Best Practice in Operational Risk Management - Dr ARIANE CHAPELLE

From risk environement to risk culture, the course covers in breadth and depth the most topical elements of operational risk management and its challenges for the financial services industry.

Taught by a world leading expert in the field and highly regarder guest speakers, the course is a must-have for all the operational risk practitioners wishing to benchmark their practice and discuss best practices. It is also a fantastic opportunity for newcomers to gain a comprehensive overview what modern operational risk managers need to know.

Delegates will leave the course equipped with a new network of practitioners, a wealth of content, additional references and readings, and an open line for further questions with the trainer, Ariane Chapelle.

3 OPTIONS OFFERED

FULL PROGRAMME                      DAY 1 TO 3

BEST PRACTICE PROGRAMME  DAY 1 TO 2

OPERATIONAL RISK FOR AUDITORS & SUPERVISORS   DAY 3

Conference : Positive Risk Management 

Day 1 – 2

Best Practice in Operational Risk Management

Key Objectives and Learning Outcomes :

After the course, participants will know about:

• Identification of emerging risks
• Risk networks rather than risk registers
• Implementing ORM: the invisible framework
• Selecting and designing preventive KRIs
• How to differentiate and address human errors
• How to use root cause analysis most effectively
• Influencing behaviours for better control
• Risk Reporting and Conduct reporting
• Builing a framework for risk culture change

Who Should Attend

• Heads of Operational Risk
• Entreprise Risk Managers
• Operational Risk Managers
• Operations Managers
• Internal Auditors
• HR officers
• Compliance officers
• Consultants
• Regulators

Course outline

Session 1: Operational Risk Framework and Governance

• Operational Risk trends and emerging risks
• Governance of Operational Risk: roles and responsibilities
• Operational risk framework: building blocks and consistency
• Business value of Operational Risk Management

Workshop and discussion: compare practices in operational risk management

Session 2: Risk Identification & RCSA

• Tools and techniques for risk identification
• The importance of taxonomy
• Risk connectivity: network of risks
• Definition and rules for RCSAs
• Tool: Impact / probability matrix: format and meaning
• Usage and choice when defining RCSAs

Class Exercise: Apply an RCSA to your top risks

Session 3: Root causes analysis and Control Design

• Slips and mistakes: Typology and causes of human errors
• Effective vs. Illusory controls
• Root cause analysis: identifying patterns of failures
• Bow-tie: a most effective tool to define
  • Preventive and corrective controls
  • Leading KRIs
  • Risk likelihood and expected impact
• Prevention by Design

Exercise: apply the bow-tie to one of your incident; share the lesssons learned

Session 4: Designing and Selecting Preventive Key Risk Indicators

• KRI, KPI, KCIs: concepts,overlaps and examples
• Essential features of preventive KRIs
• Classifying KRIs: Environmental, Stress, Causal and Failure
• KRI Design: Frequency - Trigger levels - Escalation criteria – Ownership - Data accuracy
• Six steps to define and design preventive KRIs

Class Interaction: review your KRI list

Session 1: Risk Appetite Definition, Statement and Communication

• Industry guidance on Risk Appetite
• Definition and Governance: Communicating Risk Appetite
• Risk Appetite Statements: Features, Templates and Examples
• Cascading and Monitoring Risk Appetite: RCSA and indicators

Class Exercise: express risk appetite, tolerance and limits for two of your top risks

Session 2: Reporting and Escalation

• The role of incident data collection
• Data features: core losses and tail risks
• Three golden rules of reporting
• Management information: the “reporting cake”

Class inteaction: best practice and sharing of experience

Session 3: Scenario Analysis: Application to Cyber risk

• Brainstorming and workshop techniques to identify scenario
• Scenario assessement: structure and method to mitigate behavioural biases
• Assessing rare events
• Examples: scenarios assessement  IT disruption, cyber attackes and information security incidents

Class Exercise: Applied scenario structuring

Session 4: Risk Culture and Conduct

• Defining Risk Culture
• Key objectives, key behaviours
• Case study: conduct metrics & culture change programme
• Influencing behaviours: a framework

Concluding remarks and class feedback

• What have you learnt?
• What will you apply?

