Next Article in Journal
Did the Islamic Stock Index Provide Shelter for Investors during the COVID-19 Crisis? Evidence from an Emerging Stock Market
Previous Article in Journal
A Systematic Literature Review of Volatility and Risk Management on Cryptocurrency Investment: A Methodological Point of View
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Risks
Volume 10
Issue 5
10.3390/risks10050108
risks-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

A Proposed Methodology for Literature Review on Operational Risk Management in Banks

by
Ajjima Jiravichai
* and
Ruth Banomyong
Thammasat Business School, Thammasat University, Bangkok 10200, Thailand
*
Author to whom correspondence should be addressed.
Risks 2022, 10(5), 108; https://doi.org/10.3390/risks10050108
Submission received: 22 March 2022 / Revised: 17 May 2022 / Accepted: 18 May 2022 / Published: 23 May 2022
Browse Figures
Versions Notes

Abstract

:
The purpose of this paper is to propose a methodology that enables researchers to identify relevant search terms when conducting a literature review. This methodology requires an analysis of existing literature review articles on the topic under study to form keywords. The objective of this methodology is to reduce bias from keyword selection, to provide assurance on comprehensiveness and transparency of the review process, and to open up opportunities for interdisciplinary studies. In this paper, we tested our proposed methodology by exploring the field of operational risk management (ORM) in banks. Major issues in this literature exist that include controversy on the effectiveness of ORM measurement models and ORM data problems. We described how our methodology facilitated the development of keywords for a potential interdisciplinary approach that has the capacity to appropriately capture the complexity of ORM, thereby enhancing the understanding and ability to resolve the problem of operational risk effectively.

