Page 84 - ACCESS BANK ANNUAL REPORTS_eBook
P. 84
earnings; that it is neither cost-effective nor possible to attempt to
eliminate all operational risks. Events of small significance
• Minimise the impact of unexpected and are thus expected to occur and are accepted as inevita-
catastrophic events and related costs through ble with relevant budgeting for these losses where appro-
risk financing strategies that would support the priate. Events of material significance are limited and the
Bank’s long term growth, cash flow management Group seeks to reduce the risk from these extreme events
and balance sheet protection; in a framework consistent with its agreed risk appetite.
Processes are in place to monitor the management and fu-
• Eliminate bureaucracy, improve productivity, ture mitigation of such events.
reduce capital requirements and improve overall
performance through the institution of well The role of the Operational Risk function is to establish,
designed and implemented internal controls. implement and maintain the operational risk framework for
In order to create and promote a culture that emphasizes the modelling and managing of the Group’s operational risk,
effective operational management and adherence to oper- while reinforcing and enabling operational risk manage-
ating controls, there are three distinct levels of operational ment culture throughout the Group. The aim is to integrate,
risk governance structure in Access Bank Plc. based on international norms and best practices, all oper-
ational risk activities and to compile a reliable operational
Level 1 refers to the oversight function carried out by the risk profile contributing to the Group’s risk- reward profile.
Board of Directors, Board Risk Management Committee The key advantage of this framework is the financial quan-
and the Executive Management. Responsibilities at this tification and modelling of operational risks. This function-
level include ensuring effective management of operational ality has significantly improved the Group’s operational risk
risk and adherence to the approved operational risk policies. measurement and management capabilities.
Level 2 refers to the management function carried out by
operational risk management group. It has direct respon- MANAGEMENT AND CONTROL RESPONSIBILITIES
sibility for formulating and implementing the Bank’s oper-
ational risk management framework including methodolo- The first line of governance for managing operational risk
gies, policies and procedures approved by the Board. rests with business and operational risk management
forms part of the day-to-day responsibilities of all business
Level 3 refers to the operational function carried out by all unit management. Business unit staff report any identified
business units and support functions in the Bank. These breakdowns in control and any risk events that may result
units/functions are fully responsible and accountable for in financial loss and/or reputation damage. Among others,
the management of operational risk in their units. They business management is responsible for ensuring that
work in liaison with operational risk management to define processes for identifying and addressing ineffective con-
and review controls to mitigate identified risks. Internal Au- trols and the mitigation of risk events are implemented and
dit provides independent assessment and evaluation of executed. Operational Risk teams form the secondary line
the Bank’s operational risk management framework. This of governance by ensuring that processes to identify weak-
periodic confirmation of the existence and utilisation of nesses are effective and that identified weaknesses are
controls in compliance with approved policies and proce- acted upon. The Group operational risk profile is presented
dures, provides assurance as to the effectiveness of the to the Board quarterly. Control effectiveness is monitored
Bank’s operational risk management framework. Some of at the ERMC and at the Board; this multi-layered system of
the tools being used to assess, measure and monitor op- defences ensures pro-active operational risk management.
erational risks in the Bank include; a loss database of opera-
tional risk events; an effective risk and control self-assess-
ment process that helps to analyse business activities and MEASURING AND MANAGING OPERATIONAL RISK
identify operational risks that could affect the achievement
of business objectives; and key risk indicators which are The Group recognizes the significance of operational risk
used to monitor operational risks on an ongoing basis. and is committed to enhancing the measurement and
management thereof. Within the Group’s operational risk
THE GROUP’S OPERATIONAL RISK MANAGEMENT framework, qualitative and quantitative methodologies and
FRAMEWORK tools are applied (Group-wide) to identify and assess oper-
ational risks as well as providing management information
The Group’s current operational risk framework was imple- for determining appropriate mitigating measures.
mented in 2007 to meet internal and regulatory require-
ments. There has been significant investment in the imple-
mentation of improved measurement and management RISK EVENT DATA COLLECTION AND REPORTING
approaches for operational risk to strengthen control, im-
prove customer service, improve process efficiencies and A standard process is used Group-wide for the recognition,
minimise operating losses. The Group recognises the fact
84 Access BAnk Plc
Annual Report & Accounts 2017
