The objective is to give participants insights into leading industry ORM practices in support of enhanced business value and heightened regulatory expectations to help firms gauge positioning against evolving industry practices, assess and improve their ORM frameworks, and enhance risk management.

Leave a Reply

Your email address will not be published. Required fields are marked *