March 29, 2026

Interconnection & Interdependence in Operational Risk Management

In the realm of Operational Risk Management, it has become more than imperative to assess the internal control governance not in silos but from the lens of IMPACT & AGILITY.

Yes… from stepping into the IPL season with debate over Impact player at one side to Impact of missile debris on the other side with scouting for that elusive insurance clause; thought of writing few takeaways on the word Impact of Operational Risk events in the Banking Industry.

It is important that we practice steps proactively on how to be agile and bounce back by taking informed decisions on Impact

To me, to mitigate the Operational Risk, it is crucial to foresee not only with numbers but from understanding the interdependencies of several lines of processes executed by interdependent people across industries. The risk workspace in the Banking spectrum will not only include the internal units, but also the fintech players, the outsourcing partners, the cloud providers…. enmeshed to deliver the products and services to the end users. Hence, impact of an event cannot be measured in uncoordinated tags instead it needs to be portrayed with the damage it can cause if it occurs.

The Operational Risk Management does not end by analysing the IMPACT alone; it calls for AGILITY… i.e. the events will occur in some form or the other, impacts will also get measured, but the challenge and the preparation that is required is to how quickly the processes and the people will be back into action with minimal disruption.

Here are some key takeaways for proactive Operational Risk Management in today’s world of interconnectedness and interdependencies:

Identify the processes associated with the products and services, map them with the systems that is required to deliver and also the people who would deliver implying implicitly the “right person for the right job”; more granular the mapping, better will be the monitoring

To monitor, it is crucial to define the tolerance metric (volume based, service level or time based). Defining the Recovery Time Objective and embedding them in the service level agreements with the outsourced vendors will ensure preventive operational risk management.

Enhancement of the third-party risk management governance framework to ensure due diligence, objective-driven review mechanism, periodic testing to ensure the controls are working

Reporting mechanism should be simple and plans to respond to any disruption should be quick and handy. This implies that the escalation and remediation strategies should be clearly defined with roles and responsibilities

Training and Awareness on how to identify, assess, mitigate and report operational risk is fundamental and key to a robust risk management practice

Prioritise “Building Operational Risk Culture” not as a lip service or regulatory checklist model, but ensure the culture becomes the DNA with embedded operational risk management and operational resilience.

About Me

A dynamic professional in the finance sector, she balances analytical precision with a deep passion for creative writing. Beyond her corporate role, she finds solace and strength in words, expressing her thoughts on lifestyle, relationships, philosophy, and spirituality. Her writing is heartfelt, reflective, and rooted in everyday experiences, offering readers a gentle lens into life’s deeper meanings.

She wears many hats — a mother, a wife, a daughter — each role enriching her perspective and adding depth to her storytelling. Her words are not bound by genre but guided by authenticity and emotion. Whether exploring inner journeys or capturing fleeting thoughts, her writing serves as both a mirror and a bridge — connecting self to soul, and soul to society.