Risk governance is the architecture within which risk management operates in an organisation. It will reflect, and seek to sustain and evolve, the organisation’s risk culture. Since risk management is fundamental to running any business, risk governance is a fundamental part of corporate governance. The British Standard BS13500 defines governance as: ‘system by which the whole organization is directed, controlled and held accountable to achieve its core purpose over the long term’. The UK Corporate Governance Code states that ‘good governance should facilitate efficient, effective and entrepreneurial management that can deliver the long-term success of the company’. Good risk governance should result in risk being accepted and managed within known and agreed risk appetites.
As shown in the IOR website diagram on Sound Practice Guidance, governance sits at the top providing the basis for direction, control and accountability. However all the subjects covered within the SPGs should be considered when setting up or working within an operational risk management environment.
Risk governance should put in place a structure of risk responsibility throughout the organisation. As a result, everybody in the organisation will be aware of their own risk responsibilities and accountabilities and those of others with whom they work. Governance delivers effective accountability, including the accountability of the governing body to its owners.
Risk governance is an integral part of the day to day running of the business and is not about just complying with a set of rules. Since operational risk management involves everybody in the organisation, the risk governance framework should encompass everybody. That means that it can only operate successfully if there are clear and effective lines of communication both up and down the organisation and a culture in which good and bad news is allowed to travel freely.
This update in 2015 to the Operational Risk Governance Sound Practice Guidance paper originally developed in 2010, builds on the original paper, providing updates to the work, including reference and support to the published British Standard on Governance BS 13500. Governance is a word often used or misused in relation to the overall Leadership of an organization and this SPG looks to help Operational Risk Professionals to deliver effective Risk Governance in their organization.
- Zaq Mughal, , IOR News, Irish Chapter, 0
Slides for the 2016 – Irish Chapter Event No. 4 (Qui Absconditus Est Marmite? – BREXIT Whatever Next!) are...
- Lee Evans, , IOR News, 0
Regulatory Talk : SSM is not a “big bang” of banking supervision By Anja Kraus COLOGNE, 05.16.2014 . If the...
- Zaq Mughal, , IOR News, 0
Following the success of our October event in Manchester, The England and Wales Chapter of the Institute of Operational...
- IOR Admin, , IOR News, 0
The Best Practices in Assessment of Risks slides are now available to download by IOR members. Click the link below:
- Deutsche Bank in talks to sell Postbank IT unit October 22, 2020Deutsche bank is reportedly in talks with Tats Consultancy Services over the sale of its Postbank IT systems unit and the transfer of 1400 staff to the Indian conglomerate.
- Varengold Bank shares status of Institutional Investment & Fintech Funding October 22, 2020Alison Harwood, Head of London Branch, Varengold Bank, speaks to FinextraTV about the type of companies institutional investors are looking for and what makes a great relationship, the immediate impact of Covid-19 on institutional investment, the status of funding the fintech community, and whether institutional investors are more cautious and considered in who they lend […]
- Sopra Steria falls victim to ransomware attack October 22, 2020European IT services group Sopra Steria is battling a suspected ransomware attack on its network.
- PayRay bank opens up for business in Latvia October 22, 2020PayRay Bank has continued its planned expansion and has started operations in Latvia.
- Which? calls for post-Brexit rule change to protect victims of APP fraud October 22, 2020Consumer group Which? is urging the UK Government to introduce a post-Brexit rule change that would force banks to reimburse victims of authorised push payment fraud.