'Culture and the Board'
PSD Group Insights
If a culture is truly embedded in an organisation, it should be almost invisible. As has often been said, it's like the water in which fish swim. They don't see the water. It's their natural environment. And it's the same with organisations. In this article John Thirlwell thinks about how we get there, why culture matters and the role of the board.

Book review:
'Lehman Brothers: A crisis of values' by Dr Oonagh McDonald (Manchester University Press (2015))
John Thirlwell reviews a fascinating book into a seismic event
Financial World, Spring 2016

'Measuring and managing uncertainty'
CIR Magazine, May 2016
The proposed Standardised Measurement Approach for operational risk is intended to produce a more sophisticated measurement of operational risk capital. But can the uncertainties of operational risk be reduced to a simple formula?

'Numbers miss what counts'
Financial World, June/July 2016
John Thirlwell discusses operational risk, what it is and why it is so hard to quantify. He then argues that we need to bring a different mindset to how we deal with the problem.

'Culture, communication and the appetite for knowledge'
CIR Magazine, July 2016
When we talk about values and behaviours we usually frame the conversation in the context of ethics and morality. But the practical side of values and behaviours is the simple business of getting information to where it's needed as quickly as possible. Communication and the appetite for knowledge should be a key component of any firm's culture.

'Not an exact science' - Spurred by Andrew Haldane’s speech that criticised models as unfit for purpose, John Thirlwell shares his opinion of current modelling techniques
Risk Business - June 2012

Managing reputation risk – our ‘purest treasure’
Mutually Yours (the online magazine of the Association of Financial Mutuals) - (May 2011)

In the opening scene of Shakespeare’s Richard II, Thomas Mowbray declares: ‘The purest treasure mortal times afford / Is spotless reputation: that away / Men are but gilded loam or painted clay.’ As ever, the Bard was right. In a survey of CEOs by PricewaterhouseCooper a few years ago, reputation risk was seen as the key threat to success and in a more recent survey by Aon, reputation risk was the most frequently noted concern across all industries and amongst the most serious concerns, in terms of its impact, by financial services firms.

‘The fault lies not in the stars, but in ourselves . . .’ - managing people risk
Mutually Yours (the on-line magazine of the Association of Financial Mutuals) - April 2011

‘Our people are our greatest asset’, the Chairman or CEO writes in the annual report and accounts. That is undoubtedly true, but the corollary is also true, that our people are potentially our greatest liability in a service industry. People failures, whether through incompetence, poor training or, importantly, poor behaviours, lie at the heart of so many of the risks to which financial services companies are exposed and suffer.

Operational Risk – Cinderella or Prince Charming?
Chartered Banker (the monthly magazine of the Chartered Banker Institute, Scotland) - (March 2011)

Back in the 13th century, Thomas Aquinas, the philosopher and later saint, famously declared that ‘the world has never been so full of risk’. He was thinking of plagues, wars and famine, which decimated populations and caused mediaeval banks to collapse - far more than through the capricious behaviour of borrowers, such as kings and Popes. The risks he was talking about were operational risks.

Governing risk: ‘Untune that string and hark what discord follows’
Mutually Yours (the online magazine of the Association of Financial Mutuals) - (March 2011)

In January 2011, the Financial Crisis Inquiry Commission in the United States published its report on the causes of the financial crisis. It naturally picks out the contributions of poor mortgage lending standards, over-the-counter derivatives and the rating agencies. But its key conclusions about why the crisis was avoidable are that there were ‘dramatic failures of corporate governance and risk management at many systemically important financial institutions’ and that there was a ‘systemic breakdown of accountability and ethics’.

Response to Basel Committee SIGOR consultation
Sound practices for the management and supervision of operational risk - (February 2010).

My connection with operational risk goes back to my work as a Director of the British Bankers’ Association and initial surveys of operational risk management in member banks starting in 1995. I founded and chaired the BBA’s Global Operational Risk Database (GOLD) and, although I left the BBA in 2003 to pursue a portfolio career as a risk management adviser and non-executive director in financial services, I have maintained strong links with thinking in relation to operational risk management.

