RegTech Intelligence 
Helen Pykhova, Director, The OpRisk Company, and Elizabeth Roberts, Managing Director, Sheffield Haworth, share their thoughts on the identity of an operational risk professional.
Over recent years, the importance of the operational risk profession within financial services has undoubtedly increased. This has been due to a number of reasons, such as major corporate failures and scandals, heightened regulatory pressure and personal and corporate scrutiny for poor practices. The result has been a rise in demand for operational risk professionals across all financial sectors. The wave of demand began with the banks following significant and high profile remediation and, more recently, has hit the shores of asset managers and insurance firms.
So, what kind of people are the firms looking for when trying to fill this increasingly important role? It is not uncommon for the employers to insist on a combination of:
- Extensive experience in operational risk
- In-depth business and product knowledge
- Outstanding communication skills
- Excellent interpersonal skills, ability to ‘sell’/influence stakeholders at all levels
- Knowledge of regulatory requirements, experience of dealing with the regulators
- Quantitative/actuarial background.
Do these people even exist? Maybe an ex-regulator with a quantitative background, with a job in sales, practising outstanding communication skills, moving on to financial services to become a business expert and ending in operational risk! You may agree that, with operational risk discipline still being young, there is no distinct ‘identity’ of an operational risk professional.
Speaking of the ’identity’, while the employers request all the qualities above, how do we, as operational risk practitioners, primarily see ourselves? From discussions with colleagues, we think we are a combination of ‘consultants’ and ‘trusted advisors’, adopting a collaborative approach and working in partnership with the business, ‘translators’, interpreting regulation into day-to-day practices and complexity into simplicity, ‘policemen’ providing oversight and protecting shareholders, customers and employees. Many of us also consider ourselves as ‘performers’ and, dare we say, ‘jesters’, spending 20% of our time – if not more – on continuously engaging, inspiring, educating, communicating with employees and senior management, facilitating risk workshops and conducting road shows.
Have the image and the identity of an operational risk practitioner changed? And, if so, is it a change in the profession itself or in the type of professionals performing the role?
In the early years, there was a distinct perception of risk being male dominated (the gender split for heads/managers of operational risk was significantly swayed to men by over three quarters), purporting a view that influence was succeeded by the fear of not-complying; a so called rulebook approach. The primary focus in the beginning was on loss data collection and operational risk started as a support function, liaising with business mostly when there was a problem – an error or a loss; encounters that may have been associated with blame and fear of the consequence.
With the subsequent increase in the use of more interactive tools, like risk and control self-assessments, scenario analysis, key risk indicators, the talents that flourish through the art of a great conversation – communication, negotiation and influencing skills – have become more and more valued, and are now an essential part of any operational risk professional’s skillset.
More recently, demand has exceeded supply for experienced risk professionals, resulting in a movement of people from other functions into operational risk. Most are coming from compliance, operations and business. The shift of diversity in professional backgrounds has resulted in a more collaborative approach.
Overall, it is clear that there is an encouraging trend of operational risk being viewed more and more as a ‘partner’ and ‘trusted advisor’, with business leaders seeking advice from risk functions as part of their decision making.
There are still challenges to overcome, and views from practitioners that, while we may perceive ourselves primarily as ‘trusted advisors’, many key stakeholders have a tendency to still see us purely as ‘policemen’. There are leaders who are reticent to embrace the ‘partner/advisor’ view of operational risk. Non-believers feel that increased pressure and reporting requirements are simply a hindrance to doing business. Their frustrations can be heard across the business causing headwinds on changing the perception of the function and questioning how it can be a true ‘partner’ in enabling success.
Clearly, the evolution of the operational risk function is not complete. More work needs to be done on developing the role and, particularly, its part in developing the firm’s business strategy. Operational risk must sit at the strategy table. The function is best placed to facilitate strategic risk assessment and play a key role in strategy setting. In our view, building on the true ‘partner’ identity, operational risk should be front of house … not seen as a support function.
It may be that, in the near future, ‘business strategy development’ will be one of the key additions to the long list of essential qualities employers are looking for in an operational risk professional.
We welcome your views and invite you to join the debate on the image and identity of an operational risk professional. What do you see as key qualities of an operational risk practitioner? What does the ‘ideal’ future operational risk expert look like? And how can we collectively promote the standing of the discipline, and raise the prestige, to a point that operational risk is seen as the preferred career progression route and the best place to work?
About us:
Elizabeth Roberts is the Managing Director leading Sheffield Haworth’s Interim Consulting practice, providing senior, flexible resources for critical coverage as a result of unexpected events as well as change and consulting engagements. She has worked in the banking and financial sector for 22 years both within the financial sector and recruitment. For further information, please contact Elizabeth on roberts@sheffieldhaworth.com or +44 (0) 20 7213 9040.
Sheffield Haworth, founded in 1993, is an established executive search firm executing mandates in financial services with global coverage via 12 offices. Partnering with leaders in the business and corporate functions, our expertise in risk and compliance is extensive, working with clients to respond to the ever-demanding regulatory needs.
Helen Pykhova is the Director of OpRisk Company Limited, specializing in strategy, design and implementation of firm-wide operational risk frameworks delivery of tangible improvements to existing processes, policies and tools. Helen is Chair of the Operational Risk Committee of the Association of Foreign Banks, Chair of Operational Risk Committee of ORIC, professional member of the Institute of Operational Risk and a seasoned operational risk trainer.