Many financial services organisations are currently in the process of defining or revising their operational risk appetite framework. A key part of the framework is defining the risk appetite statement.
As such statements contain confidential information, they are not typically shared publicly by any organization and hence operational risk practitioners do not have access to high quality public examples.
The RiskSpotlight team has performed in-depth research on risk appetite and focused on the operational risk element.
The research has covered published content from diverse sources such as The Financial Stability Board, ISO 31000, COSO ERM & The Institute of Risk Management.
Based on the best practices identified from the researched sources, we have created an operational risk appetite statement for a fictitious organization — RWS Bank. This statement contains all the key topics a financial services organization should consider covering within its own operational risk appetite statement.
Our intention by sharing this with the operational risk community is to give a starting point for the operational risk practitioners to have a structured discussion on this topic.
You can join our community to provide feedback and receive future updated versions.