| The term Operational Risk Management (ORM) is | | | | loss, as well as the newly regulated |
| not new. It has been tossed about in | | | | reporting of those losses, affect virtually |
| businesses across North America for the last | | | | all areas of every business each and every |
| several years. ORM and the oft associated | | | | day. Therefore, it is in each company's best |
| term Enterprise Risk Management (ERM) have | | | | interest to simultaneously find ways to cut |
| generally been used as corporate buzzwords, | | | | losses while keeping regulatory compliance |
| business culture idioms referenced in board | | | | costs down. Hence the rebirth of Operational |
| meetings and articulated during | | | | Risk Management/Enterprise Risk Management |
| presentations. Recent developments, such as | | | | and the new demand for Risk Management |
| the creation of the Sarbanes-Oxley (SOX) Act | | | | software solutions. |
| in 2002 in response to growing financial | | | | |
| scandals in the U.S., have brought | | | | Traditionally, few operational losses were |
| Operational Risk Management, Enterprise Risk | | | | measured in any accounting system, and rarely |
| Management and related concepts from the | | | | were the loss incidents tracked and analyzed |
| backrooms to the forefront of corporate | | | | in any way; the time and paperwork required |
| America. | | | | to do so was simply daunting. Because there |
| | | | was no standard legislation in place, any |
| The inescapable reality is that every single | | | | Risk Management software tools were often |
| day businesses incur losses and experience | | | | proprietary and slightly more than electronic |
| operational disruptions due to failures by | | | | log books at best. New technologies and |
| employees, incorrect implementation of | | | | attitudes have allowed loss incidents to be |
| processes and technologies as well as wilful | | | | seen as more predictable and able to be |
| disobedience to internal controls. These | | | | grouped into risk categories. Proper analysis |
| losses may be manifest in the form of | | | | of these incidents can result in attribution |
| uncollectible receivables from disappointed | | | | to root causes which aids in mitigation. Even |
| clients, lost sales due to call centre | | | | this beginning leads to dramatically reduced |
| failures or unproductive employee downtime | | | | costs while achieving huge gains and |
| when computer systems are unavailable, or a | | | | strategic advantages from well crafted |
| host of other potential problems. While most | | | | Operational Risk Management policies and |
| businesses have developed ad hoc methods of | | | | Enterprise Risk Management procedures. |
| dealing with such losses in the past, | | | | |
| legislation (such as SOX and the Basel | | | | Changes in legislation, technology and |
| Accord) has made standardized compliance | | | | attitudes related to ORM/ERM have produced |
| procedures much more complex. Thankfully, | | | | not just economic gains, they have led |
| just as these new rules have given rise to | | | | directly to re-invigorated business |
| increased awareness of ORM/ERM, new tools | | | | innovation and even created improvements in |
| (including Risk Management software) have | | | | the quality of life. For example, safety, |
| been developed to aid compliance efforts. | | | | quality and environmental related loss |
| | | | incidents have proven to be not only |
| The new regime of Sarbanes-Oxley, under the | | | | manageable and avoidable, but sound |
| direction of the Public Company Accounting | | | | management of these issues has conferred |
| Oversight Board (PCAOB) which is in turn | | | | greater advantage on those who succeeded |
| accountable to the Security and Exchange | | | | while driving many who did not adapt out of |
| Commission (SEC), has undoubtedly benefited | | | | business. While large scale corruption may |
| the business world by providing a foundation | | | | have brought about regulatory changes, these |
| from which to decrease corporate fraud. | | | | changes have spurred a re-visioning of |
| However, the complexity and associated | | | | Enterprise Risk Management. Advanced Risk |
| technical, labour and administrative costs | | | | Management software has allowed business to |
| posed to business is also considerable. The | | | | more directly mitigate losses. This has |
| realities of both individually large and | | | | resulted in a cleaner, more efficient and |
| collectively mundane errors resulting in | | | | more competitive business environment. |