Data-driven Operational Risk Management: A framework to modernise the field

Activity: Talk or presentationOral presentation


Conference presentation at the 2023 International Congress of Actuaries conference in Sydney on research developing a data-driven approach to operational risk management with a case study on causal factors analysis in insurance.

Additional information

Presentation abstract:

Despite the ubiquity of operational risks and magnitude of losses globally, current operational risk management (ORM) practices involve relatively rudimentary and manual identification, evaluation, monitoring and reporting tools, such as periodic and sample-based audits, controls testing and likelihood-severity risk matrices. These processes are costly, biased by the subjectivities of individual assessors and provide infrequent and static snapshots of operational risk environments, from which organisations are making decisions. The implications of this can be extensive as evidenced by the billions of dollars in direct and indirect costs uncovered in the 2018 Australian Royal Commission into Misconduct in financial services or the July 2020 Wai Kha mine wall collapse in Myanmar killing 172 workers.

Practitioners recognise these challenges and demand “more dynamic and efficient monitoring, escalation and management of exposure” (KPMG US and The Risk Management Association, 2018, p.3), acknowledging that leveraging big data and analytics will transform and become central to ORM. Researchers have investigated applying data analytics to specific operational risks across various operating contexts, but these siloed approaches ignore the interconnectedness of operations and masses of data therein.

Building on international ERM frameworks, we present an innovative and flexible framework for a data-driven approach to holistically and objectively manage an organisation’s operational risks. The framework considers the breadth of data in organisations and how they can be valuable for ORM. The framework’s core is a model that processes these inputs with advanced statistical, probabilistic and machine learning models to uncover valuable insights about an interconnected operational risk environment. Effective and timely communication of these insights to the first line of defence will aid proactive decision-making and productive resource allocation, ultimately reducing the frequency and severity of costly incidents.

The framework’s practicality and value to the actuarial profession will be showcased using real-world implementations, such as on five terabytes of quarterly second data from onboard flight monitoring systems or human resource data in relation to instances of non-compliance within an insurance call centre. Its generalisability to a range of sectors offers great opportunities for future implementations, benefitting regulators setting best practice standards and organisations proactively and efficiently mitigating costly incidents.
Period29 May 2023
Event titleInternational Congress of Actuaries 2023
Event typeConference
LocationSydney, Australia, New South WalesShow on map
Degree of RecognitionInternational