The Meeting was held on a digital format on September 28-30, 2021, and was attended by 97 representatives from 37 institutions and associates of CEMLA from the following countries and regions: Argentina, Aruba, Barbados, Belize, Bolivia, Brazil, Canada, Chile, Colombia, Costa Rica, Ecuador, El Salvador, España, European Union, Guatemala, Honduras, Mexico, Nicaragua, Panama, Paraguay, Portugal, Dominican Republic, Spain, Suriname, the Bahamas, the Philippines, Trinidad and Tobago and the United States. The event was focused on the following topics: organizational resilience; digital technologies, climate change, compliance and supplier risk as emerging risks; models of appetite, tolerance and risk capacity; and organizational frameworks for operational risk management.
Session 1. Invited Talk. Organisational resilience – a strategic imperative for central banks
This session presented key aspects of resilience as central concept to approach operational risk management. Some takeaways of the session were the following:
-
· A resilient organization is able to respond to high impact events and uncertainty, not only to expected contingent events. It is aware of the interdependence with other institutions and industries, employees, clients, vendors, etc.
-
· Resilience is underpinned by strategic, operational and cultural dimensions within the organization. Its development relies on 4 competences: foresight, insight, oversight and hindsight.
Session 2. Emerging Risks: Digital technologies and Climate change
This session was devoted to the risks stemming from digital currencies and climate change. Some takeaways of the session were the following:
-
· In general, central bank digital currencies (CBDC) were not considered an improvement on current wholesale payment systems. Yet, there is still interest in CBDCs, and there are working groups and pilot projects to explore their implementation. However, CBDCs come with risks related to security, reliability, scalability of operations, monitoring, and the right assignment of roles and responsibilities.
-
· Climate change can trigger diverse types of operational risks. One threat is the physical damage to people or infrastructure due to extreme events. Given the complexity of climate-related impacts modelling, it is important to have data, standards and analytical tools to encompass the different level of affectation.
Session 3. Models of appetite, tolerance and risk capacity
This session discussed the perspectives of three central banks with regard to models of appetite, tolerance and risk capacity. These tools are intimately related to central banks’ organizational objectives.
Panel 1. 2LOD: Framework in the organization, roles, responsibilities, and integration with the 1LOD and 3LOD
In this session, the panelists discussed organizational frameworks in operational risk management. Some takeaways of the session were the following:
-
· Coordinating central banks’ three lines of defense allows them to manage all risks in an integrated and orderly manner, ensuring that each line has clear and complementary goals and that the banks’ goals are met.
-
· The challenges of implementing 3LOD require resource-intensive efforts in areas such as cybersecurity, risk information security, infrastructure for operational resilience, and risks arising from dependence on third parties.
Session 4. Emerging Risks: Compliance and Supplier Risk
This session discussed further topics related to emerging risks, focusing on methodologies to assess regulatory compliance and supplier risks. Some takeaways of the session were the following:
-
· Compliance is related to the observance of all the applicable laws and regulations. It is a key part of corporate governance and it is aligned to the defined risk tolerance and capacity.
-
· Acquisition risks were categorized as a specific type of supporting risk, and any institution is susceptible to be affected by them. A supporting infrastructure is key to integrate the information of any occurrence of supply risk to the risk management framework.
Andreas Burgstaller
Head of Section, Operational Risk & Business Continuity
European Central Bank
Andreas Burgstaller is the Head of Operational Risk and Business
Continuity Management Section at the European Central Bank. During
his career in central banking, first at the Deutsche Bundesbank and
since 1999 at the European Central Bank, Andreas served the ECB in
different leading positions, among others in internal audit,
organizational planning, budget and controlling and IT governance.
Andreas is a Member of the ECB’s Operational Risk Committee and
represents the ECB on risk and resilience in various international
forums and professional working groups.
Rodney Garratt
Professor of Economics
UC Santa Barbara
Rod Garratt holds the Maxwell C. and Mary Pellish Chair in Economics
at the University of California Santa Barbara. He has served as a
Technical Advisor to the Bank for International Settlements, a
Research Advisor to the Bank of England and is a former Vice
President of the Federal Reserve Bank of New York. During his time
at the FRBNY he co-led the Virtual Currency Working Group for the
Federal Reserve System. After leaving the FRBNY he consulted for
Payments Canada and R3 on Project Jasper: a proof of concept for a
wholesale interbank payment system that uses distributed ledger
technology. Professor Garratt received his undergraduate degree from
the University of Waterloo and his PhD from Cornell University. He
has published in the top economics journals including
Econometrica, the American Economic Review and the Journal
of Political Economy. He is an Associate Editor of the Journal of
Financial Market Infrastructures, the Journal of Network Theory in
Finance and Digital Finance.