1. Introduction

A literature review is the process of identifying, collecting, analyzing, and synthesizing previous research and reporting the results (Snyder 2019; Boell and Cecez-Kecmanovic 2015; Tranfield et al. 2003; Webster and Watson 2002). It aims at increasing the understanding of a phenomenon while identifying the relevant body of knowledge (Webster and Watson 2002). Thus, a literature review serves as a foundation for future research and theory (Snyder 2019). To create valuable contributions, scholars have suggested readers follow their guidelines, select and use approaches suitable for research purposes and questions, combine a literature review with meta-analysis, or even apply computer techniques in a literature review (Galvan and Galvan 2017; Boell and Cecez-Kecmanovic 2015).
Unfortunately, none of these suggestions provides researchers with sufficient information on how to efficiently and systematically develop relevant search terms or keywords that can lead researchers to a comprehensive list of relevant articles and avoid irrelevant ones. Even though a Systematic Literature Review (SLR) aims to improve the review quality by its strict protocol or standardized method, it presumes that a complete set of relevant articles depends on a good keyword search (Boell and Cecez-Kecmanovic 2015).
Problems resulting from ineffective keywords have been widely recognized among scholars across disciplines, including business research, information systems, supply chains, and medical sciences. Naïve, basic, too broad, imprecise, and non-agreed lists of keywords can cause difficulties in locating the articles in a specific area of interest and in producing some initial insights (Boell and Cecez-Kecmanovic 2015; Levy and Ellis 2006; Rowley and Slack 2004; Barki et al. 1988). In contrast, specific keywords with a limited lifespan can cause challenges in identifying articles in an unknown domain (Levy and Ellis 2006). Keywords provided by experts can also cause bias in identifying literature (Durach et al. 2015). Furthermore, individually self-selected keywords rarely give the same results (Agrawal et al. 2010).
How can researchers scientifically develop relevant search terms that are not derived from their previous experience or find those that are outside their own disciplines? How can the “scientific” literature review process support researchers in developing relevant and powerful keywords? How are keywords identified and selected? It is critical for a literature review to be scientific, while the replicability of results is important. This requires starting with a method to identify relevant keywords to be used in the literature search.
In this paper, we propose a methodology on how to identify relevant keywords that can be further used in conducting a literature review. The proposed methodology consists of three main steps that are described in Section 2 of this paper.
By following these proposed three steps, researchers will be able to not only assess and identify research papers but also discover and form relevant keywords. Because the keywords are systematically developed, biases from subjective selection can be reduced. In addition, researchers will benefit from identifying keywords that are not limited to their initial disciplines, thus enhancing the coverage of relevant articles for their literature review as well as opening the opportunity for interdisciplinary studies.
Each step of the proposed methodology transparently describes search terms, database selection, and the inclusion/exclusion criteria in order to ensure that the conducted literature review benefits other scholars in comparing, contrasting, and expanding theoretical foundation in the same or across disciplines.
We describe that our proposed methodology is different from a bibliometric analysis in three main areas. They are goal, scope, and technique. The bibliometric analysis is the quantitative technique used when the review scope is broad. Its goal is to “summarize large quantities of bibliometric data and present the state of the intellectual structure and emerging trends of a research topic or field” (Donthu et al. 2021). For example, co-word analysis uses words as the unit of analysis to draw the conceptual structure of a framework (Aria and Cuccurullo 2017). In contrast, our proposed methodology, which includes a systematic literature review after identifying keywords, is based on a qualitative technique. Rather than relying on machine rule-based approaches to automatically extract keywords (Siddiqi and Sharan 2015), the proposed three-step method is to form new keywords from the reviewer’s analysis and synthesis of the literature. As such, the methodology is applicable regardless of the scope of the review and the quantity of the dataset.
In this manuscript, we explore the field of operational risk management (ORM) in the banking industry to test our proposed methodology on how to start a literature review with the identification of existing literature review papers on the same topic under study.
ORM in banks is an interesting area for the proposed methodology for two reasons. First, it is “truly a controversial topic” providing ample opportunity for future studies (Moosa 2007). Second, studies in this field contain major gaps that can possibly be resolved through an interdisciplinary approach (Green 2000).
ORM is a relatively young field and became an independent discipline from early 2000. While banks have been aware of risks associated with operations for a while, the Basel Committee on Banking Supervision (BCBS) elevated operational risk to a distinct and controllable risk category in 2003 (Eceiza et al. 2020; BCBS 2003). Operational risk in the banking sector is defined as “the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events”. It includes legal risk but excludes strategic and reputational risk (BCBS 2003). It arises from internal and external complex factors, including deregulation, globalization, cross-industry acquisitions, and technological advancements (Cetorelli et al. 2014; Moosa 2007; Cummins et al. 2006). It is considered one of the most pernicious forms of risk that can contribute to numerous failures with extensive impacts on financial institutions and global stability (Jorion 2007). From the annual banking loss report of the Operational Riskdata eXchange Association (ORX), one of the world’s leading operational loss data associations for banks and insurance companies, operational risk loss reported by the member banks in 2020 was Euro 16.7 billion with a cumulative total gross loss of Euro 513 billion since 2002 (ORX 2021). According to Bain & Company, banks have developed sophisticated systems for controlling their risks. Nonetheless, they have struggled to deal effectively with operational risk (Huber and Funaro 2018).
Nowadays, operational risk remains a controversial topic. Major issues stated in the literature fifteen years ago are still in recently published articles. Controversial topics on the usefulness of measurement models and data problems are still widely discussed in the banking ORM literature (Grimwade 2022; Ashby 2022; Wei et al. 2018; Pakhchanyan 2016). Recent studies on current and emerging threats, including climate-related and cyber risks, identified that a lack of data availability causes not only an absence of research on banks’ financial impacts but also the difficulties to insure them (BCBS 2021b; Hassani et al. 2020; Aldasoro et al. 2020; Carfora et al. 2019; Kopp et al. 2017; Eling and Schnell 2016; Biener et al. 2015; Wolff 2014; Chabrow 2012).
Even if there are plenty of best practices and regulatory guidelines, practitioners view that ORM in banks is in its infancy (Laot 2017) with difficulties and challenges in identifying and estimating risk exposures (Gardiner and Sikking 2010). Banks struggle with how to implement the framework (Girling 2022) and make good use of non-standard tools that are still in debate with no consensus (Grimwade 2022).
Major issues identified for more than fifteen years but yet to be resolved support our statement that the banking ORM discipline needs a new methodological approach. Our paper identified system dynamics (SD) as a potential method for future studies in this field. SD is a powerful method to gain insight into the dynamic complexity of the ORM system in banks and understand policy resistance (Sterman 2000). Without understanding policy implications on ORM performance, scholars are at risk of inventing models that mischaracterize the ORM system. Such models neither effectively manage operational risk nor resolve problems in this discipline.
SD is not new to ORM and one of the three studies that applied SD has been highly cited. However, there is still room for improvement. The shortcomings that we identified in the paper provide tremendous opportunities and challenges for future research.
The remainder of this paper is organized as follows. Section 2 proposes and presents the methodology for the identification of keywords in a literature review. Section 3 describes the test of our proposed methodology in banking ORM studies and presents the results. The findings are discussed in Section 4. Section 5 is the conclusion of the paper on contributions and limitations.

