Skip to main content
Image coming soon

The Regional Bank Operational Risk Quarterly Pack

$199.00
Adding to cart… The item has been added

A focused course, tailored for you

The Regional Bank Operational Risk Quarterly Pack

Build the quarterly operational risk evidence pack a US regional bank's ORC and the OCC examiner read first.

Your ORC pack and the examiner binder should tell the same story from the same data. In most regional banks they don't, and the gap is what gets cited.

$199 one-time
Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Operational risk in a US regional bank lives between three audiences with different reading habits. The Operational Risk Committee wants a one-page heat map plus the top five emerging risks with owners. The Chief Risk Officer wants the appetite-breach trail and what the first line did about it. The OCC horizontal review team wants the loss-event taxonomy, the RCSA refresh cadence, the issue-action log, and the bridge to capital. Most second-line risk teams produce three artefacts that diverge subtly, and that divergence is what shows up in MRAs. The course teaches the single source-of-truth model where the quarterly ORC pack, the appetite dashboard, the issue log, and the examiner binder all draw from the same underlying register, with versioned snapshots a regulator can rerun.

What you walk away with

  • Produce a quarterly ORC pack whose top three slides hold up under CRO and examiner reading.
  • Maintain one operational risk register that feeds the ORC pack, the appetite dashboard, the issue log, and the examiner binder.
  • Run an RCSA refresh cadence that keeps top risks current without burying business owners in reassessment work.
  • Bridge the appetite-breach narrative from limit excess to first-line action to capital implication.
  • Walk into the next OCC horizontal review with a binder the examiner can navigate without follow-up requests.

The 12 modules

Module 1. The three audiences and the single source-of-truth model
Map the reading habits of the ORC, the CRO, and the OCC examiner. Identify which artefacts each audience opens first and which they never read. Design a single underlying operational risk register that feeds every downstream artefact, with versioned quarterly snapshots so a regulator can rerun any prior ORC pack from the same data. Decide which fields are mandatory at register level and which are derived for the pack.
Module 2. Loss event taxonomy aligned to Basel categories
Set up the loss-event taxonomy using Basel event types as the top tier, with regional bank line-of-business overlays for retail, commercial, mortgage, and treasury. Define thresholds for capture, near-miss handling, and material loss escalation. Walk through how the taxonomy feeds both the ORC heat map and the AMA-style reference data the examiner will want to see, even where the bank is on the standardised approach.
Module 3. RCSA refresh cadence without business fatigue
Design a Risk and Control Self-Assessment cadence that refreshes top risks quarterly and tail risks annually. Build the survey instrument so first-line owners spend under sixty minutes per refresh. Tie RCSA outputs into the register's inherent and residual risk fields. Cover the supervisory expectation that the RCSA is not a checklist but a defensible point in time, and the workpaper trail that proves that.
Module 4. The quarterly ORC pack: top three slides
Construct the three slides the Operational Risk Committee actually reads. Heat map against appetite by business line. Top emerging risks with owner, target date, and last movement. Loss-event trend over rolling eight quarters with commentary on the outliers. Cover the CRO's standard questions and how the pack should answer them before they are asked. Include the version control and source-data footer the audit committee asks about.
Module 5. Appetite framework and breach narrative
Translate board-level operational risk appetite into measurable limits at the business-line level. Cover the difference between quantitative limits, qualitative statements, and key risk indicators that trigger the appetite conversation. Build the breach narrative template: what breached, what the first line did, what the second line recommends, what the board needs to know. Trace one worked example end to end.
Module 6. Issue and action log integration
Connect findings from internal audit, compliance testing, regulatory exams, RCSA, and loss events into a single issue and action log. Cover ageing, owner accountability, root-cause coding, and the escalation path when actions slip. Show how the log feeds the ORC pack as a leading indicator and how the OCC examiner uses it to test whether issues are genuinely closed.
Module 7. Third-party risk inside the operational risk story
Bring third-party operational risk into the same register rather than running it as a parallel programme. Cover OCC third-party guidance, the lifecycle stages where operational risk is most acute, and the inherent and residual fields the register needs to carry for vendors. Walk through a worked example of a critical vendor incident flowing into the loss-event taxonomy and the ORC pack.
Module 8. Operational resilience and severe-but-plausible scenarios
Build the severe-but-plausible scenario library that supports the resilience programme without duplicating the loss-event work. Cover impact tolerances by important business service, the mapping from service to people, processes, technology, third parties, and facilities. Tie scenario testing outputs into the ORC pack as a separate narrative thread the examiner expects to find.
Module 9. Conduct, fraud, and the harder-to-quantify exposures
Address the operational risk categories examiners ask about and risk teams under-report. Conduct risk including sales practices and complaints handling. Internal and external fraud trends. Model risk where the model serves an operational process. Build a register entry shape that captures these without forcing inappropriate quantification, and the ORC pack treatment that respects the qualitative nature of the evidence.
Module 10. OCC horizontal review preparation
Walk through the OCC horizontal review process for operational risk at a regional bank. Cover the pre-exam information request, the on-site interview shape, the typical workpaper requests, and the post-exam MRA categories. Build the examiner binder index so every artefact the OCC opens is one click from the cover page. Cover what to do when the team finds a gap during prep rather than during exam.
Module 11. The bridge from operational risk to capital and earnings
Connect the operational risk view to capital planning and CCAR or DFAST submissions where applicable. Cover how loss-event data feeds into operational risk capital under the standardised approach. Build the narrative that links the ORC pack story to the capital planning story so the two are not read as contradictory by the supervisor. Cover the treatment of operational risk in stress scenarios.
Module 12. Run the cycle and hand it over
Bring the previous eleven modules together into one quarterly operating rhythm. Calendar the inputs, the reviews, the sign-offs, and the publication dates. Define the role split between you, the line risk officers, the model risk team, and the resilience programme. Document the operating model so a successor can run the next cycle without losing institutional knowledge. Cover the audit trail an internal audit team will want to test.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Quarter-end approaches and the ORC pack draft is sitting at 70 percent completion with the heat map still in dispute between two business lines.
An OCC horizontal review notice lands and the team has six weeks to assemble a binder that holds together end to end.
An appetite breach has triggered and the CRO wants the breach narrative on her desk before the next risk and audit committee.
Internal audit has opened a finding on the RCSA refresh cadence and the response is due before the audit committee meeting.

