Operational Risk Masterclass

  • Date TBA
  • Level: Intermediate
  • 21 CPE Credits
  • Group-Live
  • Prerequisite: none
  • US $2,495
  • Group discounts available


Ariane Chapelle, PhD    Read bio

course description

From regulation to risk culture, this interactive training workshop covers in breadth and depth all aspects of operational risk management and its challenges in the financial services industry. Hot topics such as preventive KRIs, risk culture, demonstrating business value of risk management, and the formulation of a risk appetite statement will be explained and debated.

Taught by a leading expert in the field, the course is a must-have for all the operational risk practitioners wishing to upscale their practice and confront new ideas. It is a tremendous opportunities for beginnners as well to gain a comprehensive overview of what operational risk managers need to know.

Delegates will end the course equipped with a new network of practitioners, a wealth of content, additional references and readings, and an open line for further questions with the trainer, Ariane Chapelle.

Key Objectives and Learning Outcomes :

After the course, participants will know about:

  • Best practices in operational risk management for financial companies
  • Highlight of ke y regulatory expectations
  • Effective tools to learn from past indicents
  • Sound methodologies for scenario analysis and risk assessement
  • Typology and steps to identify and design leading  KRIs
  • Root cause analysis and control design
  • Typology and essential controls for human error
  • Writing risk appetite and tolerance statement
  • Influencing risk culture

Numerous practice sessions and group work will give to all participants the chance to test the methods suggested, meet and work with colleagues from various financial organizations and benefit from networking and experience sharing.

 Who Should Attend

  • Heads of Operational Risk
  • Entreprise Risk Managers
  • Operational Risk Managers
  • Operations Managers
  • Internal Auditors
  • HR officers
  • Compliance officers
  • Consultants
  • Regulators


 “I attended a KRI workshop facilitated by Ariane, and I found the content to be very informative and useful. Ariane is a professional with a deep knowledge of her subject, who brings real world expertise to discussion and debate around effective KRIs. Input from Ariane would be value add to any organisation seeking to develop and align valid KRIs to their respective Operational Risks.”

Pat Nolan,  Head of Operational Risk and Excellence, Irish Life & Permanent Group

"Ariane is an experienced professional with detailed knowledge of operational risk environment. The workshop was very helpful mainly in terms of differentiation between KRI and KPI and definition of suitable KRIs. Although the group of trainees was quite diverse, Ariane was able to manage the course efficiently." 

Adam Bardún, Societe Generale, Eastern Europe

"I enjoyed the class very much and can't say enough about how effective the lessons were.  I am already applying what I learned during the course and implementing a lot of the ideas." 

Brian Soifer from MFS Investment Management

View more testimonials >>

Course outline


Day One: Setting the Framework and Appetite

Session 1: Operational Risk Framework

  • Operational Risk Definition and Characteristics
  • Some risk frameworks: ISO, COSO, large banks and insurance companies
  • Three lines of defence and three levels of Operational Risk Management: Strategic, Tactical, Dynamic
  • SMA and regulatroy changes in Operational Risks
  • The ORM pyramid: which level are you at?

Group work: the ORM pyramid: define and discuss the maturity level of your ORM

 Session 2: Risk Identification

  • Tools and techniques for risk identification
    • Exposures and Vulnerabilities
    • The Risk Wheel
    • Value drivers and reverse stress testing
  • Risk register: a list
  • Risk connectivity: network of risks

Class Exercise: identify your top risks and class feedback

Session 3: Actionable Risk Appetite

  • Industry guidance on Risk Appetite
  • Template for actionable Risk Appetite
  • Risk Appetite Statements: Features and Examples
  • Cascading Risk Appetite: RCSA & Indicators

Class discussion and exercises: Formulaterisk appetite & tolerance statements for two of your top risks

Session 4: Risk and Control Self Assessments

  • Definition and rules for RCSAs
  • Tool: Impact / probability matrix: shapes and forms, definitions
  • Usage and choice when defining RCSAs: extreme cases or median cases, distribution or single points, inherent or residual risk, likelihood or frequencies
  • Risk rating: when and how.
  • Scenario analysis: RCSA on steroids

Exercise: Highlight and assess your top risks before and after controls

Day Two: Key Risks Indicators & Reporting 

Session 1: Features and types of leading KRIs

  • Features of leading KRIs
  • KRI, KPI, KCI: definitions and uses.
  • A typology of Key Risks indicators
  • KRIs: metrics of risks drivers
  • Root cause analysis & identification of risk drivers

Case study: examples of KRIs and risk drivers per activity

Class Exercise: root cause analysis for KRI identification: the bow tie

 Session 2: Root causes analysis and Control Design

  • Slips and mistakes: Typology and causes of human errors
  • Understand and treat the causes of human error
  • Effective vs. Illusory controls
  • Root cause analysis: method and benefits
  • Tracking the common failures and systematic patterns
  • Prevention by Design

Exercise: apply the bow-tie to one of your incident; share the lesssons learnt

Session 3:  Design & Governance KRIs

  • KRI design:  frequency,  thresholds,  reporting and discipline
  • Selective Preventive KRIs step by step
  • Building on previous results
  • Revisiting existing metrics
  • Upgrade your KRIs
  • Reporting on KRIs: aggregating colors?
  • KRI Governance

Group work: identify and design your own KRIs

 Session 4: Incident data collection and risk reporting

  • Modern issues on loss data: the regulator’s view
  • Data features: core losses and tail risks
  • Golden rules of reporting
  • Management information: the “reporting cake”

Highlights of best practice, Group discussion and sharing of experience

Day three: Emerging Risks, Scenario Analysis and Risk Culture

 Session 1: Operational Risk Drivers and Emerging Risks

  • Characteristics of Operational Risk
  • Drivers of Operational Risks
  • Emerging Risks
    • that we all know
    • that we don’t know
    • that we should know

 Session 2: Scenario Analysis and Planning

  • Steps and governance of scenario analysis
  • Tackling behavioral biases in scenario assessment
  • Industry practices and lists of scenarios
  • Assessing probabilities of rare events
  • Acting on Scenario Analysis

Industry examples and sharing of experience

Session 3: Implementing the Desired Risk Culture: a method

  • Defining Risk Culture
  • Acting on behaviours: the Influencer
  • Necessary conditions: willingness and ability
  • Risk Culture: DESIRE steps: Define – Inspire – Support – Enable – Reinforce - Evaluate
  • Assessing the risk culture

Group work: Plan your own culture change

Session 4: Conclusion & Wrap-up

  • What have you learnt?
  • What will you remember?
  • What will you apply? 

In-house instruction is available.  Contact us to inquire.

join mailing list

Name *