Dr. Ron Dembo
CEO and Founder
Riskthinking.AI
Dr. Dembo has had a distinguished academic research career at Yale
University and as a visiting professor at MIT. He was also the
Founder and CEO of Algorithmics Incorporated. Following the sale of
Algorithmics in 2005, he founded Zerofootprint, a venture focused on
climate change. More recently, he has developed a unique algorithm
for generating forward-looking scenarios and is applying it to
climate change in his latest venture, riskthinking.AI.
Dr. Dembo has received many patents and awards for his research and
in 2007 was honored as a Lifetime Fellow at The Fields Institute for
Research in Mathematical Sciences.
Erika Sequeira Rojas
Risk Coordinator
Central Bank of Costa Rica
She has worked for 15 years at the Central Bank of Costa Rica, with
10 years as a senior risk advisor in the Risk and Compliance
Department, and more than 18 years of experience in the banking and
governmental industry. Erika is an Industrial Engineer with a Master
in Business Administration from Universidad Antonio Nebrija, Madrid,
Spain; she also has a Master in Economics with emphasis in Banking
and Risk Management from UCR.
Marcela Conde Villegas
Risk Deputy Manager
Banco de la República (Colombia)
Marcela has been the Chief Risk Officer since January 14, 2019. She
studied finance, government and international relations at the
Universidad Externado de Colombia, completed the Executive Program
in Leadership and Global Business Management at the University of
California at Berkeley, and holds a Master's degree in banking and
finance from the Escuela de Finanzas Aplicadas of Spain.
She has held several positions, such as Corporate Risk Manager for
Grupo Aval, Vice President of Risk and Product at Fiduciaria Bogotá,
and National Manager Specialist in Asset Management at Grupo
Bancolombia.
Diogo Rodrigues
Head of Non-financial Risk Division
Banco Central do Brasil
Diogo Rodrigues is an industrial engineer and holds a Master of
Science and MBA. He is the head of organizational risk division of
Central Bank of Brazil for 5 years. Prior to his experience at the
Central Bank of Brazil he has worked at the Ministry of Finance, at
a railroad company and as a college professor.
Lissette Ponce
Manager Non-Financial Risks
Banco de México
Lissete Ponce is the Non-Financial Risk Manager, in charge of
identifying and assessing non-financial risks, managing the
institutional incident log and coordinating the development of the
Bank's business continuity programs.
She holds a Bachelor's degree in Actuarial Science from the
Universidad
de las Américas-Puebla and a Master's degree in Finance from the
Instituto Tecnológico Autónomo de México (ITAM). He also completed
the
Senior Management Program at the Instituto Panamericano de Alta
Dirección de Empresa (IPADE).
Cecilia Scalise
Senior Manager Risk Analysis
Banco Central de la República Argentina
Cecilia Scalise is a Certified Public Accountant, graduated from the
National University of Buenos Aires (UBA). She joined the Central
Bank of Argentina by public competition in 1982, developing her
professional career in the institution, holding different positions
in Economic Research and Statistics; General Accounting; Treasury;
since 2014 she has been Senior Manager of Risk Analysis.
She has given courses and participated in conferences in the country
and abroad on topics related to Financial Management, Strategic
Planning, Cash Management, Risk Management and Administration.
María Jesús Orellana
Head of the Operational Risk Department
Banco Central de Chile
María Jesús has been Head of the Operational Risk and Business
Continuity Department for a year and a half. She has a degree in
Industrial Civil Engineering and a Master of Science in Management
and Development in Business from the University of Manchester. She
has 13 years of experience in different Chilean industries, mainly
telecommunications, banking-insurance and mining, where she has
deepened her knowledge in risk management and efficiency, in
addition to managing business continuity in critical operations.
Adriana Corrales Rojas
Risk Management and Compliance Advisor
Banco Central de Costa Rica
Adriana is a lawyer and holds a degree in Public Administration.
Since 2013, she has been working for the Central Bank of Costa Rica
as Risk and Compliance Advisor. Previously, she worked as Internal
Auditor and in procurement and administrative contracting.