2. A Proposed Literature Review Methodology

The proposed methodology is based on three main steps. The first two steps aim at identifying relevant keywords, and the final step is to conduct a systematic literature review (SLR) using the relevant search terms from the previous steps to collect and identify relevant articles for analysis and synthesis. Figure 1 is a conceptual representation of the proposed methodology.
The first step follows the idea offered by Snyder (2019) to scan literature review articles as a starting point. According to Snyder (2019), this activity helps researchers assess the number of articles and clearly define the research purpose, scope, and questions. We further recommend the development of relevant search terms to be incorporated as part of this activity step.
Search terms are based on words and concepts that are directly related to the research questions (Xiao and Watson 2019). They can be extended by their synonyms and related terms (Rowley and Slack 2004). We further expand that these keywords need to be systematically identified and developed from the analysis of previous literature review articles. For example, from our review of the literature review articles related to banking ORM studies, we identified major gaps in the literature and general problems in banking ORM that require methodologies for future research to effectively manage risk in this discipline. We then used keywords based on characteristics of banking ORM that we obtained from the existing literature review articles. Because ORM is a complex, nonlinear, and uncertain system, we identified systems thinking (ST) as the search term for our literature search.
Typically, all literature searches yield many articles. The inclusion and exclusion criteria, which are based on the review’s focus, goals, and coverage, are generally used by researchers to identify relevant articles. However, inappropriate exhaustive criteria can result in irrelevant articles not inadequately omitted. Likewise, unsuitable precision criteria can result in missing articles (Randolph 2009). In order to mitigate the risk of overreliance on inclusion and exclusion criteria, we suggest the use of relevant search terms developed from the first step of our proposed method as a strategy to collect articles that are relevant to the research question. The second step is to conduct a review of literature review articles to assess, identify, and form an understanding of key findings that can help answer research questions. By conducting a literature review, the researchers will subsequently develop the relevant term from key findings. From our literature review, we identified five system thinking approaches. We used each ST approach as the search term to identify papers in the field of banking ORM studies that applied ST. We observed that system dynamics is the only ST approach that was applied by ORM studies. We then used SD as our relevant search term in the next step of the review.
The last step of our proposed methodology is to conduct a systematic review to collect existing evidence, analyze, and synthesize research findings. The SLR can ensure the comprehensiveness of the coverage of relevant articles collected for analysis and synthesis. It also assures the objectivity, transparency, and replicability of the literature review undertaken (Snyder 2019; Tranfield et al. 2003).

3. Validating the Proposed Literature Review Methodology in Banking Operational Risk Management Literature

This section describes how we conducted our proposed methodology in banking ORM studies. It also presents how we developed relevant search terms from the literature review articles and used them in search of a potential method for future studies.

