Journal of Operational Risk

Marcelo Cruz

Editor-in-chief

Welcome to the first issue of Volume 18 of The Journal of Operational Risk.

We have received a number of very interesting papers lately, particularly on the application of machine learning (ML) techniques to operational risk – one of the industry’s key interests right now. We hope to present a few of these papers for your appreciation in forthcoming issues and we would welcome more submissions on the subject. In addition to ML and artificial intelligence, we would also welcome more articles on cyber and IT risks – not just on their quantification but also on better ways to manage these risks. We also hope to receive papers on important subjects such as enterprise risk management (ERM) and everything that this broad subject encompasses (eg, risk policies and procedures, implementing firmwide controls, risk aggregation, revamping risk organization, internal audit). As I have said in previous letters, analytical papers on operational risk measurement are still very welcome, particularly those that focus on stress testing and actually managing cyber and IT risks.

This issue includes a paper in which ML is used to comb the literature to see where research is published as well as its impact. We were proud to see that, according to the results in this paper, The Journal of Operational Risk is a leading light in this area. We also present in this issue a technical paper on measuring operational risk and two papers analyzing internal audit with an application to Greece.

RESEARCH PAPERS

In the issue’s first paper, “Operational risk: a global examination based on bibliometric analysis”, Haitham Nobanee, Maryam Alhajjar, Mehroz Nida Dilshad, Maitha Sultan Al Kuwaiti and Anoud Abdulla Al Kaabi perform a bibliometric study assessing the research on operational risk in order to raise awareness of this risk as well as of the related losses incurred by organizations. Based on the accuracy of the research data that the Scopus database holds, Nobanee et al selected that database to analyze the scientific productivity on operational risk. Their findings highlight both the gaps and the opportunities in the research in order to minimize losses for financial institutions. Their study quantitatively assesses the quality of research on operational risk using several metrics: citations, networks, coauthorship and region. Their findings reveal that the study of operational risk has gained in popularity over the past few years, with researchers hoping to identify the potential benefits of its minimization.

In our second paper, “Measuring tail operational risk in univariate and multivariate models with extreme losses”, Yang Yang, Yishan Gong and Jiajun Liu assess a few univariate and multivariate operational risk models in which the loss severities are modeled by some weakly tail dependent and heavy-tailed positive random variables and the loss frequency processes are some general counting processes. They derive some limit behaviors for the value-at-risk and conditional tail expectation of aggregate operational risks in such models (using the loss distribution approach). As we always appreciate in the journal, Yang et al also perform a few simulation studies to check the accuracy of their approximations and the (in)sensitivity due to different dependence structures or to the heavy-tailedness of the severities.

In the third paper in the issue, “Audit committee characteristics and the audit report lag in Greece”, Michail Nerantzidis, George Drogalas, Themistokles Lazarides, Evangelos Chytis and Dimitrios Mitskinis review prior empirical studies that investigate the effect of audit committee characteristics on audit report lag, and they provide insights about this corpus of scholarly literature. They also determine whether the composition of these audit committees impacts audit report lag in the context of an emerging market (Greece). Using a unique set of data, hand-collected from the annual reports of 130 firms listed on the Athens Stock Exchange, they conduct a multiple regression analysis to identify and explain this association. Their analysis identifies the four audit committee characteristics most frequently mentioned in the literature. By empirically examining these, they demonstrate that audit committee diligence is associated with a shorter audit report lag. Their results generally satisfy a number of alternative tests that control for different types of proxies and transformations of audit report lag and that could assist practitioners and/or policy makers in perceiving the efficacy of audit committee diligence as a means to improve the timeliness of financial reporting. This is, to the best of our knowledge, the first study to provide a synthesis of the prior literature and to examine this relationship in the Greek context.

In the issue’s fourth and final paper, “A risk-based internal audit methodology for Greek local government organizations”, Andreas Koutoupis, Stergios Galanis, Maria Kyriakou and Michail Pazarskis note that internal audit activities have been expanded worldwide in order to protect local government organizations, particularly municipalities. Although several previous studies have examined internal auditing in local government organizations and provided further development in this area, to the best of our knowledge none of them have developed a methodology for identifying and evaluating the possible risks when preparing an audit plan in municipalities in relation to Greece and elsewhere. Koutoupis et al aim to address this gap and to ensure the adequate identification, assessment and linkage of the risks that characterize the municipality within the audit universe for the preparation of an audit plan based on audit priorities. Further, their proposed methodology follows the International Professional Practices Framework and the International Standards for the Professional Practice of Internal Auditing.