FIS Operational Risk

The main articles are:

• ORM - Operational Risk Management
• Business Process Management

2024: FIS Operational Risk System Introduction

FIS Operational Risk closes most requirements for a modern GRC system. This was reported to FIS on September 30, 2024.

fisgroup.ru

At the end of 2020, Regulation Bank of Russia No. 08.04.2020 of 716-P entered into force, fully regulating the operation of operational risk management systems (EMMS) credit in organizations. In connection with the regular addition of regulatory documents today banks , the issue of setting up the activities of all business units with the current requirements for risk management is acute.

In response to this challenge, FIS, one of the representatives of business process automation in Russian banks, developed the FIS Operational Risk system, which is a comprehensive tool for managing operational risks throughout their life cycle.

Large banks strive to integrate a full-fledged solution for monitoring, control and management of all kinds of risks into their IT landscape. FIS Operational Risk ensures the automation of the entire life cycle for their management: from the registration of incidents and their preliminary classification to the calculation of actual losses and the formation of reports in accordance with the regulations of the organization and the Bank of Russia. The FIS decision fully complies with the requirements of the regulator based on the documents of the Basel Committee on Banking Supervision (Basel III):

• Regulation of the Central Bank of the Russian Federation dated 08.04.2020 No. 716-P 'On Requirements to the Operational Risk Management System in a Credit Institution and Banking Group';
• Regulation of the Central Bank of the Russian Federation dated 12.01.2022 No. 787-P 'On Mandatory Requirements for Credit Institutions for Operational Reliability in Banking Activities in order to Ensure Continuity of Banking Services'.

The FIS solution automates the process of collecting, processing, and organizing information about operational risk events, key risk indicators, and risk minimization activities.

The system allows you to automatically:

• administer the register of all risks and monitor their limits and signal values;
• calculate key risk indicators and risk levels to assess the quality and effectiveness of internal control mechanisms at the bank;
• conduct self-assessment procedures;
• to form management and regulatory reporting.

The FIS Operational Risk solution ensures full compliance with the key requirements of the regulator. After its implementation, thanks to the flexibility and simple interface of the FIS Platform, the bank has the opportunity to make the necessary changes to the system under the changing requirements of the Central Bank - independently and without additional expenses. FIS regularly participates in tenders for the supply of various risk systems, and banks often choose us, guided by the requirements for expertise and the availability of successfully implemented projects, - said Daniil Sokolov, director of consulting at FIS.

The FIS Operational Risk system is implemented on the low-code FIS Platform, which provides flexibility in configuring the QISR and allows integration with any internal and external services using a modern technology stack.

Ready-made FIS Operational Risk solution - installation and integration into the bank's infrastructure from 4-6 months. Customization of the system for the specifics of any business customer - up to 1 year.

How to implement a unified risk management system in a large bank, where many departments are responsible for different risk situations?

At different stages of business processes, the bank's specialists gain access to the data and functionality of FIS Operational Risk, depending on the role of the bank's employee in the model:

• Risk managers and administrators have the maximum set of rights to set up business processes and delimit the areas of responsibility of participants.
• employees of bank divisions are responsible for informing about the occurrence of specific risks and providing feedback during the processing of incidents;
• employees of IAA (note: certified bank auditors) and information security can view all materials in the system.

Promsvyazbank, together with FIS, has implemented the SUOR system in its structure in order to achieve long-term goals of reducing financial and reputational losses and compliance of the bank with all relevant requirements of the regulator. FIS merged IT systems and divisions of Promsvyazbank related to business risk management into SUOR, clearly delimiting the areas of responsibility. The FIS developers also formed a single platform for accounting for risks and their assessment with the recording of all information in the bank's corporate repository. FIS automated the creation of a register of operational risk events, their analysis, including the calculation of key risk indicators and key control indicators, instant informing responsible specialists about the need for risk minimization measures and integrated reporting into the system, which, among other things, forms the business itself.

Traditionally, SUOR has a full cycle of processing risky events: from registration to closure after the completion of all activities and payment of refunds. The system allows you to flexibly manage roles and rules for accessing information and functions, and the user of the ARMS, depending on the role, can build a relevant risk management model (taking into account internal requirements, bottlenecks in business processes, etc.)

The integration of EMS with all the bank's systems and storage facilities significantly reduced the time of employees to identify and register risk events, as well as to transfer tasks to solve them. At the same time, automation of the system does not exclude the possibility of point analysis at any selected moment. With the FIS decision, Promsvyazbank has generally increased its operational stability, "said Lyudmila Bezruchko, FIS Operational Risk Product Owner.

At the development stage, there is an expanded version of FIS Operational Risk, which will include a comprehensive solution to support the work of the bank's internal audit and internal control departments, including compliance control, said Lyudmila Bezruchko, FIS Operational Risk Product Owner.

FIS provides banks with a set of solutions and services that allow them to close most of the requirements for a modern GRC system.

GRC's approach focuses on business management through strategic management (Governance), risk management (Risk Management) and compliance (Compliance). GRC systems are used to collect and analyze task performance data from all business units. The system provides transparent reporting for top managers, including about potential risks, compliance with legislation and internal documents. For division managers and risk managers, GRC systems demonstrate complete data for the detection and elaboration of risks and violations. Implementing the GRC approach in FIS solutions:

• Governance: FIS Operational Risk allows you to monitor key indicators of business risk and distribute responsibility among the bank's divisions;
• Risk Management: FIS provides a complete solution to identify, analyze and address risk situations;
• Compliance Management: An enhanced version of FIS Operational Risk will allow you to monitor compliance with both internal and external requirements at the bank.

{{quote 'FIS owns a whole line of solutions to automate banks' business processes. In line with best market practices, our company provides banks with effective risk management and control tools, including a decision-making system. To manage operational risks, we supply FIS Operational Risk. Indirect credit risk management can be carried out using our flagship products - the LL credit pipeline and the FL credit pipeline. In addition, we offer banks and a credit monitoring solution for managing the loan portfolio. FIS never stands still, strives for a comprehensive approach and therefore remains the leader in the market for more than 20 years. For example, as of September 2024, we are creating a system of internal audit and compliance control, - said Daniil Sokolov, director of consulting at FIS. }}

FIS Operational Risk not only helps banks meet all the current requirements of the Central Bank of Russia, but also provides a powerful tool for optimizing risk management processes.