Risk appetite framework is a primary tool for explicitly communicating to everyone in the organisation on what types and levels of risk are acceptable to the organisation. The key outcomes an organisation expects from an effective risk appetite framework are: –
- Facilitating any business decision making process which could potentially change the risk profile of the organisation
- Allow the organisation to identify whether certain risks may breach the defined appetite in the near future or may have already breached the defined appetite
- Prevent risk owners across the organisation from taking reckless or excessive levels of risk beyond the agreed appetite
In this session, Martin Davies shared guidance on how to develop an effective operational risk appetite framework and implement this across the organisation. Some of the key topics that were covered during the session include: –
- Aligning the risk appetite framework with the business strategy, objectives and organisational culture
- Understanding the key components of risk appetite framework such as risk tolerance and risk capacity
- Expressing risk appetite in qualitative and quantitative formats
- Cascading the risk appetite from group level to business units
- Aligning risk appetite framework with risk assessments
- Utilising the risk appetite framework as a key tool to facilitate business decisions in order to make risk-informed decisions
- Monitoring risk exposures vs. defined risk appetite
- Escalating and reporting risk appetite breaches
Martin Davies is a risk framework architect who designs risk measurement systems for auditors and risk managers working in trading firms, energy houses, manufacturing companies and financial institutions. He has more than twenty years’ experience developing bespoke risk reporting and scorecard assessment systems with a particular focus on operational audit, IT, finance and the transactional aspects of a business. He also also has a very strong knowledge of Business Continuity, Quality Control, Trade and Supply Chain Resilience, valuation and strategy. He is currently working with several companies throughout South East Asia and the Middle East assisting these organisations build industry best practice frameworks for Operational Risk. Working with risk managers, he has a strong knowledge of COSO, ISO 31000, Credit Assessment and Risk Based Audit procedures at a highly technical level. He is also very practical with his work.
This session was hosted by Manoj Kulwal. He is passionate about utilising risk management as a business management tool for designing effective business strategy and successfully implementing the selected strategy. He has been involved in development of the international risk management standard ‘ISO 31000’ and in development of ‘Certificate of Operational Risk Management’ offered by The Institute of Operational Risk. He has trained more than 1,000+ operational risk management practitioners from financial services firms globally over the last 5 years. He is currently the Co-Founder and Chief Risk Officer at RiskSpotlight. At RiskSpotlight, he leads the team that developed the world’s first forward-looking operational risk news service – RiskSpotlight Portal.