Process Managing Operational Risk. Developing a Concept for Adapting Process Management to the Needs of Operational Risk in the Basel II-Framework

Abstract

The paper explores pragmatic possibilities for financial institutions to cope with the hot topic of Operational Risk. It aspires to go beyond a discussion that has mainly focused on finding a viable and reliable method for measurement of operational risk. Rather than keeping with mere measurement, the paper argues that given the specific nature of operational risk, Process Management-based methods are appropriate for identifying, evaluating and prioritizing, and finally preventing, mitigating and controlling the bank's risk profile. The author introduces a set of methods for each of these basic steps in a sound risk management process and sets out criteria to evaluate their usefulness in the various contexts of application at financial institutions. Special weight is given to describing how a Business-Process-based method of systematically identifying and estimating organizational risk can actually look and work. It will permit companies to simultaneously get to know their business processes in general and the organizational risk contained therein in particular. The discussion is rounded off by a chapter on the particular case of cross-organizational processes as well as an outline of the roles and tasks in the organizational implementation of the proposed approach. While the paper was mainly motivated by the challenges that financial institutions face in the Basel II-framework, its lessons are applicable to any business operation. It is the declared objective of this thesis to collect and review the fragmented current literature on the subject and bring it onto a coherent basis for discussing the possibility for a results-oriented, and management-minded approach to operational risk.