Chapter 7

Risk Control and Mitigation

Learning objectives

After studying this chapter, you should be able to:

1 Discuss interventions to deal with operational risk and how these interventions are grouped

2 Outline the role of loss prediction, prevention, control, and reduction

3 Outline the importance of internal control and governance on operational risk management and the role of regulators

4 Describe and explain assumptions, avoidance, and transference of risk and the role of insurance in mitigating operational risk

5 Outline the importance of contingency planning

Introduction

Identifying and measuring risk and determining the scope and objectives of a bank are only the beginning of the operational risk management strategy. These steps represent a passive analysis of risk. It is then necessary to take, as well as active steps to mitigate and control risks. There are a broad range of possible interventions depending on the ultimate goal, from avoiding risk completely to predicting and preventing risk or managing the losses associated with risk events to keep them within acceptable limits.

Strong internal controls and governance are key to mitigating and controlling risk. Without an effective operational structure, an operational risk management programme is doomed to fail. After having analysed and categorised and planned and put in place an appropriate governance structure, banks and other AIs can decide on how best to avoid, mitigate, or transfer risk. Here again, there are ...