Operational Risk Management Systems for Financial Services 2013

Over the past decade, operational risk management (ORM) has steadily risen in prominence in financial institutions. It has not only become an accepted part of the risk function, but senior management has now recognized it as a central and vital part of enabling financial institutions to operate profitably and effectively.

ORM initially came to the fore through the Basel 2 regulations, which instructed financial institutions to include operational risk in capital calculations and also included operational risk governance and disclosure requirements. Solvency II introduced equivalent requirements for insurance firms. The imposition of operational risk measures prompted some skepticism about the practical benefits and robustness of methodologies being promoted by the Basel Committee, but a number of high profile losses and pressure from shareholders as well as regulators meant that establishing ORM was unavoidable for financial institutions.

Since then, the internal and external forces pushing for more systematic ORM have only strengthened. The financial crisis, a series of rogue traders and process failures, and public demand for stricter supervision have led to regulators increasing the demands for ORM.

Moreover, inadequate controls and procedures have been implicated as among the causes of the financial crisis and as responsible for one-off loss events, such as JPMorgan’s ‘London Whale’ losses and the rogue trader Kweku Adoboli at UBS. Shareholders are seeking improvements in the way their institutions are run. These losses and recent rate-rigging and money-laundering scandals have also eroded public trust in the financial sector. The public assumes not that processes failed, but that banks and bankers are simply corrupt. This assumption can only be changed by improved practices.

As a result, financial institutions are starting from the bottom up to improve risk management.  They realize that other risk disciplines and compliance and governance policies rely on successful communication, management, and execution. Without robust operational risk programs, well-intentioned and well-designed policies may not
be effective. Firms need to get their processes and people in order before credit, market, or liquidity risk policies can be executed efficiently.

Simultaneously, firms are reversing the last decade’s trend towards greater centralization of risk management. With greater decentralization of operational risk responsibilities, firms are shifting investment from the second line of defense (risk functions) to the first line of defense (front office).

This report covers the competitive landscape for operational risk management systems. The range of solutions and functionalities offered by vendors can make it difficult for buyers to decide which solution best suits their operational risk needs. Consolidation of vendors, increasing requirements and demands from buyers, and
continued innovation has altered the operational risk technology landscape.

This report uses Chartis’s RiskTech Quadrant® to explain the structure of the market. The RiskTech Quadrant® uses a comprehensive methodology of in-depth independent research and a clear scoring system to explain which technology solutions meet an organization’s needs. The RiskTech Quadrant® does not simply describe one technology solution as the best operational risk solution; it has a sophisticated ranking methodology to explain which solutions would be best for specific buyers.

This report covers the leading vendors offering operational risk solutions for financial institutions, including BPS Resolver, Chase Cooper, EMC-RSA, IBM, Mega, MetricStream, NASDAQ OMX-BWise, Oracle, Protiviti, SAP, SAS, SunGard, Thomson Reuters, Wolters Kluwer FS, Wynyard, and YarcData.