3.1. Step 1—Review of Literature Review Articles on Operational Risk Management in the Banking Industry

We started the literature review with the identification of existing literature review papers related to ORM in the banking industry. We searched articles from Scopus in all fields (the title, abstract, and keywords) by using keywords relevant to the scope of the study. The selected keywords were: “operational risk” “bank or financial institution” and “literature review.”
From the search, we identified seven articles from Scopus. By excluding the papers that are not literature review articles, we identified four review articles within the scope of the initial literature search (Table 1).
From our review of the review articles, we identified major gaps in the literature and general problems in banking ORM. We also obtained an understanding of the banking ORM system’s characteristics and subsequently used them in developing the relevant search term.
The usefulness of measurement models in effectively managing operational risk is one of the controversial topics in the field of banking ORM. Pakhchanyan (2016) observed that almost 60% of the 279 ORM studies published between 1998 and 2014 dealt with capital adequacy requirements. We further observed that the majority of studies in this discipline focused on the development of measurement models that yield minimum capital charge (Mizgier et al. 2015; Li et al. 2014; Brechmann et al. 2014; Fantazzini et al. 2008; Dalla Valle and Giudici 2008), rather than explaining how models can cover adequate level of loss from pervasive and enormous operational risk (Sands et al. 2018; Herring 2002; Goodhart 2001).
In academia, bias and shortage of operational loss data are widely recognized as serious problems in modeling operational risk and conducting empirical studies (Moosa 2007; Power 2005). Pakhchanyan (2016) and Wei et al. (2018) presented a number of ORM studies using internal and external operational loss databases. Internal loss data, in general, lack reliability (Moosa 2007) while external public and pooled loss data are restricted only to huge losses (Chapelle et al. 2008) and accessible only to subscribers of specialized databases (Power 2005). BCBS allows banks to define and justify thresholds for operational risk data collection (BCBS 2021a). Therefore, in practice, the threshold for internal loss data collection varies between banks. External database vendors also set different thresholds for operational loss reporting. For example, SAS OpRisk Global Data, one of the existing public loss databases, set the minimum reporting threshold for operational risk loss at USD 100,000 (SAS Institute Inc. 2015) while the threshold of ORX is set at Euro 20,000 (ORX 2019). Although BCBS requires that these thresholds must be qualified as “appropriate de minimis gross loss threshold” (BCBS 2019), the fact that operational loss data below the thresholds will not be reported but accumulated remains. In practice, these thresholds cause bias in underreporting loss (Aldasoro et al. 2022). External data is also inherently biased due to the focus on immense losses (BCBS 2011b).
Data problem has also had a significant effect on the reliability of machine-learning systems. From the papers reviewed by Leo et al. (2019), a lack of data from which the fraud detection systems can learn is one of the major causes of false notifications made by these systems.
Climate-related and cyber risks, which are classified under operational risk (BCBS 2019), share the same characteristic of a lack of data (BCBS 2021b; Hassani et al. 2020; Aldasoro et al. 2020; Carfora et al. 2019; Kopp et al. 2017; Eling and Schnell 2016; Biener et al. 2015; Wolff 2014; Chabrow 2012). Inexperience with risk events, unknown patterns of risks, uncertainties around long-term impacts, and use of a third-party service provider cause an omission or a delay in discovering and reporting incidents (Aldasoro et al. 2020; Kopp et al. 2017). Working from home policy during the COVID-19 heightened cyber risk and imposes even more difficulties in assessing and reporting the risk impacts (Aldasoro et al. 2021). Concerning climate-related risk, an absence of statistical data gives rise to the lack of research on banks’ financial impacts from both physical and transition risks. Physical risks include damage to physical assets from natural disasters while transition risks result from societal changes, such as a transition to a low-carbon economy (BCBS 2021b). A lack of comprehensive and cohesive data affects not only scholars in conducting studies on cyber insurance (Eling and Schnell 2016) but also policymakers and practitioners in developing market discipline in cyber risk insurance (Aldasoro et al. 2020; Biener et al. 2015). Limited visibility of exchanged data on security incidents and measures across banks and insurance firms obstructs the development of best practices and policy frameworks for risk management (Eling and Schnell 2016; Biener et al. 2015; Wolff 2014). A lack of empirical evidence also constraints the development of quantitative models for cyber risk (Hassani et al. 2020) and the estimation of its insurance coverage (Chabrow 2012).
The new Standardized Approach (SA), which will be effective on 1 January 2023, uses only internal data sources for operational risk capital calculation (BCBS 2017). We share the same concern with Wei et al. (2018) over the reliability of capital reserve. Logically, the quality of input determines the quality of output. At what level can we rely on capital reserve provided by the measurement model that uses data with potential bias? In addition, if forward-looking operational risk data are not considered in the reserve calculation, how can banks assure that they have enough capital for operational risk events incurred as a result of banks’ future operations?
We further observed that there were attempts from academics in this field to develop measurement models from various techniques to solve data problems in banking ORM. These techniques are, for example, the calibration process that merges internal and external operational loss data (Frachot and Roncalli 2007) and Bayesian Network, which integrates forward-looking and backward-looking data (Cowell et al. 2007; Giudici and Bilotta 2004). However, the models from these techniques can neither prevent operational risk nor incentivize bank management in effectively managing the risk (Sands et al. 2018; Chapelle et al. 2008; Herring 2002; Goodhart 2001).
Major gaps in the literature and general problems in ORM described in the preceding paragraphs require a different methodology, in addition to the measurement models, to investigate and propose how operational risk in banks can be effectively managed. Operational risk incidents are so costly that society and the responsible organization cannot afford them (Vaughan 2005). Therefore, it is important that the newly identified methodology employs forward-looking and preventive risk management strategies (Cowell et al. 2007). In addition, the method should be able to resolve the data problem of ORM in order to support the reliability of measurement models.
From the review articles, we obtained these important keywords pertaining to ORM characteristics that are “complex”, “nonlinear”, “uncertain”, and “system”.
ORM is characterized by dynamically complex and uncertain. Interactions among staff make ORM a dynamic and complex system. Unlike market and credit risk management, ORM requires all staff within banks to be responsible for managing operational risk along the three lines of defense model (BCBS 2011a). According to the BCBS Principles for the Sound Management of Operational Risk (BCBS 2011a), the first line of defense is responsible for identifying, assessing, monitoring, and mitigating operational risk. As the second line of defense, the operational risk function is responsible for complementing and challenging the ORM activities of the first line of defense. The third line of defense is responsible for independently and comprehensively auditing the ORM framework and its implementation. Collaboration of staff in managing operational risk creates time delays and feedback loops. These time delays are, for example, delays in loss reporting after its incurrence, delays in implementing ORM policy after its design, and delays in learning after the training. Besides staff, ORM involves multiple stakeholders, including central banks, regulators, shareholders, rival banks, and the media. These multiple stakeholders create spillover effects that cause uncertainty in banking ORM. For instance, operational risk events in one bank can cause regulatory sanctions, loss of shareholders’ trust, and negative press coverage for all industry participants (Deloitte Development LLC 2018). Technological advancements, including financial technology, also create a new complex environment for ORM. They introduce emerging threats, expand the scope of ORM, and require even more capabilities from operational risk managers.