Many headed hydra: Operational risk is everywhere in your business so learn to manage it.
Published in the December 2010 edition of The Treasurer, the official magazine of the Association of Corporate Treasurers,

First we should understand what we mean by operational risk. Operational risks are incurred as soon as a business opens its doors – risks such as fire, flood, terrorism or theft. It is a broad church, which began as a discipline some years ago in the ‘safety critical’ industries, such as energy, space, nuclear, defence and aviation, where mistakes can have catastrophic consequences in terms of human life.

Basel III and operational risk: the missing piece?
FS Focus, Financial Services Faculty, ICAEW - (November 2010)

‘Interestingly, if you look back at the last 200 years, you will find that almost all banking crises have been preceded by an asset bubble, usually a property bubble.'

Response to the Basel Committee SIGOR consultation paper
Recognising the risk-mitigation impact of insurance in operational risk modelling - (January 2010)

I welcome the SIGOR paper, which sets out the complexities of many of the issues about which I have commented over the last seven years and provides helpful guidance to supervisors, banks and insurers. Given my agreement with the great majority of statements made in the consultation paper, my response consists of a number of observations on specific sections, which are given below, the headings referring to those of the SIGOR paper.

In Search of Lost Time - Marcel Proust
John Thirlwell's Desert Island Companion (Folio Society 2007)

Why declare UDI?
"Operational Risk" Magazine - (September 2005)

It is truth universally acknowledged that the operational risk function shall be independent. And I've been asking myself - why? What does an operational risk manager do which requires independence? Is this yet another example of how approaches to other types of risk have simply been read across to operational risk without really analysing their relevance?

Constitutional lessons
"Operational Risk" Magazine - (June 2005)

The French 'non' to the European constitution (this is being written before the Dutch go the polls) made me wonder whether there were lessons for us in relation to Basel and the proposed European Directive. Among the guiding principles on all sides of the discussion has been the need to act together - on a playing field which we've all rolled flat and at the same time. Fine, but then other forces come in to play - just as the French electorate has showed.

Response to CP05/3, Strengthening Capital Standards (QQ 134-145, Operational Risk)
Response to FSA CP05/3 - (April 2005)

Deserts of Vast Eternity
"Operational Risk" Magazine - (March 2005)

Harold Macmillan, UK Prime Minister a lifetime and another world ago, was once asked by a young journalist after a long dinner what can most easily steer a government off course. "Events, dear boy. Events", he famously replied. I've often remembered that quote when thinking about operational risk. It sums up its sheer unpredictability. And of course, whether you're a Prime Minister or a CEO, it's your ability to cope with events or, to be more precise, the effects of those events, which will allow your Government or your firm to succeed.

Trojan Horse rules
"Operational Risk" Magazine - (December 2004)

Once upon a time it all seemed so reasonable. The BIS Sound Practices paper was a model of excellent practical guidance. Here in the UK, the draft text of the Prudential Source Book, especially the section on high-level operational risk systems and controls (known mysteriously as SYSC3A), was essentially guidance. It recognised that operational risk was a new risk, not wholly understood, either as to its extent, or as to the essentials which would enable it to be both managed and assessed with any degree of certainty.

The Credit Rating Age (Part II) - The Call for Control
RBC Capital Markets Open Forum Notes - (16 December 2004)

From humble origins the credit rating agencies have evolved as global power brokers and de-facto intermediaries in debt and derivative markets.

