Top 10 Operational Risks in 2022
Hot off the press: Best Practice Operational Risk Forum, comprised of professionals from over 50 national and international organisations, met yesterday to examine industry top risk reports and consider the most prominent Operational risks financial services firms should have on their radar. Top 10 Risks are described below:
1.People?risk:?staff capacity and?capability. This refers to issues such as the Great Resignation, difficulties in obtaining talent, tax regime not adequate to support global home working and all the unknowns related to the longer-term impact of hybrid working arrangements.?
2.People?risk:?staff wellbeing?- burnout and depression, increased stress levels of both leaders and staff, escalating during the last two years.
3.Cyber crime:?complex threat landscape, highly coordinated, multi-step?attacks. The risk continues to top the chart in terms of impact and likelihood. ORX notes two out of the top 5 Operational risk losses last year were cyber-related (specifically, crypto-related).
4.Theft and Fraud:?external fraud (inc.?retail card fraud, money laundering); internal fraud (inc.?rogue trading); broad inherent risk in financial services which is expected to firmly remain in the top place.
5.Supply chain / third-party risk:?failures in the supply chain impacting service delivery; and concentration?risk, especially as it relates to cloud service providers. Became prominent as more services are moving to the cloud.
6.Legacy IT system / infrastructure:?system downtime/ failures of legacy technology / underinvestment in?technology leading to potential customer and market detriment.
领英推荐
7.Regulatory risk:?fines and penalties due to inability to timely identify and implement regulatory?requirements. Far from being new, and remains high on the agenda.
8.Climate action failure:?inability to adjust the product set and embed requirements beyond the regulatory minimum; as well as organisational and business model change triggered by climate change programs. Topical, however not yet seen by practitioners as high and urgent as people and cyber risks.
9.Data breaches:?acts of non-compliance with GDPR, given the amount of data continues to increase; this risk is also linked to and dependent on the legacy technologies. As noted in Forbes report, the frequency of data breaches are increasing and the types expanding.
10.Financial crises:?impacts on people, systems and processes; despite not being a classical Operational risk sub-type by definition, the impact of the disruption that started during the pandemic cannot be underestimated.
And a note on Emerging Operational Risks considered by the Best Practice Forum - majority are people related. Operational risk professionals have a crucial role to play in escalating People risk up the organisational agenda, to ensure it is recognised as a major risk in its own right, evaluated and mitigated, with firm and thoughtful actions.
Very helpful, Elena. Does this benchmark apply outside the financial services sector? Do you have any data you can share from other sectors?
Extensive Internal and external Audit, Operational and Enterprise Risk Management experience. Avid learner, passionate about risk mitigation and process improvement.
2 年Very helpful - thanks for sharing.
Contr?leur de gestion
2 年Doha Benzekri
Keynote speaker: AI and Future of Work; New Book Coming 2025: Leading AI: Ethics, Culture, Upskilling
2 年Operational risk is going to take over from K-pop in its "meme-iness"