Course designer and speaker : Dr. Ariane Chapelle

Ariane Chapelle, PhD, is an internationally recognised trainer and consultant in Operational Risk. Dr. Chapelle is Associate Professor at University College London for the course 'Operational Risk Measurement for Financial Institutions’ and is a Fellow of the Institute of Operational Risk and a trainer for the Professional Risk Managers' International Association (PRMIA), for whom she designed the Certificate of Learning and Practice in Advanced Operational Risk Management.

Dr. Chapelle runs Chapelle Consulting, a training and consulting practice in risk management serving Tier 1 to Tier 3 financial organisations and international institutions, including central banks and UN agencies.

In 2019, Chapelle Consulting received the Risk.net Award for ‘Outstanding Achievement in the Year in Operational Risk’.

Dr. Chapelle is a former holder of the Chair of International Finance at the University of Brussels with backgrounds in internal audit, credit risk and investment risk. She has been active in operational risk management since 2000 and was formerly head of operational risk management at ING Group and Lloyds Banking Group.

Her latest textbook Operational Risk Management: Best Practices in the Financial Services Industry, published by Wiley Finance Series in December 2018, rapidly became the No.1 best seller in its field. It is now translated in French by Pearson France, to be out of press on March 27, 2020.

More details on www.chapelleconsulting.com

Testimonials

• The speaker did an amazing job making a dry subject entertaining and engaging. She was lively and explained concepts in a way that was applicable to all the people in the room. I learned a lot from this training.
  • Puja Shah, Essentials of ORM course, NYC, 2019
• Extremely enlightening and timely
  • Benjamin, Dubai, 2018
• The course simplifies risk management in a practicable manner
  • Oghale , Dubai, 2018
• I enjoyed the class very much and can't say enough about how effective the lessons were.  I am already applying what I learned during the course and implementing a lot of your ideas.  Thanks !
  • Brian S., New York, 2015
• Ariane is an exceptional trainer, engaging and she brings her subject to life with lots of examples from many different organisations.
  • Eamon M., London,  2014.
• Excellent! Incredibly knowledgeable trainer, who was engaging & inspirational in her delivery. Very practical course.
  • Steve M., 2013.

Evening talk & book presentation (April 22 - 18h) 

Conference

Positive Risk Management

Positive Risk Management is about changing the narrative, and also the perspective of risk management from a loss avoidance approach to objectives of performance enhancements and learning from success. In this uplifting presentaiton, Dr. Chapelle makes the case for a risk management profession being a performance booster and learning from successes. 

Positive Risk Managment is about :

1. Recognising opportunities and costs of inefficiencies
2. Learning from successes and positive outlies
3. Reaching objectives and improving performance

Book Presentation

• Chapelle, A. : Operational Risk Management : Best Practices for the Financial Services Industry Wiley 2018.
• Chapelle, A. : Gestion du Risque Operationnel : Guide des meilleures pratiques en banque et assurance, Pearson, 2020.

Operational Risk Management offers a comprehensive guide that contains a review of the most up-to-date and effective operational risk management practices in the financial services industry. The book provides an essential overview of the current methods and best practices applied in financial companies and also contains advanced tools and techniques developed by the most mature firms in the field.

The author explores the range of operational risks such as information security, fraud or reputation damage and details how to put in place an effective program based on the four main risk management activities: risk identification, risk assessment, risk mitigation and risk monitoring. The book also examines some specific types of opera­tional risks that rank high on many firms’ risk registers.

Drawing on the author’s extensive experi­ence working with and advising financial companies, Operational Risk Management is written both for those new to the discipline and for experienced operational risk managers who want to strengthen and consolidate their knowledge.

