THE central bank has approved a new set of guidelines to help its supervised financial institutions strengthen their risk management systems.
In a statement, the Bangko Sentral ng Pilipinas (BSP) said its Monetary Board (MB) recently approved the guidelines on operational risk management (ORM) as part of its continuing initiatives to strengthen the risk management systems of BSP-supervised financial institutions (BSFIs) and promote their sustained safe and sound operation.
The monetary authority said operational risk is among the top risk exposures of BSFIs which cuts across all activities, products, and services, and may even come in tandem with other types of risks such as credit, liquidity, and market risks.
“It may result from weak controls, inadequate policies on acceptable behavior and practices, poor working environment, weak sales and marketing practices, system failures, or natural or man-induced disasters, among others,” it stated.
Although operational risk is inherent in all areas of operations, the BSP said it is more often managed on a fragmented basis, which tends to discount its overall impact on BSFIs’ operations.
“In this regard, the risk of loss arising from operational risk events may also be potentially underestimated,” it said.
With the issuance of the new guidelines, the BSP expects BSFIs to be sensitive to sources of operational risk and to adopt a holistic framework that would facilitate identification, assessment, monitoring, and management of said type of risk as part of the enterprise-wide risk management system.
The ORM guidelines highlight the responsibility of each BSFI personnel in the effective implementation of the ORM framework.
“It is therefore critical to have personnel who are competent to carry out their respective duties and responsibilities and possess a high degree of integrity,” it said.
The central bank said the board of directors should adopt policies in the areas of recruitment and selection, performance management, training and development, remuneration and compensation, and succession planning to promote a culture of high standard of ethical behavior and consistency of performance in the organization.
Said policies should require continuing assessment of the fitness and propriety of personnel, with the results of said assessment considered in the development of individual training and development programs.
The ORM guidelines also emphasize the three lines of defense principles in managing operational risk: Business line management and personnel, operational risk management function (ORMF), and the internal audit function.
Business line management and personnel are expected to ensure that policies and processes in their respective areas of responsibilities are consistent with the organization’s overall ORM framework.
The ORMF personnel are expected to recommend to the board of directors appropriate policies and procedures relating to operational risk management and controls, as well as design and implement the operational risk assessment methodology, tools, and risk reporting systems.
Meanwhile, personnel charged with the internal audit function should conduct an independent assessment of the ORM framework including implementation of the operational risk management policies and procedures.