Bpo Risk Management

Download Bpo Risk Management

Post on 25-Jun-2015




4 download

Embed Size (px)


<ul><li> 1. Process Improvement &amp; Risk Managementfor ITES / KPO / BPO IndustryRiskpro, India 1</li></ul> <p> 2. Who is Riskpro Why us? ABOUT USMISSION Riskpro is an organisation of member firmsaround India devoted to client service Provide integrated risk managementexcellence. Member firms offer wide range consulting services to mid-large sizedof services in the field of risk management.corporate /financial institutions in India Currently it has offices in three major cities Be the preferred service provider forMumbai, Delhi and Bangalore and alliances complete Governance, Risk and Compliancein other cities.(GRC) solutions. Managed by experienced professionals withexperiences spanning various industries. VALUE PROPOSITIONDIFFERENTIATORS You get quality advisory, normally deliveredby large consulting firms, at fee levelsRisk Management is our main focuscharged by independent &amp; small firmsOver 200 years of cumulative experience High quality deliverablesHybrid Delivery model Multi-skilled &amp; multi-disciplined organisation.Ability to take on large and complex projects Timely completion of any taskdue to delivery capabilities Affordable alternative to large firms We Hold hands, not shake hands.2 3. Alarm Bells for the ITES / BPO/ KPO Industry High AttritionData Security &amp; Privacy Fraud Risk High employee turnover of Secure environment More than 4 million USDover 40% considered only as a hygieneembezzled when an employee factor by many companiesmanaged to steal password of Attrition rate higher in voice bank account of companybased processes Data security related incidents are internal in nature Employee sold off source code Attrition rates decline while Breach in data security causesto competitormoving up the value chainreputational damage Loss of USD 20 million bywithin functional offeringsimproper hedging by Data security and privacy Impacting profit margins and breach causes legal expensesunauthorized personnelincreasing hiring and training and loss of business Preferential treatment tocosts Only 50% companies believecertain vendors Decreases productivity that data security measures Recruitment fraud by are critical for competitiverecruitment team at Indian advantage subsidiary of large IT company3 4. Offerings for ITES / KPO / BPO Industry Process Review, Formulation and Implementation Fraud prevention and detection Code of ethics and whistleblower policyProcessProcessImprovementFormulation IT governance Corporate governance Security and IT property protection Network securityTraining and Workshop Risk Physical security AssessmentPersonnel security Business continuity plan Review of internal controls Design of regulatory checklist IT audit and control assessments Independent audits4 5. Offerings for ITES / KPO / BPO Industry Risk Assessment Fraud risk Security risk Network securityProcessProcessImprovementFormulation Physical security Personnel security Business continuity planning and disaster recovery (BCP/BCM)Training andRisk People risk WorkshopAssessment Financial risk Governance and compliance risk IT governance risk Corporate governance risk Security and IT property protection compliance risk Fraud risk management compliance risk5 6. Offerings for ITES / KPO / BPO IndustryTraining and WorkshopTrainings for entry level employeesContinuous training programs for employeesInspirational leadership training programs forProcessProcessImprovementFormulationmid level and senior level managementWorkshops for increasing motivation ofemployeesTrainings for hedging techniquesTraining andRiskFraud awareness training WorkshopAssessmentBusiness continuity and disaster recoveryawareness training Web based training In-class training Training Needs Analysis6 7. Offerings for ITES / KPO / BPO Industry Process Improvement Process review Cost planning Efficiency improvementProcessProcessImprovementFormulationStreamlining existing processesImproving capacity utilizationImproving seat utilizationBusiness process reengineering Knowledge Management ProgramTraining and RiskInternal Control WorkshopAssessment Investment in technologyAutomationNew IT systemsCloud computing Knowledge management program 7 8. Knowledge Management Program EXAMPLE OFFERINGProblem StatementHigh attrition rate means that exiting employees and entering employees upset theenvironment as follows: Exiting employees take critical and confidential data New employees take significant time to learn the process Background checks become time consuming given