Current approaches to the management of operational risk need to evolve rapidly to be effective in today’s digital environment. Also referred to as nonfinancial risk, these fall outside the standard set of financial risks (credit, market and liquidity, etc.). Rather, the operational risk portfolio includes things like cybercrime, outsourcing, data security, AI use, and the risk of employee misconduct and poor company culture.
The current standard approach to managing such non-financial risks relies overmuch on 'systems of record' and administrative processes that seek to categorize risks, register their controls, assess those controls on a periodic basis, and then create inventories of the issues that appeared and actions that were taken. This approach has a high cost and is not delivering the required outcomes.
This content is available to paid Members of Starling Insights.
If you are a Member of Starling Insights, you can sign in below to access this item.
If you are not a member, please consider joining Starling Insights to support our work and get access to our entire platform. Enjoy hundreds of articles and related content from past editions of the Compendium, special video and print reports, as well as Starling's observations and comments on current issues in culture & conduct risk management.
Join The Discussion