Skip to main content
Image coming soon

The LOB Risk Expert's RCSA-to-OCC Reporting Playbook

$199.00
Adding to cart… The item has been added

A focused course, tailored for you

The LOB Risk Expert's RCSA-to-OCC Reporting Playbook

Turn LOB RCSAs, KRIs, and issue logs into the OCC heightened-standards evidence pack without the second-line rewrite cycle.

The quarterly LOB RCSA refresh keeps coming back from the second line with the same marks: risk inventory taxonomy mismatched, KRI thresholds untied to loss data, issue log not mapped to OCC heightened standards. The course closes that gap from the first-line side.

$199 one-time
Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Line-of-business risk experts inside US super-regional banks sit at a specific friction point. Enterprise risk publishes a taxonomy and a control library. Internal audit grades the LOB on whether its RCSA reflects them. The OCC heightened standards regime asks for evidence that the first line owns risk, not just acknowledges it. The board risk committee wants forward-looking KRIs, not backward-looking incident counts. Meanwhile the LOB's revenue side wants the risk reporting cycle to take less of their week. The squeeze produces the same artefacts every quarter: RCSAs that get rewritten by the second line, KRI dashboards that nobody on the business side trusts, issue logs that don't survive the OCC exam crosswalk, third-party risk reviews that arrive too late to influence vendor selection. The course fixes the first-line side of that loop: the artefacts you produce, scored against what the second line, internal audit, and the OCC actually want.

What you walk away with

  • Write LOB RCSAs scored against the enterprise risk taxonomy on the first submission, with second-line rewrite cycles eliminated.
  • Design KRIs anchored to your LOB's actual loss-event history and forward-looking enough that the board risk committee uses them.
  • Map every LOB issue and incident cleanly to the OCC heightened standards reference grid before the exam team asks.
  • Run third-party risk reviews early enough in the vendor lifecycle to actually influence selection, not rubber-stamp it.
  • Produce exam-ready narrative that ties LOB operational, credit, compliance, and third-party risk into one document the regulator reads in one sitting.

The 12 modules

Module 1. The first-line risk experts's actual remit inside a US bank
Where the LOB risk expert sits between enterprise risk, the second line, internal audit, and the LOB head. What the OCC heightened standards regime specifically expects of the first line. The artefact inventory you own: RCSA, KRI dashboard, issue log, third-party risk reviews, exam responses. What the second line owns instead and where the handoff actually breaks.
Module 2. Reading the enterprise risk taxonomy without rewriting your RCSA
How to consume the bank's enterprise risk taxonomy, operational risk event categories, and control library from inside the LOB. The taxonomy crosswalk that survives second-line review. Common taxonomy mismatches the LOB makes (overloading a category, missing a Basel event type, mis-attributing a control). The template for an RCSA submission that the second line accepts on the first pass.
Module 3. RCSA scoring rubrics that survive second-line challenge
Inherent risk, residual risk, and control effectiveness scoring rubrics specific to the LOB. How to calibrate ratings against the bank's own loss history rather than pulling numbers from the ceiling. What the second line actually checks (rating distribution, outlier rationale, control linkage). The evidence pack that backs each rating. The retrospective review on your prior RCSA cycle and where it lost time.
Module 4. KRI design anchored to LOB loss-event history
Pulling your LOB's own loss-event data from the operational risk database. Building KRIs forward-looking enough for the board risk committee while still grounded in what actually happened. Threshold setting that triggers action rather than dashboard fatigue. The KRI inventory the second line and the OCC examiner both find defensible. Common KRI failures (lagging-only, thresholds that never breach, breach with no escalation path).
Module 5. Issue and incident management the second line accepts
The lifecycle from issue identification to closure: rating, owner assignment, remediation plan, target date, sustainability evidence. How to write issue records that survive internal audit and external exam scrutiny. The remediation evidence pack. Aging metrics the second line actually monitors. The escalation triggers when an issue ages past target. The handoff to the bank's issue management system without losing first-line context.
Module 6. The OCC heightened standards reference grid
The specific OCC expectations for first-line risk ownership. How to map every LOB artefact (RCSA, KRI, issue log, third-party reviews, regulatory change management) into the heightened standards framework before the exam team asks. The self-assessment document the LOB owns. The gaps the OCC commonly cites and the LOB-side answer for each. The crosswalk from your RCSA control set to the heightened standards reference grid.
Module 7. Third-party risk from the LOB side
Vendor inherent risk tiering using LOB criteria, not just the central TPRM checklist. Inserting the LOB risk view early in the vendor selection cycle so the assessment influences the choice rather than rubber-stamping it. The TPRM artefact pack your LOB owns: business-line risk rating, control attestation review, ongoing monitoring KRIs, exit-strategy documentation. How to handle the concentration risk question when one vendor underpins half the LOB.
Module 8. Credit risk inputs the LOB owns (for commercial and retail banking lines)
Where the LOB risk expert intersects with credit: portfolio segmentation views, CECL input quality, concentration risk reporting, problem-loan escalation criteria. Not credit policy authorship, that lives in credit risk. The first-line credit risk artefacts: lending exception logs, covenant breach monitoring, watch-list nominations, CRE concentration reporting. The audit trail credit risk and the regulators actually examine.
Module 9. Compliance risk inputs the LOB owns
Regulatory change management from the LOB-receive side: how new rules get translated into LOB process changes. UDAAP, BSA/AML, CRA, fair lending, Reg E, Reg Z applicability to LOB activities. The compliance attestation pack the LOB signs. Where compliance testing is owned by second-line versus LOB. The regulatory exam-prep artefact set for compliance scope.
Module 10. Operational loss-event reporting and the Basel event categories
Capturing operational risk events the moment they happen, not three weeks later. The Basel event category mapping. Loss-event narrative that informs the RCSA in the next cycle. Near-miss capture and why the LOB usually under-reports it. The lessons-learned discipline that closes the loop from event back to control redesign.
Module 11. Exam preparation and the regulator-facing narrative
Building the single narrative that ties LOB operational, credit, compliance, and third-party risk into one document the regulator reads in one sitting. The exam-prep dry run with second-line and internal audit. The most common LOB-side findings (taxonomy mismatch, RCSA-issue disconnect, KRI threshold rationale missing, third-party gaps) and the answer for each. Anticipating the next exam cycle's themes before the OCC publishes them.
Module 12. The next cycle: making the quarterly cadence sustainable
The quarterly artefact production schedule that doesn't consume half the LOB risk expert's week. Automation candidates inside the GRC platform versus what genuinely needs manual judgment. The boundary with second-line where work that has crept into the first line gets handed back. The sustainable cadence that holds up across multiple quarters, multiple exam cycles, and the LOB head's revenue calendar.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Module 2 and 3 directly answer the most common second-line rewrite cycle on LOB RCSAs.
Module 4 fixes KRI dashboards that the board risk committee currently ignores.
Module 6 produces the OCC heightened standards self-assessment that the LOB owns.
Module 11 builds the exam-prep narrative pack the regulator reads in one sitting.