the large volume of recruitments Data access controls may be absent Work flows and user guides are not availableRiskpro Solution Comprehensive review of requirements and establish a proper Knowledge ManagementProgram Implement Desktop instructions, user guides so that new employees can start off quicklyand minimize mistakes Proper access control and archival of digital data in secure folders Tool enablers to manage the recruitment, background verification8 9. Web Based Risk Management TrainingEXAMPLE OFFERING Today organisations face immense regulatory, compliance and operational risks People who execute key processes such as settlements, trading, financialprocesses, account opening, customer complaints etc are many a times freshgraduates and some times not trained enough Why Untrained people often make excessive errors or ignore key process controls Web based training is a very cost effective way to impart knowledge to largeemployee base to minimize operational and reputational risks This is not E Learning. This is real industry experts talking about key issues. A series of 5-10 sessions are customized and outlined that touch upon key riskissues and compliance requirements. How Practical, industry knowledge is shared as the speakers are industry experts The sessions are grouped with other users to bring down delivery costs. We canalso deliver sessions exclusively for your organisation. Training can be delivered as low as Rs 150/ employee / per session. How Much We can discuss your training requirements and provide final quote9 10. Example: Web based Training -BPO / KPO / ITES EXAMPLE OFFERINGSession TopicKey Learning DurationEmployee related Risks Key people related policies and controls2 Hours Workplace ethics and employee harassment Important employee efficiency and effectiveness processesFraud Risk ManagementOverview and examples of frauds in BPO / KPO sector 1Hours Detection of frauds through database queries Building effective fraud risk Analytics and ReportingData Confidentiality and Security Concerns 2 HourData Theft Information Security and data theft Business Continuity / Internal ControlsCustomer SatisfactionEffectively managing customer satisfaction1 Hour Risk Awareness and training to StaffReputation RiskRole of employees in reputation risk management 1 HourManagement Outsourced arrangements and increase in reputation riskTotal Training7 HoursTarget Audience:Branch Banking Staff, Operations Dept, Customer Service and Clearing Depts,Internal Audit. Even all new hires at lower levels can benefit.Training Price Rs 750 /employee for all 5 sessionsRs 150 / Employee/ Session (Minimum 25 employees)10 11. Critical Issues / Risk Gaps facing BPO IndustryIssuesPossible Solution Competition Review of business risk strategies and developing risk Competition from global players indicators to review the threats from competition both on pricing and quality of services Review of IT governance and control framework to ensure that Data Confidentialitydata confidentiality is maintained. Loss of customer data, breach Mapping of confidential customer data through the process to identify areas where the fraud / breach could take place. of data confidentiality clauses Clean-Desk policies no paper, no pens on workstations Regulatory Compliance Design of regulatory checklist for major processes and then Non compliance with regulations mapping this to Team leaders responsible for compliance may result in significant Developing regulatory compliance tracking systems that penalties, both for company and ensures timely escalation and resolution overseas client 11 12. Critical Issues / Risk Gaps facing BPO Industry IssuesPossible Solution Product Concentration Review of product concentration risk and recommend solutions Most of the BPO firms have for diversification in terms of geographies or implement suitable concentration in either one or strategies to mitigate the impact of product concentration two product types of one or two geographies FX Risk Review of IT governance and control framework to ensure thatdata confidentiality is maintained. Large fluctuations in FX rates Mapping of confidential customer data through the process to impacts directly the profitability identify areas where the fraud / breach could take place. of the organisation Client Audit / Contract Designing a process to effectively manage and monitorcontract and client audit requirements Non compliance with client audit Implement a process to accept standard and executable / contractual requirements may clauses in the contract. result in termination of Review of