Op risk benchmarking
Welcome to Op Risk Benchmarking, a new research service scrutinising op risk practices at a range of financial institutions. Each quarter, we'll share some of the findings from one of four cohorts – G-Sibs, other banks, asset managers and insurers, and FMIs.
Participants get to see all the data – message us for details: ORMBenchmarking@risk.net
![](/sites/default/files/styles/landscape_750_463/public/2024-01/Geopolitical%20risk%20Getty%201310120654.jpg.webp?itok=ZJwxZsOE)
Geopolitics is harsh terrain for FMIs
Idiosyncratic nature of disputes and flare-ups leaves exchange and infrastructure operators blending metrics with guesswork
![](/sites/default/files/styles/article_100_width/public/2023-12/Regulatory%20compliance%20Getty%201248867449.jpg.webp?itok=GmA50yLG)
FMIs get busy, as supervisors circle
Via new roles and controls, exchanges and clearers hope to “get ahead” of regulatory wave
![](/sites/default/files/styles/article_100_width/public/2023-12/IT%20disruption%20Getty%201287699228.jpg.webp?itok=QMR8PdXG)
On cyber, FMIs seek to avoid being weapons of mass disruption
Controls focus on basic cyber hygiene, but communicating the risk remains a challenge
![](/sites/default/files/styles/article_100_width/public/2023-12/Keeping%20the%20lights%20on%20Getty%20514386360.jpg.webp?itok=aGAt-9Yo)
FMIs look to resilience planning to keep the lights on
Wary of customer and supervisory scrutiny, bourses are pouring resources into scenario planning and controls
![](/sites/default/files/styles/article_100_width/public/2023-12/Information-security.jpg.webp?itok=WWtdc_JH)
Information security: too important to leave to the experts?
Holding a trove of sensitive data, FMIs seek greater safety through shared oversight and smarter reporting
![ORB hero thinner left ORB hero thinner left](/sites/default/files/styles/free_crop/public/2023-08/ORB-Montage-hero-Width2250x350-v3-leftofc.png.webp?itok=m9UWLH4O)
Op Risk Benchmarking: The G-Sibs
Using data submitted by 11 G-Sibs, our new Benchmarking series explores how the world’s largest banks are managing their biggest operational risks. Team sizes and setups, modelling practices, internal reporting, GRC vendors – take a look here.
Big Figure
Safety in numbers?
FMIs demonstrate broad variability in the size of the second-line teams tasked with overseeing infosec – but that’s starting from a relatively low base: many have teams comprising of just one specialist, while the mean average is slightly more than five.
![Op Risk Benchmarking - The Banks hero slide Op Risk Benchmarking - The Banks hero slide](/sites/default/files/styles/free_crop/public/2024-01/Op%20Risk%20Benchmarking%20-%20The%20Banks%20hero%20slide_3.jpg.webp?itok=4fqwl9MX)
Op Risk Benchmarking: Banks
Our second Op Risk Benchmarking series focuses on op risk frameworks at large domestic and regional banks, taking a deep dive into each of their top five risks: information security; IT disruption; change management; execution & process errors; and regulatory compliance risk.