Oleh: Hafidh Rahman Zailani
PT Danamon (Persero) Tbk
To many, safety is paramount. Perhaps, most are aware that being safe is what
keeps everything in check. It is arguable, however, that some are very confident
with the sense of safety which they have become accustomed to, that
precautions are deemed rather unnecessary. Just like seatbelts in our cars are sometimes
neglected, so are operational risk management contingencies in banks with the still-apparent
issues from minor incorrect data inputs in branches to large fraudulent actions – with major cases
all over the media – just to name a few. Here we are going to take a look at why operational risk
awareness should start to be measured in the best way possible, and how it should be done.
Starting off with a two-part question: when you are in a car, do you wear your seatbelt?
And if you do, why? In an idealistic sense, one may come up with answers circling around the
awareness of safety; that an accident may occur at any point in time during any journey. This is the
expected mindset when it comes to seatbelts – that is what they were invented for. It cannot
always be ideal. However, some would say that the only reason why they would wear a seatbelt is
simply to avoid a ticket and not as a safety precaution. Others may say that they realize the safety
benefits, but refuse to wear them for convenience reasons. Some may not even care whatsoever.
This variety of mindset can be seen in how bankers see operational risks and their involvement in
them.
Every bank out there has what is known as Risk Management Policies, a set of
standardized key points that regulate how all kinds of banking risks are maintained at a preferred
level. The policy acts like a seatbelt for a bank – preventing damage. But whether or not the people
operating the bank fully realizes the benefits of that banking seatbelt is another question. How
can a bank know how aware its employees are about the potential operational risks? How do we
make sure that the ‘seatbelts’ are worn for safety and not just compliance? And how can we, as
bankers, set up a future of banking where operational risk events are kept at a bare minimum? The
answer: risk awareness maturity measurement.