Praise for

Operational Risk Management

 “Ariane Chapelle is one of the world’s leading teachers, thinkers and writers about operational risk. The combination of her professional experience as a practitioner in the financial services industry and her role as an advisor to regulators makes this textbook a must-read at all levels of both regulated and unregulated financial institutions.”

—Amédée Prouvost, Director, Operational Risk, The World Bank

“Insightful...That’s the first adjective that came to mind when I read this book. Operational Risk Management: Best Practices in the Financial Services Industry offers a 360-degree perspective of operational risk, from triggers and causes to direct and indirect consequences. Besides, the book provides practical tips to set up an effective operational risk and control framework. There is not a single aspect of operational risk that is left in the shade – everything is brought to light – even the trickiest aspects such as Risk Appetite. This book is a must-read for any all-around OpRisk Manager!”

—Dr. Bertrand K. Hassani, Université Paris 1 Panthéon-Sorbonne; Chief Solutions Officer, General Manager, INSTADEEP

“The collection of Dr. Chapelle’s knowledge and practitioner expertise, combined with her widely acknowledge ability to communicate complex ideas in a forthright and clear manner, makes this textbook a very valuable addition to any practitioner seeking clear, accurate, timely and insightful knowledge of key aspects of Operational Risk practice. I strongly endorse this text to practitioners seeking guidance on best practices in operational management.”

—Prof. Gareth W. Peters, Chair Professor of Risk and Insurance,  Heriot-Watt University, Edinburgh, UK

Day 3

Operational Risk for Auditors and Supervisors

Taught by an international expert in operational risk also former internal auditor certified by the IIA and a skilled person to the UK regulator, this course is a one of its kind, delivered for the first time in Luxembourg.

It focuses on the key elements to look for when auditing and reviewing operational risk framework, documentation and practice. It present some maturity criteria and reviews good signs and red flags in operational risk management and measurement.

Delegates will leave the course equipped with key concept and example, practical guidance to apply in their day to day mission and an open line for further questions with the trainer, Ariane Chapelle.

Key Objectives and Learning Outcomes :

After the course, participants will know about:

• Rules for a consistent ORM and ERM framework
• Essential elements to review and audit
• Maturity criteria for each element of the framework
• What documentation can and can’t tell
• Effective ways to audit and supervise a risk function
• A general risk-based approach to risk management and internal audit resource allocation

Who Should Attend

• Internal auditors
• Head of internal auditors
• Regulators
• Compliance officers
• Operational risk managers
• Head of operational risks
• Heads of operations
• External auditors

Course outline

Session 1: Risk Appetite & consistency of an Operational Risk Framework

• What to learn from general ERM frameworks (ISO, COSO)
• Fundamentals of a risk management framework: taxonomy and risk appetite
• CRICL taxonomy: Causes – Risks – Impacts – Controls – Location: organising the risk register
• Risk Appetite: driving the rest of the framework
• Structure and features of actionable risk appetite
• Governance and operating model

Workshop : roundtable and comparisons of practice

Session 2: Maturity Criteria in Operational Risk Management

• Key signs of maturity – or lack thereof – regarding
  • Governance and 3 LoD
  • Relationship between the lines of defense
  • Taxonomy and risk identification
  • Risk assessments
  • Risk indicators and reporting
  • Culture
• Benchmarking tool

Benchmarking Exercise: Rate the operational risk practice of the firm(s) you know

Session 3: Documentation vs Culture

• What can you read from the documentation of a risk function?
• What to ask for and what to look for
• Does the documentation reflects the culture: true signs and red flags
• Signs of a good risk culture: timeliness, event sharing.. and simplicity
• Other signs of good risk culture
• Ways to review and audit a risk function

Roundtable: case studies

Session 4: Risk-based allocation of ressources: a general approach

• Risk-rating criteria for different risk objects (Information, Project, Process, Model, Third party, client.. )
• Risk rating scorecard and scoring methods
• Risk-based mitigation efforts
• Risk-based approach in internal audit and in supervision

Class Interaction: sharing of practices when drafting audit plan and regulatory visits

Concluding remarks