Recently, my bank established a department called Operation Risk Management. And assigned a Basel II coordinator. I understand that the exact approach for operational risk management chosen by an individual bank will depend on a range of factors, including its size and sophistication and the nature and complexity of its activities. What are the elements of an effective operational risk management framework for banks? How it is structured within your banks? I appreciate your input.

Joe - that's going to be the $64,000 question of the day.

Risk Management - a concept that sounds great, but show me the exact day-to-day procedures I should be doing. Risk Management was one thing for interest rate risk, market risk, credit risk, etc. But Operational Risk seems to be a great big fuzzy area.

No doubt I'll get a vendor calling me on the phone offering a manual that will help me with my "Operational Risk Management" with checklists and memos and sample policies...... (Some of which, no doubt, will sound almost like the Basel paper.)

Wow - I'm in a very cynical mood tonight!

Joe, the best document on risk managment that I have read recently is COSO's draft Enterprise Risk Management Framework that came out a couple of months ago. I provided a summary of the framework in this thread, as well as a link to the document.

Banks have been doing Operational Risk Management for years...COSO's framework just provides a roadmap or standard to help formalize and document the process.

Given the broad acceptance of COSO's Internal Control Framework, I would be surprised if the Enterprise Risk Management Framework wasn't broadly accepted as well.