The recent operational risk management failings witnessed at Credit Suisse testify once more of the attention Corporate and Investment Banks (CIBs) need to give towards efficiently manage their risks and towards planning operational controls.
Furthermore, the global and decentralized nature of CIBs leads to disparities in inherent risk evaluations and control framework deployed.
The importance of protecting banks against operational risks
Operational risk refers to events affecting processes, IT systems, people, and external events which can impact the bank’s activity. It can lead to significant financial consequences, decreasing its value to shareholders, debtholders, and overall damaging the banks reputation. Effective management of operational risk is essential to ensure business continuity and protect banks’ reputations.
In December 2021, the BaFin, Germany’s central financial authority, fined Deutsche Bank €8.66 million and demanded corrective measures be implemented as punishment for insufficient internal controls. Indeed, the bank is accused of not implementing efficient control systems to prevent IBOR (Interbank Offered Rate) manipulation. The bank had to invest considerable resources to reinforce its control systems and train its personnel in managing operational risks.
This sanction underlines the importance for banks to identify operational risks, as well as maintaining a modern tech infrastructure supporting efficient operational risk management.
Wavestone recommends a 5-step approach to reinforce CIB’s operational risk and control management framework
The operational risk management process must be efficient, reliable, harmonized and deployed consistently across all regions and activities of the bank. It is essential to ensure standardized and harmonized methodologies, as well as coherent and efficient governance, with local and global operational control principles implemented.
In this context, Wavestone supports CIBs to strengthen their operational control framework, with a guided RCSA at local and global levels, as well as fine-tune their control libraries based on best market practices for better control of operational risks.
This methodological approach allows for better cost allocation and avoids over-estimating risk-related costs. It also promotes optimization, mutualization, and control coherence by avoiding unnecessary duplications and targeting resources where most needed. In addition, it allows to implement a strong risk management culture, meets regulatory requirements, improves decision-making and ensures bank activities stability and sustainability.
Pour leur contribution à la rédaction de cet article, remerciements particuliers à Hélène Prache, Damien Fel, Sébastien Etter, Daphné Fabrizi et Teodor Dan.