  • A key element of reform would be the removal of the regulatory restrictions which act as barriers to entry for new or smaller agencies, in particular the current system of NRSRO recognition in the USA.
  • To widen the gene pool of agencies, the key criterion for any regulatory eligibility test should be one of "market recognition", whether that market is defined by geography, industry sector or product.
  • Whilst it would be preferable for issuer fees to be prohibited, at the very least income sources, including those relating to ratings on securitised products, should be made transparent to the ratings’ users.
  • Transparency should extend to identifying whether a rating has been solicited and the nature of any rating triggers within instruments which are rated.
  • The conflict of interest deriving from the provision of ancillary services must also be removed by their being unbundled.
  • Regulators must learn to curb what has become their habitual use of ratings effectively as a proxy for prudential standards in the debt and securities markets.

Into the unknown
"Operational Risk" Magazine - (September 2004)

A few weeks ago, I was looking out of my window at (by the standards of North West London suburbia) an astonishing monsoon thunderstorm which had lasted dramatically for a couple of hours or so, when a posse of police cars, some marked, some unmarked, screamed up the road and stopped at the house opposite.

Source for the goose?
"Operational Risk" Magazine - (June 2004)

Regulators used to give the impression of approaching outsourcing as if armed with a clove of garlic and a stake in case they had the good luck to meet it at a cross-roads. It represents an abdication of responsibility, they cried ("Oh no it doesn't", we cried back), or a way of running the firm on the cheap or, at best, an abdication of control and was therefore, in the words of 1066 and All That, "a Bad Thing".

Credit Rating Agencies - The New Emperors and Their Clothes
RBC Capital Markets Open Forum Notes (30 April 2004)

  • From humble origins as suppliers of information and arm's-length opinions, the major credit rating agencies have developed into powerful global institutions, whose positions are virtually unassailable by would-be new players and deeply entrenched in the workings of today's financial markets. This note maps the rating agencies' remarkable evolution and points to a number of critical and potentially problematic implications.
  • The transformation of the agencies' role would not have been possible without the endorsement of regulators, which in essence have awarded the agencies effective control over the access to and the costs of funds in bond markets and beyond.
  • Unsolicited and unpaid ratings, once the industry's mainstay in its early days, have turned into an effective means - intentional or not - to drive reluctant issuers into paid rating relationships and away from potential competitors.
  • The agencies' dominant position has also been supported by the complicity of the markets, which have largely outsourced responsibility for the analysis that they should be undertaking themselves.

Accord sans frontières
"Operational Risk" Magazine - (March 2004)
Arguing the technicalities of Basel has been a long sideshow to the real issue - how it is going to be implemented. Or more specifically, how the Accord is going to be implemented consistently across national frontiers.

Is Assurance Assured ?
"Operational Risk" Magazine - (November 2003)
As if there weren't enough issues surrounding op risk, I'm not sure the insurance question is close to being answered. At first, Basel put insurance in square brackets within the AMA, but at least it gave it a run. Then the EU upped the ante by offering insurance for all Approaches - Basic, Standardised and Advanced.

Response to the European Commission's Third Consultation Paper on Capital Requirements For Banks and Investment Firms
(October 2003)

Results of Survey by The Operational Risk Research Forum
Insurance and Operational Risk - (September 2003)

Rumbles in the ratings jungle
"Operational Risk" Magazine - (September 2003)
In the ratings jungle, things are astir. Earlier this year, Moody’s published a paper detailing a specific approach to assessing operational risk. Fitch will shortly be devoting a separate section of its rating reports to OR and S&P are developing further metrics by which to assess OR in financial firms. Add to that the acquisition by Fitch Risk Management (not of course to be confused with the Ratings combo) of OpVantage and the First database, and it’s obvious that wagons are rolling. But in what direction?

Response to the Basel Committee on Banking Supervision Consultation Paper (CP3) April 2003
(July 2003)

Why be standardised?
"Operational Risk" Magazine - (June 2003)
It seems such a short time ago that we were building a new capital Accord which would incentivise banks to improve their risk management and encourage them to move along the spectrum of the new Accord’s three stages. How rapidly things can change.

See also the 'Publications' section

© John Thirlwell 2017. All rights reserved.
Any reuse in whole or part requires our consent
Design by