What you get with this course

  • Twelve self-paced written modules covering the full quarterly operational risk cycle.
  • Downloadable templates for the loss-event register, RCSA survey, appetite breach narrative, issue and action log, and examiner binder index.
  • A worked end-to-end example of one quarterly ORC pack from raw register data to board-ready slides.
  • A hand-built implementation playbook tailored to your bank's business-line mix, regulatory cadence, and the specific gaps you flag during onboarding.

What you will have in hand by Day 1, Week 1, Month 1

Within 24 hours: account in the Art of Service learning environment provisioned, all twelve modules accessible, templates downloadable, tailored implementation playbook delivered alongside course access.

Week one: complete modules one through four and produce a first-pass register design for your bank's business-line mix.

Week two: complete modules five through eight and run the RCSA cadence redesign against your existing top-risk inventory.

Week three: complete modules nine through twelve and assemble a dry-run examiner binder against your most recent ORC pack.

Before and after

Before

The quarterly ORC pack, the appetite dashboard, the issue log, and the examiner binder each tell a slightly different story because they draw on subtly different underlying data, and the gaps surface during exam.

After

Every operational risk artefact draws from one register with versioned quarterly snapshots, the ORC pack top three slides hold up under CRO and examiner reading, and the horizontal review binder is one click deep from any artefact the OCC opens.

What happens if you do not address this

An OCC horizontal review that finds the second-line evidence does not reconcile across artefacts produces MRAs that take quarters to clear and pull the team into remediation work instead of forward risk identification.

Who it is for

Second-line operational risk professional at a US regional bank, working inside the Risk Management function with reporting lines to the CRO. Owns the quarterly ORC pack, the RCSA programme, parts of the appetite framework, and the examiner-facing evidence bundle for operational risk. Has lived through at least one OCC horizontal review and knows the gap between the internal narrative and the binder the examiner actually reads.

Who this is NOT for. Not for first-line business control officers who own residual risk acceptance in a single line of business. Not for credit risk analysts. Not for IT risk specialists whose primary deliverable is technology risk register entries. The course assumes you sit in the second line and own the cross-line evidence story.

How it arrives

Text-based course in the Art of Service learning environment, plus downloadable templates and worked examples for every module, plus the hand-built implementation playbook delivered alongside course access.

Time investment. Twenty to thirty hours across three to four weeks of self-paced reading, template work, and applying the material to your bank's current quarterly cycle.

Why $199 is the right number

Big four consulting on a regional bank operational risk redesign runs into six figures and three to six months of engagement. Internal redesign without a reference model takes two to three quarters and usually replicates the gaps. The course gives you the reference model and a hand-built playbook tuned to your bank for $199 within 24 hours.

FAQ

Does this apply if our bank is on the standardised approach rather than AMA?
Yes. The taxonomy, register, and ORC pack design are independent of capital approach. The capital module covers both the standardised treatment and the reference data examiners expect to see regardless of approach.
We already have a register in a GRC tool. Does the course assume we replace it?
No. The course is tool-agnostic and assumes you keep your current register. The work is on the field model, the snapshot discipline, and the downstream artefact alignment.
How tailored is the implementation playbook?
It is hand-built against the business-line mix, regulatory cadence, and specific pain points you flag during onboarding. It is not a generic template with your bank name pasted in.
What if my role is more on the resilience or third-party side than the ORC pack?
Modules seven and eight cover third-party and resilience in detail, and the playbook is tuned to the part of the cycle you own.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.