BCBS revising sound practices for operational risk management - First thought
BCBS is revising its 2003 'Sound Practices for Management and Supervision of Operational Risk'. The consultative paper for the new version was published a few days ago.
One of the first point I noted in the 2010 consultative paper is the more prominent and hands-on roles of Board of Directors. While the 2003 paper outlines the key roles of BOD as:
- be aware of major aspects of the bank's operational risks
- periodically review and approve the bank's operational risk management framework
- ensure the framework is subjected to effective, independent review
The 2010 consultative paper list as the first principle that the Board of Directors should establish "tone at the top" and strong risk management culture throughout the whole business. The document also explicitly calls for BOD to review and approve risk appetite and tolerance statement, although this is usually the case anyway.
The emphasis on governance is also highlighted with the refined role of senior management who, to quote:
should develop for approval by the board of directors a clear, effective and robust governance structure with well defined, transparent and consistent lines of responsibility.
It is clear from recent events that management of operational risk cannot be left to middle management alone, without real transparency nor consistency across the organization. The revised sound practices paper also enhanced and clarified many of its principles, and reflect both recent events and the industry's responses to the risk environment that faces banks in 201X.