3.2. Step 2—Literature Review of Systems Thinking Approaches in Banking Operational Risk Management Studies

Because ORM is a complex system, it is important to take into consideration ST approaches. In the second step, we obtained an understanding of ST approaches and their applications in banking ORM studies via a literature review. We also developed a new relevant search term which is “system dynamics” from the key findings of our previous literature search.
A “system” is defined under the concept of the whole. Ackoff (1994) defined a system as “a whole that cannot be divided into independent parts or subgroups of parts”. A real system is interconnected (Meadows 2008). Each part of the whole system is interrelated and influences the other through feedback loops that cause the complexity of the whole system (Flood 2010).
ST is a discipline that allows researchers to experience the interconnectedness of life and seeing wholes, rather than parts (Senge 1990). ST approaches provide holistic views on complex and uncertain situations caused by interactions between variables (Reynolds and Holwell 2010). The five ST approaches are (1) viable systems model, (2) system dynamics, (3) strategic options development and analysis, (4) soft systems methodology, and (5) critical systems heuristics (Reynolds and Holwell 2010).
Under the general system theory of Ludwig von Bertalanffy (1968), the “wholeness” principles are valid for all systems, in general, regardless of the nature of their component elements. The view of “system isomorphisms” allows models to be used and transferred between different scientific fields. Because of the wholeness principles and the view of isomorphisms, the ORM system can be modeled through ST approaches.
We used Scopus to search for applications of the five ST approaches in banking ORM studies. We employed a combination of keywords and one equivalent keyword. The combined keywords consisted of “operational risk”, “bank”, and the search term for each of the ST approaches. We used financial institution as the equivalent keyword of bank. The search terms for each ST approach were: “viable systems model”, “system dynamics”, “strategic options development and analysis”, “soft systems methodology”, and “critical systems heuristics”. Table 2 presents the number of articles identified by using a combination of keywords. We observed that among the five ST approaches, only SD was used in the banking ORM study.
We can now posit that SD can be a potential methodology for the study of ORM in banks due to its capacity to provide insight into system issues (Wolstenholme 1999). SD can also explain behaviors of the system resulting from the ORM strategy (Homer and Oliva 2001). SD provides a powerful toolset for learning and understanding the behavior of complex systems like ORM. Because SD is well advocated and supported by scholars, its strengths are strengthened over time, thereby providing researchers with confidence in the quality of SD toolsets. Its qualitative and quantitative models can capture the dynamic complexity of the ORM system from feedback, multiple interconnections, nonlinearities, time delays, and accumulations (Sterman 2000). A causal loop diagram, a qualitative SD model, describes a system by portraying the relationships between entities and identifying the existence of feedback loops (Coyle 2000, 2001; Wolstenholme 1999). Simulations that run from the quantitative model help a modeler discover the flaws in a model and explain system behavior resulting from an application of policy or strategy (Homer and Oliva 2001).