Reporting requirements such that commitment is agreementmade only for achievable reporting12 13. Critical Issues / Risk Gaps facing BPO Industry Issues Possible Solution Rapid Startups Review of current processes and control framework for key BPO firms set off expandingactivities. Helping management to enhance control framework rapidly resulting in processes / and implement documented policies and processes for critical, control framework laggingrisk prone areas. behind Poor Infrastructure Inadequate BCP /DR setups can Poor infrastructure and inadequate BCP /DR setups can impact the continuousimpact the continuous operations of the firm operations of the firm High Attrition Review of recruitment policies and framework Significantly increases Implementing compliance certification process to ensure inefficiencies, internal frauds, compliance with set policies data thefts and poor customer Risk Awareness and training to Staff service 13 14. Critical Issues / Risk Gaps facing BPO IndustryIssuesPossible Solution Lack of Training Evaluation of training requirements for critical process from a Inadequate training budgets risk perspective to determine adequate levels of training result in significant inefficiencies, Implement a monitoring process to determine deviations from frequent process breaks and training calendar and escalation mechanism potential frauds / loss events People Risk Evaluation of HR policies for adequacy of HR framework Implement effective whistle blower policy for reporting issues Large number of staff results inrelating to Sexual harassment, frauds, data breach etc people related risk such as Designing an incident management system to effectively record reputation risk, negative remarks and monitor staff related issues Inaccurate Reporting Wrong reporting, data Review of controls around the data processes, reconciliations, processing may result in client exception reports and escalations to ensure that data is incorrect data processing byprocessed correctly client 14 15. Critical Issues / Risk Gaps facing BPO IndustryIssues Possible Solution Security Audits Assistance with annual security audits of the critical Absence of security audits on aapplications and processes periodic basis Poor incident Management Any security incident, or Design a incident management framework to effectively operational loss event, incident manage security breaches, handle process failures and is not effectively and timelyoperational losses managed Improper transition and Documentation and standardization of documentation documentation Process review to ensure complete migration of processes to Incomplete knowledge transfernew location on migration of processes from Knowledge gap assessment to determine key gaps and cracksin the process value chain to minimize process failures global locations15 16. Risk Management Advisory Services Basel II/III Advisory Corporate RisksInformation Security Market Risk Enterprise Risk Assessment IS Audit Credit Risk Fraud Risk Information Security Operational Risk Risk based Internal Audit IT Assurance ICAAP Operations Risk IT Governance Forensic servicesSERVICES Operational RiskGovernance Other Risks Process reviews Corporate Governance Business/Strategic Risk Policy/ Process Review Business Strategic risk Reputation Risk Process Improvement Fraud Risk Outsourcing Risk Compliance Risk Forensic Accounting Contractual RiskTrainingRecruitment Banking E Learning Virtual Risk Managers Corporate Training Full Time Risk Professionals Regular Risk Management Training Part time Risk Professionals Online Training material Risk Managers on call free Workshops / Events 16 17. Riskpro Clients Our ClientsAny trademarks or logos used throughout this presentation are the property of theirrespective owners 17 18. Contacts and Office LocationsCorporate Mumbai Delhi Bangalore Riskpro IndiaManoj Jain Rahul BhanCasper AbrahamVentures (P) LimitedDirector DirectorDirectorM- 98337 67114 M- 99680 05042M- 98450 61870manoj.jain@riskpro.inrahul.bhan@riskpro.in casper.abraham@riskpro.ininfo@riskpro.inwww.riskpro.inShriram GokteHemant SeigellPrincipal - Information Risk VP Risk ManagementC 561, Defence colony M- 98209 94063 M- 99536-97905New Delhi 110024shriram.gokte@riskpro.in hemant.seigell@riskpro.inAhmedabad Pune AgraGurgaonMaulik Manakiwala M.L. JainAlok Kumar AgarwalNilesh BhatiaAssociate FirmPrincipal Strategy RiskAssociate FirmHead Human CapitalM - 91 9825640046 M- 9822011987M- 99971 65253Consultingmljain@riskpro.inM- 98182 93434Gourav Ladha nilesh.bhatia@riskpro.inSap Risk AdvisoryM- 97129 52955THANKS18</p>


View more >