Operational Risk Management

The Risk Management Association (RMA) has been at the forefront of the development of the operational risk discipline since 2003. The definition of operational risk is the risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events, but is better viewed as the risk arising from the execution of an institution’s business functions. Operational risk exists in every organization, regardless of size or complexity from the largest institutions to regional and community banks. Examples of operational risk include risks arising from catastrophic events (e.g., hurricanes), computer hacking, internal and external fraud, the failure to adhere to internal policies, and others. For much of the past decade, the industry has been focused on measuring operational risk losses for capital allocation purposes, but in recent years has increased the focus on managing operational risk.

The Risk Management Association serves operational risk practitioners in large institutions, as well as regional and community banks, at both the corporate level and the business line. RMA provides peer sharing, professional development and networking opportunities for our members through discussion groups, conferences, round tables, classroom training events, and Web seminars. The Risk Management Association also undertakes surveys, benchmarking studies, and range of practice papers. In addition, RMA’s AMA Group shares industry views on aspects of AMA implementation with the U.S. financial services regulatory agencies toward a goal of successful AMA implementation. The RMA Journal® regularly carries articles on operational risk topics, and The Risk Management Association also publishes an operational risk e-newsletter.

In remarks delivered before RMA's annual Governance, Compliance, and Operational Risk Conference on May 8, 2014, OCC Comptroller Curry commended RMA for being "out in front on the issues that matter most to financial institutions" and that are also "front and center" for him as comptroller. He pointed out that in his first weeks as comptroller he had stated that addressing the challenges posed by operational risk would be among his foremost priorities as comptroller. A complete summary of his speech can be found here.

Operational Risk Framework

Cyber Security Framework (PDF)


Conferences and Training

Round Tables

While participation is by invitation (to ensure quality of discussion among participants having common interests), RMA and the steering committees for these events would like to ensure that members of the RMA community are aware of the round tables that are coming up. Please share this schedule with your colleagues.

RMA round table meetings provide an exceptional opportunity for you to meet with peers from other financial institutions to discuss important issues in operational risk and regulation. Many of your colleagues already attend round table meetings developed and facilitated by RMA, and they often comment that it is the best meeting they attend all year because of the open, participant-led discussions and sharing of ideas and best practices.

Examples of round tables include:

  • Asia Pacific Operational Risk Round Table
  • Asset Management Round Table
  • Business Continuity Planning (BCP) Round Table
  • Cyber Security Round Table
  • Incentive Compensation Round Table
  • Mortgage Round Table
  • Retail Banking Round Table
  • Third-Party Risk Management Round Table

Industry Position Papers


Surveys and Studies

Course Calendar

Recorded Web Seminars

Comments or questions relating to Operational Risk Management within RMA can be addressed to Ed DeMarco, Director of Operational Risk or Sylwia Czajkowska, Associate Director, Operational Risk.