3.3. Step 3—A Systematic Literature Review on the Use of System Dynamics in Banking Operational Risk Management

We followed the SLR methodology suggested by Banomyong et al. (2019) to identify where SD was applied when studying ORM in banks, and to evaluate how, to what extent, and for what purposes SD was used in these studies.
a. Selection of the database
From the second step of the review process, we searched Scopus for ORM studies that employed SD. From the search, we found only one relevant article. We then expanded our search, in this step, by selecting ProQuest, in addition to Scopus. Both Scopus and ProQuest have coverages of titles more than 7000 academic publishers worldwide (Elsevier n.d.; ProQuest LLC n.d.). These numbers are sufficient enough to provide us with information that support our analysis and conclusion.
b. Collection of articles
We searched Scopus and ProQuest for relevant published articles. A combination of three keywords and one equivalent keyword in all fields (the title, abstract, and keywords) was used to search for the articles. These three keywords were: (1) operational risk, (2) system dynamics, and (3) bank. Financial institution which is the equivalent keyword of bank was also used for collecting all relevant articles.
To support the objective of this review, we focused only on studies that employed SD in banking ORM. Therefore, we included only full text and peer review journal articles while we excluded book, book chapter, conference paper, conference review, and non-English articles from the review.
The search results are provided in Table 3.
c. Elimination of articles based on the inclusion and exclusion criteria
We initially screened titles and abstracts of the articles, and excluded (1) redundant articles, (2) literature review, bibliography, and similar, (3) annotation, book review, and similar, and (4) studies in the fields outside the banking industry. There were many times that we had to screen the full articles to decide whether the studies employed SD and whether the unit of analysis of the studies was ORM in the banking industry. Studies that only mentioned the term “system dynamics” but neither used it in their studies nor meant the SD approach were excluded. Examples of these studies are those that mentioned system dynamics either in their references or in the author’s bibliographic note. Likewise, studies that mentioned bank or financial institution in their references or in the author’s bibliographic note were excluded. Last but not least, studies where the unit of analysis was not ORM in the banking industry were excluded.
By applying the inclusion and exclusion criteria, only three relevant articles were left from 56 articles. They are presented in Table 4.
d. Classification of articles
From the three banking ORM studies that applied SD, we classified them into two groups: (1) Studies applying SD qualitative model and (2) studies applying SD quantitative model. Ramanujam and Goodman (2003) and Farhan and Alam (2019) used SD qualitative models in capturing dynamic interactions between variables that affect the ORM systems of the studied banks. Yan and Wood (2017) used the SD quantitative model in simulating losses in the mis-selling event. Table 5 summarized types of SD models used in these studies.
e. Summary and mapping of knowledge structure within the research domain
We further examined how these studies used SD in managing operational risk in banks. By following the approach taken by Besiou and Van Wassenhove (2021), we evaluated whether the use of SD in these studies is appropriate.
Ramanujam and Goodman (2003) developed a conceptual model of latent errors and used the model in explaining the complex relationships between latent errors, their antecedents, and consequences. Latent errors were defined as activities, events, or conditions that deviate from organizational expectations, and may cause adverse consequences. The study focused only on latent errors from routine operations. They are, for example, a deviation from standard operating procedures, noncompliance with transaction limits, and an omission in executing monitoring activities. The authors used SD to model the interactions between latent errors and trigger events. SD enabled the authors to incorporate feedback systems that explained the occurrence of adverse consequences in the model. We evaluated that SD is an adequate methodological approach for this study. The authors appropriately used the conceptual diagram in explaining an acceleration of latent errors and ineffective corrective actions that caused the collapse of Barings Bank. However, we observed that the diagram does not include other mechanisms that also cause adverse consequences. These mechanisms are, for example, errors from strategic decision-making and fraud. According to Bhalla (1995), information failure, including delays in Barings management decisions, was mainly accountable for the collapse of the bank. In addition, we observed that there is a need to quantify the effects of different types of latent errors in order to gain important insight into the dynamics of the system (Sterman 2000).
Yan and Wood (2017) constructed a structural model to estimate losses associated with the mis-selling of retail banking products. The authors used both Bayesian Network to determine the frequency distribution and SD to estimate the severity distribution of loss from mis-selling complaints. The authors developed a stock and flow diagram to track the accumulations of complaints as they moved through the system. A queueing system was incorporated into the model under the assumption that the complaints will not be investigated before the trigger event. The model was simulated to investigate losses attributable to redress, resourcing, and financial penalty in the mis-selling event. By using SD, the researchers were able to quantify the delay effects, such as hiring, training, and dismissal of the temporary staff. Although the study was claimed to be the first published literature that applies SD in the estimation of operational risk loss, we viewed that SD was not appropriate for this study for two main reasons. First, the study assumed that complaints from mis-selling products are homogeneous. We argued that homogeneity is the condition of SD but complaints from mis-selling products are, indeed, distinct individuals. Second, the study assumed that complaints would not be investigated before the trigger event. This assumption does not align with reality. In practice, banks do not wait until the number of awaiting complaints has materialized. In addition, according to Brailsford and Hilton (2001), SD is appropriate when the state changes are continuous and not at discrete points of time.
Farhan and Alam (2019) used SD to understand the interrelationships between variables affecting the noncompliance with legal and fiduciary duties of Pakistani Islamic banks. SD facilitated the collaboration between the researchers and the banks in modeling variables in the qualitative causal loop diagram. The preliminary model, which was constructed from the authors’ knowledge, was refined and validated based on semi-structured interviews with the selected practitioners. The qualitative model, which reflected the homogeneity assumption of SD, makes SD an appropriate methodology for this study. However, we observed that the model needs to be tested in order to uncover the flaws in the model. Furthermore, the impact of variables and their interactions in the model also need to be quantified.

