09 November 2010

Operational Risk: 7 years and counting...

After writing this blog now since 2003, it is amazing how some items seem to be coming back full circle. Operational Risk does not change; only the places and the particular circumstances change. Do you know where a loss event will impact you and your organization next?

The US has intensified its war on terrorism on the financial front, targeting an ancient, informal system of money transfers that officials believe funnelled millions of dollars to Osama Bin Laden's al-Qaeda network.

The system is known as hawala, and it has been used for hundreds of years to move money across distances and around legal and financial barriers in South Asia and the Middle East.

The California Public Employees' Retirement System (Calpers) is opposing Freddie Mac's reappointment of auditor PricewaterhouseCoopers and the reelection of members of the mortgage finance company's audit committee, according to the Washington Post.

Any board member or executive today is well aware of the direct impact an adverse event or significant business disruption can have on shareholder value and customer confidence. When it does happen, how many people just throw up their hands and shout, Murphy's Law!

Murphy's Law ("If anything can go wrong, it will") was born at Edwards Air Force Base in 1949 at North Base.

It was named after Capt. Edward A. Murphy, an engineer working on Air Force Project MX981, (a project) designed to see how much sudden deceleration a person can stand in a crash.

Corporate Governance in the board room itself is blazing out of control at Hewlett Packard (HP) as a result of an internal investigation. The finger pointing, board resignations and ethics questions are all in the news. And that is just a very small story on the entire landscape of corporate digital surveillance or internal investigations. This is a business your insurance company is funding and for good reason.

These snapshots of the past demonstrate the variety, breadth and depth of the Operational Risk Management challenges before the Fortune 500 and the small-medium-enterprise (SME) that has limited staff and resources. Yet the time, effort and resources dedicated to the INFOSEC, OPSEC, Internal Audit and Risk Management functions within the enterprise are in many cases dwarfed by the Marketing and Advertising line items in the budget.

Will one more 30 second spot of an insurance lizard (GEICO) or vikings doing their banking (CAPITAL ONE) really make us change brands? Doubtful. On the other hand, if you were to show us that the bank is now using Multi-factor biometrics for it's online banking access and transactions you might make us switch. Perhaps the insurance carrier could make us change with a difference of 45% not just 15% savings because we doubt you will be able to hedge the risk of another driver running into the back of my automobile on a rainy day on the freeway.

Operational Risk will continue to evolve as much as an "Art" as it is a "Science" because there will never be the perfect algorithm or software program to give you a sensor alert in time or in the right place. You need human factors to use such mechanisms as "Intuition", "Reid Technique", and other senses that only the Homosapien has the ability to process with a brain that contains a large cerebrum. Without lot's of these brains making sensual observations, analyzing and processing the possibilities; the likelihood of an adverse event will increase dramatically.

We are still amazed that organizations are spending more time and effort on sophisticated sensors and technology and less on the human factors. Yet the right ratio of both can get you to that place that tips the scales in your favor and your enterprise is on the verge of being more proactive, preventive and predictive.

When was the last time you spent a day on the front lines with your OPS Risk Team? It could be a CEO's wake up call...

No comments:

Post a Comment