What you get with this course

  • 12 written course modules with downloadable templates for every artefact (RCSA, KRI design, issue record, OCC heightened standards crosswalk, third-party review pack, exam-prep narrative).
  • Hand-built implementation playbook tailored to the buyer's specific LOB (commercial banking, retail, asset management, capital markets, mortgage, or treasury services).
  • Risk taxonomy crosswalk worked example using the buyer's LOB risk inventory.
  • OCC heightened standards reference grid mapped against the buyer's LOB artefact set.
  • Loss-event capture and Basel event-category mapping worked example.

What you will have in hand by Day 1, Week 1, Month 1

Within 24 hours: account provisioned in the Art of Service learning environment, all 12 modules accessible, downloadable templates available.

Within 24 hours: hand-built implementation playbook tailored to the buyer's specific LOB delivered alongside course access.

Self-paced: typical buyer completes the 12 modules over 4 to 8 weeks alongside the quarterly RCSA cycle.

Quarterly: re-use the implementation playbook templates each cycle; refresh against any updated OCC guidance.

Before and after

Before

LOB RCSAs come back from the second line with taxonomy marks and rewrite requests. KRI dashboards exist but the board risk committee defers to lagging incident counts. The OCC heightened standards crosswalk is built scramble-style every exam cycle. Issue logs and third-party reviews live in separate systems with no narrative tying them together.

After

LOB RCSAs are accepted on first submission. KRIs are anchored to actual loss-event data and the board risk committee uses them. The OCC heightened standards self-assessment is maintained as a living artefact, not built under exam pressure. Issue, incident, RCSA, KRI, and third-party data tie into one regulator-facing narrative.

What happens if you do not address this

The next OCC heightened standards review or internal audit cycle finds the same gaps the prior cycle found. Second-line rewrite cycles continue to consume the quarter. The LOB head asks why the risk function takes a week of business-side time and still produces artefacts that get sent back. The first-line ownership the OCC expects shows up on paper but not in the evidence pack.

Who it is for

You are a Line-of-Business Risk Expert inside a US super-regional or large national bank. You sit inside a specific business line: commercial banking, retail, asset management, capital markets, mortgage, or treasury services. You own first-line risk identification, RCSA execution, KRI design and monitoring, issue and incident management, and the LOB-side view of third-party risk. You report into an LOB Chief Risk Officer or directly into the business line head. You write the artefacts the second line, internal audit, and the OCC heightened standards review actually read.

Who this is NOT for. Enterprise risk policy authors who never touch an LOB artefact. Second-line operational risk reviewers who score first-line work but do not produce it. Internal audit testers. Compliance officers whose remit is regulatory horizon scanning, not first-line execution. Risk technology product managers building the GRC platform but not using it.

How it arrives

Text-based course in the Art of Service learning environment, plus downloadable templates and worked examples for every module, plus the hand-built implementation playbook delivered alongside course access.

Time investment. Roughly 12 to 18 hours of focused study across the 12 modules, plus the time the buyer would already be spending on the next quarterly RCSA cycle. The course is built to compress that cycle, not add to it.

Why $199 is the right number

Internal training from the second line covers what the second line wants to see, not how the first line produces it. GARP and PRMIA cover enterprise risk theory at the policy layer, not the LOB artefact production layer. Big4 advisory engagements at this scope start in the high five figures and produce a deck, not the recurring template set the LOB will use every quarter. This course produces the artefact set the LOB risk expert uses every cycle.

FAQ

Is this specific to a particular LOB?
The course covers the artefact set common to every LOB risk expert role. The hand-built implementation playbook is tailored to the buyer's specific LOB (commercial banking, retail, asset management, capital markets, mortgage, or treasury services) and references the regulatory regimes that LOB actually faces.
Does this cover the second-line view as well?
It covers the second-line view only insofar as the first line needs to anticipate it. The course is written for the first-line LOB risk expert, not for operational risk reviewers in the second line.
Will this help with the next OCC exam?
Module 6 builds the OCC heightened standards reference grid. Module 11 builds the exam-prep narrative. The implementation playbook includes the exam-prep dry run template the LOB owns.
What about CECL and credit risk?
Module 8 covers the credit risk inputs the LOB owns (portfolio segmentation, CECL input quality, concentration reporting, problem-loan escalation) for commercial and retail banking LOBs. It does not authorise credit policy, which lives in credit risk.
Refund policy?
Thirty-day money-back if the course and implementation playbook are not what was promised.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.