Case Study

6th May 2020
Industry: Banking & Capital Markets and Financial Technology
Annual Revenues: £10bn+
Employees: 5,000+
Locations: UK
Sponsor: Chief Risk Officer

A global payments company, regulated by the Bank of England and US Federal Reserve, was coming under increasing regulatory pressure following three (3) technology led crisis events, with the most recent event impacting more than 5M transactions in 10 hours. As the company invested in new technologies and advanced into mobile payments, peer-to-peer payments and cryptocurrency clearing, the company required to analyse the change in strategic and operational risk profile caused by internal and external factors influencing the company’s risk exposure.

Primary activities performed

Engineered the design of the global strategic and operational risk
management programmes, including:

  • Developed a strategic and operational risk management framework setting out programme priorities, capabilities, objectives, risk aggregation and governance;
  • Facilitated the development of a risk taxonomy;
  • Developed an operational process, risk and control framework to enhance visibility of key risks associated to critical processes, services and activities (allowing for risk aggregation and governance);
  • Developed distinct strategic and operational risk policies and facilitated Board of Directors review, challenge and approval;
  • Performed risk capacity analysis to measure the potential financial impact of material risks and assess tolerance thresholds aligned to strategic company objectives;
  • Facilitated workshops with the Enterprise Risk Committee and Board of Directors to assist in the development and approval of strategic and operational risk appetite statements;
  • Developed a target operating model consisting of proposed organisational design, roles and responsibilities and risk committee structure; and
  • Developed a regulatory reporting framework to enhance the level of risk transparency.

Key Results

  • Regulatory acceptance of the risk management framework
  • Awareness and support from the Board of Directors to set aspirational risk management
  • Integration of the risk management framework into all new product developments