Operational Risk Management Framework for the Financial Sector


Operational Risk Management Framework for the Financial Sector

The need to improve operational risk management framework (ORMF) is something facing all banks. It is therefore critical to start diagnostics as soon as possible, so that organisations can gradually prepare for the latest ORMF requirements of the Bank of Russia:

  • Regulation No. 716-P On the Operational Risk Management Framework Requirements for Credit Institutions and Banking Groups (“Regulation No. 716-P”)
  • Draft Regulation On the Calculation of Operational Risk for the Capital Adequacy Ratios of Credit Institutions and Risk Compliance Oversight by the Bank of Russia (the “Draft Regulation”).

The new ORMF requirements set out in Regulation No. 716-P will take effect from 1 October 2020.

We will be happy to assist you with implementing the Bank of Russia’s new OMRF requirements.

Our services

1. Operational risk management diagnostics

We conduct diagnostics of your operational risk management frameworks (ORMF) using Deloitte’s maturity assessment model, which benchmarks the current state of your ORMF against the best international practices. We will use the results of diagnostics to identify areas for improvement and develop a roadmap for your target ORMF.

2. Building a stronger ORFM methodology

Our professionals will help you update your existing methodology or develop a new approach, tailoring them to suit the size and risk profile of your bank. We can:

  • Build approaches to identify, assess and manage operational risks
  • Develop recommendations for the existing operational risk assessment approach, including IT and cybersecurity risks
  • Design/streamline operational risk management methodologies, including methodologies for IT and cybersecurity risks, to bring your organisation in line with Regulation No. 716-P, the Draft Regulation and the target ORMF model
  • Develop/update bank internal regulations to ensure that they comply with Regulation No. 716-P, the Draft Regulation and the target ORMF model

3. Streamlining operational risk management processes

We can analyse the completeness of your risk events database and develop or improve operational risk management (ORM) processes to provide assurance of reporting submitted to the Bank of Russia. We can also update your internal regulations where changes are necessary.

4. Increasing process automation

Regulatory compliance may require increased automation in a number of areas such as:

  • Capturing operational risk events
  • Aggregating operational risk events
  • Calculating key risk indicators (KRIs) and monitoring thresholds
  • Reporting
  • Stress testing
  • Internal and external assessments


We can assist you with:

  • Developing business requirements for the necessary upgrades in your information systems
  • Identifying technology evaluation criteria and recommendations for selecting and implementing IT software
  • Creating test cases for proposed changes to your information systems
  • Performing testing
  • Implementing information system changes or a new information system

Once the changes have been rolled out, we can assess whether the transition to the target ORMF has been successful.

5. Towards a stronger risk culture

A continuously evolving risk culture is critical when it comes to ensuring the completeness of risk event databases. We can organise training to help your risk management staff acquire a stronger understanding and deeper insights into risk management processes.


Sergey Kudryashov

Sergey Kudryashov

Partner, Risk Advisory

Sergey is leading Operational Risk and Crisis Management practice in Risk Advisory. Sergey has over 15 years of internal audit, control, and risk management experience in Russia. He also has exposure ... More

Tatiana Budishevskaya

Tatiana Budishevskaya

Director, Risk Advisory

Tatiana has more than 10 years experience providing risk-management and financial advisory services to clients across Russia. She specializes in risk management for financial institutions, gap analysi... More

Наталья Канакова

Наталья Канакова

Старший менеджер, Департамент управления рисками

Наталья более 12 лет специализируется на оказании услуг компаниям финансового сектора, включая оценку системы внутреннего контроля ИТ- и бизнес-процессов, проверку на соответствие внутренним политикам... More

Екатерина Шелкова

Екатерина Шелкова

Менеджер, Управление рисками

Екатерина отвечает за предоставление услуг в области оптимизации бизнес-процессов, внедрении требований Положения Банка России 716-П «О требованиях к системе управления операционным риском в кредитной... More