Leading the digitalisation of operational risk management

The banking landscape has changed drastically since the 2008 financial crisis, but operational risk still has to catch up with market and credit risk in its digitalisation and standardisation

The risk landscape has transformed over the last decade, with operational risk leaping in significance. There have been almost $400 billion in fines and $150 billion in losses since 2012, and the Association for Financial Markets in Europe calculates annual regulatory costs at around $26 billion.

Pre-financial crash, banks didn’t have to hold any capital against operational risk, only market and credit risk. Now, the top 30 banks hold more than $400 billion of capital against operational risk and it’s the second highest capital item at J.P.Morgan, with regulators potentially perceiving its operations as riskier than its trading activities.

Despite the severity of fines and losses, banks have been slow to adopt a similar level of digitalisation and data-driven intelligence to operational risk than has been applied in other
risk areas.

For market risk, banks have Bloomberg, Reuters and exchanges that connect participants in real time. For credit risk, credit ratings agencies, including the big three, Fitch, S&P and Moody’s, have been leading standardisation and a network of comparability across firms. In both areas, technology helps achieve a single version of truth. Yet when it comes to operational risk, it’s still predominantly people and process. Fitch Group, however, are a major investor in Acin.

Acin is changing all this with a ground-breaking approach to digitalising operational risk management. The company’s industry-wide network combines technology and data standardisation to enable institutions to consistently measure, manage and mitigate operational risk in a way they haven’t been able to in the past.

Organisations can clearly visualise their data, benchmark performance and demonstrate compliance to regulators, allowing them to reduce costs, return focus to their core business and ultimately make banking safer. This comes at a time when coronavirus has forced banks to rethink their operating environments.

“The foundation of Acin, when we launched three years ago, was really that there’s a better way to approach operational risk. This is even more apparent since the pandemic has further exposed the flaws in any processes that are too reliant on people and proximity,” says Paul Ford, founder and chief executive of Acin.

We’re going to see operational risk grow to be on a par with market and credit risk in the ways they are managed and run like a data science

“Our technology helps organisations become better at what they do, as well as the industry to become better and safer on a systemic basis. When a new bank joins us, we see they can be missing 20 or 30 per cent of the key risks and controls. Despite their best efforts, people’s judgments are important, but it’s no substitute for the power of data and technology.”

The people-driven approach to operational risk management was born in the wake of the global financial crisis. Though operational risk always existed, it never garnered the same attention as its direct revenue-generating counterparts in market risk and credit risk. The post-financial crisis regulatory environment, heavily influenced by a hostile political landscape, changed all of that, bringing operational risk management firmly to the fore.

Investigations, inquiries and rogue-trading incidents became frequent between 2008 and 2010, as the pressure from regulators to resolve operational risk issues mounted.

“Banks did what they always do when they don’t quite know how to solve a problem yet, but there’s a tsunami of existing regulations being applied and new ones being added, they hired some really smart people and brought in a bunch of consultants,” says Ford, who along with other members of Acin’s leadership team comes from a banking background, so he has lived through operational risk challenges in this sector himself.

“While those people were figuring it all out and dealing with the issues, banks could go back to their board and the regulators and say, ‘Look how many people we’ve hired and consultants we’ve brought in to sort this out; we’re taking it seriously’. It was a very people-centric approach to operational risk and that’s broadly remained the case.

“Annually or quarterly, teams of experienced people sit down and look at a particular topic, discussing the risks they’ve identified, the controls in place to manage or mitigate them, whether anything has changed and how they grade each control in its effectiveness.”

While relying entirely on the judgment, skills and experience of individuals can render good results; taking a manual, artisan approach means mistakes are bound to happen and frequently do. Intelligence is limited to the experience of the people sat around the table and the costs of that can be astounding. Global bank fines for 2020 hit €11.61 billion in October, on top of average annual risk and control operating costs of more than $100
million each.

Acin’s vision is to utilise technology that brings operational risk up to a scalable, more efficient and effective operating model. Acin is creating the standards, protocols and data attributes for both identifying and controlling risk, and then using the digitalisation to form a network across the industry that is interoperable and interconnected around these protocols. Instead of just one organisation looking at their operational risk in a silo, data is aggregated across all the banks in the network, on an anonymised basis, so sharing vital risk intelligence.

“We’re going to see operational risk grow to be on a par with market and credit risk in the ways they are managed and run like a data science,” Ford concludes. “Acin is setting the standards and leading the industry in this new capability, forming that network across banks so they can be stronger together.

“But this isn’t all about gold plating. A lot of the things we do allow people to remove controls and take noise out of the system. We want to see the industry become safer and more effective at managing risk, but also more efficient. Firms are always going to take risk, but they need to take it in a quantitative way, just like they do with credit risk in lending money and market risk in trading money.”

For more information please visit acin.com

Sponsored by