hml risk transformation

Delivering a Risk-Led Transformation Gillian Weatherill– Head of Operational Risk

Agenda

• HML Overview

• Journey

• Risk Management

• Outcomes

• Whats next’

• Questions

Service range

• Financial services prime

and subprime UK residential

mortgages.

• RSS2- rating special

servicing

• Over £43bn residential and

commercial mortgages

currently under management

in UK and Ireland

• 1,300 employees based

across 3 UK sites, including

a 450 seat call centre

handling up to 13,000 calls

per day

© HML 2010. All rights reserved. 4

Journey

“The greatest antidote to worry….is preparation.

The more you try to envisage what might happen

and what your best response and options are, the

more you are able to allay your fears for the

future.”

John Glenn, Astronaut

Risk Management Effectiveness Review

We recognised that there were gaps in our approach to

Operational Risk Management…..

•Silo operational risk

processes.

• Key Risks identification

disconnected from

performance & objectives

• KRI’s definition – partial

• Policy documents –

limited governance and

assurance

• Lack of enabling

technology

• Poor alignment to strategy

http://images.google.co.uk/imgres?imgurl=http://www.bpemopar.com/images/SPRINT%2520CAR%2520DIRT%2520LATE%2520MODEL/SPRINT57.jpg&imgrefurl=http://www.bpemopar.com/SPRINT_CAR_DIRT_LATE_MODEL.htm&usg=__jZybduldoXyJSpqT5qhtCS0fqxw=&h=537&w=529&sz=56&hl=en&start=6&um=1&tbnid=plwgskSvVBaXVM:&tbnh=132&tbnw=130&prev=/images%3Fq%3Drace%2Bcar%2Bengine%26um%3D1%26hl%3Den%26sa%3DN

http://images.google.co.uk/imgres?imgurl=http://www.jimsautoparts.com/steering_wheel.jpg&imgrefurl=http://www.jimsautoparts.com/intertrim.htm&usg=__42PNR5U50W8Zcpa6hsnyNWv4hRw=&h=290&w=300&sz=17&hl=en&start=1&um=1&tbnid=x4uh8cdEClyqYM:&tbnh=112&tbnw=116&prev=/images%3Fq%3Dsteering%2Bwheel%26um%3D1%26hl%3Den

Our approach, closed gaps and enabled us to meet our

challenges...

• Increased resources for

assurance activity and “deep

dive” work

• Risk integrated with Strategy

• Comprehensive set of Key

Risks & Controls

• Robust enabling technology to

support the risk management

framework

• Comprehensive policy suite

• Maturity model &

effectiveness BSC to set

change agenda

Risk Management Framework

9 © HML 2010. All rights reserved. © HML 2010. All rights reserved. 9

Risk Management

Remember that all models are wrong; the

practical question is how wrong do they have to

be to not be useful.”

George E. P. Box ( Statistician)

Risk Role in HML’s Strategic Execution

10

To provide excellence in risk management to support the sustainable

achievement of HML’s strategic objectives within its defined risk

appetite.

ADVICE OVERSIGHT CHALLENGE

Oversight, Challenge & Functional Leadership

Passionate focus on supporting

business excellence

Continuous improvement in risk

management practices

Business focused advice and

oversight which adds value

Delivered through highly skilled and positively motivated risk people, within an overall approach respected and valued by the business.

Risk Management Approach

Risk Management Systems and Controls reduce risk, minimise losses and provide peace of mind

that a robust and effective control framework is in place.

The HML enterprise wide risk framework and supporting structure is designed to promote a risk aware culture and to help ensure that effective procedures are in place to identify, assess, measure and monitor risk across HML. The objective is to provide:

Clear accountability for the management

of risks.

Independent oversight and

challenge of the management of risk

Integration of risk management as part

of day to day business

11 © HML 2009. All rights reserved.

Focus on integrated Governance, Risk & Compliance

© HML 2009. All rights reserved. 12

RISK Extent of uncertainty around achievement of business objectives. Risk management being the process of identifying, sourcing, measuring, mitigating and monitoring risk. Purpose being to: - reduce to acceptable level variability in pursuit of opportunities - minimising impact of extreme events - take prudent risks that HML can manage successfully as it creates value.

GOVERNANCE Process by which ELT & SLG set overall business objectives and oversee progress towards those objectives.

COMPLIANCE Process that ensures HML adheres to its internal policies, and that policies and procedures established to comply with applicable laws and regulations are performing as intended.

Internal Environment

Objective Setting

Aligned activities

Control activities

Info & communication

Monitoring

Event identification

Risk assessment

Risk response

Risk Identification and Assessment

The ERM framework is used to understand the links between what we want

to do, what could stop us, and how we manage and monitor performance.

All the data is held in our bespoke software solution ‘Insight’.

13

Performance Risk Controls Indicators

Key Risks Objectives Key Controls Key Indicators

What are we trying to achieve?

What threats will stop us achieve our objectives?

What process do we need to control and what is the

right level of control?

How do we monitor changes in performance, risk and controls

effectiveness?

Control Effectiveness

The Control Self Assessment (CSA) quarterly certification process was

introduced in Q4 2009

The process involves all key controls across all divisions being reviewed,

capturing:-

• the control purpose

• an assessment of the effectiveness of the control

• documentation of proof to support the certification

14

Key Controls

Certification

-Type

- Assessment score

- Expected performance

-Certified effectiveness

- Improvement action

Line 1 challenge

Line 2 validation

Outcomes: So what?

Direct Operational Losses by Year

• The improvement in performance is

illustrated and there has been a 93%

reduction in the value of losses that have

occurred during 2010 compared with

those that occurred during 2008.

• From 2007, there has been a 56%

reduction in the volume of losses that

occurred during 2010 compared with

those that occurred during 2008. In

addition, the severity of losses has

reduced over the years and, for the

losses that occurred during 2010, 97% of

the volume of these were for individual

amounts that were less than £1k.

The graphs opposite show the operational

losses paid out from January 2007 - September

2011, by value and volume in the year the error

occurred.

Audit Actions

The graphs are based on all issues

raised from internal audits, external

reviews and internal compliance and

assurance reviews

The percentage of issues that are rated

Significant / High risk has decreased

year on year since 2008. In 2008 24%

of issues were rated Significant or High.

This reduced to 14% in 2009 and again

to 10% in 2010. So far in 2011 the % of

high issues stands at 5% of the total

issues added.

The percentage of issues rated medium

risk has also decreased from 48% in

2008 to 45% in 2011.

17

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

2008 2009 2010 2011

% of issues added each year by Grade

Low / Efficiency

Medium

Significant / High

Strategy and Risk Management Executive

Breakfast 3 Movember 2011