Treliant

Mark W. Olson Interviewed in RMA Operational Risk Eletter

As seen in The Risk Management Association Operational Risk ELetter
Fall 2011

Board Room View on Operational Risk: Interview with Mark Olson, former Governor, Federal Reserve System

By Brian Barnier

Community bank, big bank, regulatory, Mark Olson brings diverse perspectives to managing risk to operations. He was president of Security State Bank in Minnesota, member of the Federal Reserve Board of Governors with responsibility for oversight of the Fed’s internal risk management, and has a regulatory view from this service on the Board and his role as Chairman of the Public Company Accounting Oversight Board. Today, he is the co-Chairman of Treliant Risk Advisors, specializing in credit risk. We welcome this breath of views.

Barnier: As a bank president or board member, what did you feel was most critical to managing risk in your institution’s operations?

Olson: Clearly, the most critical component in managing risk is recognizing where the risks exist, and being able to quantify those risks to some extent. It is obvious to even the casual observer of banks that loan portfolios carry significant risk and even the smallest of banks likely has identified problem credits and quantified the exposure imbedded in those loans. Where risks exist outside the loan or investment portfolio in the operations of the bank, they may not be clearly identified or addressed.

Barnier: So if you wanted your risk managers to really understand your institution’s operations, how important were approaches such as process analysis and root cause analysis?

Olson: Banks have historically been good at high-level process analysis because they have dedicated many hours to improving the efficiency of their many operational functions. But, I think they are less familiar with, and therefore less proficient at, root cause analysis – and the way that root cause has become critical to process improvement. Part of the explanation may be that they have well-developed tools to deal with process analysis, but not so with root cause analysis. But, root cause issues tend to be less immediately visible and require some digging. Banks may not have the same capacity to get to that level of analysis.

Barnier: Is there an example you could give, say in the need to understand how a product works to prevent operational losses?

Olson: From a community or any bank perspective, an example is a credit product and the potential for operational losses from fraud. The best example that comes to mind is in the bond portfolio if banks accept certain incremental risk exposures in exchange for slightly higher yields. For example, in the late 1990s many debt instruments were issued with “credit enhancement” features that allowed them to be traded at slightly higher yields. The credit enhancement features seemed relatively benign until the market turned and bankers were required to recognize significant losses on assets that they believed to be largely risk free. A root cause analysis of product would have required a more thorough understanding of the risks associated with that investment instrument and that instrument probably would have been rejected for being inconsistent with the investment parameters of the bank.

Barnier: Other than protecting against losses, are there any upsides to this for the institution?

Olson: I view managing operations risk in much the same light that I view quality control (QC). If it is an after the fact, defensive component of the process, then it is less effective than if it is was an important component of how the organization does business and is built into the process at the front end. In other words, operations risk management should be a part of how the organization defines its operating philosophy.

Barnier: In all your roles, you had to look across various types of risks. What linkages do you see between credit and operational risk?

Olson: One obvious link is the tendency in both to under recognize and therefore under manage risk exposures in isolated functions. For example, in a bank with a significant branching system, a major Bank Secrecy Act/Anti-Money Laundering risk can occur at a small or isolated branch that can threaten the reputational risk of an entire organization. On the credit side, a poorly managed and controlled lending area, even when small can become a major risk if exposure limits are exceeded or if fraud occurs.

Barnier: As the board member responsible for internal risk at the Fed, what did you want to see?

Olson: I wanted assurance that all risk exposures were first of all recognized, and secondly, managed. I wanted to be sure that managers of operating divisions understood the importance of managing operations risk and were aggressively addressing them.

_______________

Brian Barnier, of ValueBridge Advisors, is an OCEG Fellow and the author of The Operational Risk Handbook for Financial Companies: A guide to the new world of performance oriented operational risk (Harriman House, London, 2011). This article is based on the book. To order copies of The Operational Risk Handbook, please click on the following link: /risk-management/operational-risk

Please Click Here to view article on the RMA site

• Career Benefits
• Career Positions
• Careers
• Home
• About Us
• Services
• Our Professionals
• News and Events
• Contact Us

Copyright © 2011 Treliant Risk Advisors | The terms "Treliant (R)", Breakthrough Compliance(TM)" and Fairness Awareness(TM)" are trademarks of Treliant Risk Advisors