4. Discussion

In this paper, we tested our proposed methodology by exploring the field of ORM in the banking industry. Controversial topics on the effectiveness of ORM measurement models and the data problem in banking ORM increase the need for interdisciplinary approaches in managing operational risk (Green 2000). To search for a potential interdisciplinary approach, we need keywords outside the ORM discipline. We showed how our proposed methodology facilitates the development of keywords for the potential method of future ORM studies.
We started by reviewing literature review articles in banking ORM studies to obtain an understanding of ORM characteristics, including its major problems. We then identified and developed keywords relevant to the ORM system from the review and analysis of articles. Banking ORM is a complex and uncertain system resulting from interactions between multiple stakeholders, spillover effects, and technological advancements. Data problem is a common problem of ORM. It is characterized by biased and incomplete operational loss data. Because of the dynamic complexity and uncertainty of the ORM system, we took into consideration the systems thinking approaches.
We observed from the literature search that only system dynamics was used in banking ORM studies. From our systematic review, we identified three ORM studies using SD in capturing, examining, and validating the dynamic interactions between variables in the systems under their studies. We further evaluated the application of SD in the three studies as it is at the initial stage. We observed the need to test the conceptual models of the two studies as well as to quantify the impacts of interactions between variables in the systems. One study that developed the SD quantitative model limited its application only to the operational loss from complaints of mis-selling retail banking products.
Figure 2 presents a summary of key findings from the test of the proposed methodology for literature review on ORM in banks.

5. Conclusions

The study proposed the methodology for systematically identifying and developing relevant keywords to be used in a literature review. Our proposed method ensures that a literature review is scientific, and the results are replicable. It justifies the hypothesis that keywords used by researchers can lead them to a comprehensive set of relevant articles, and answers questions, such as how can researchers scientifically develop relevant search terms that are not derived from their previous experience or find those that are outside their own disciplines? How can the “scientific” literature review process support researchers in developing relevant and powerful keywords? How are keywords identified and selected?
In this paper, we introduced and explained our proposed methodology, which we intend to make as simple as possible in order to promote the understanding and buy-in of researchers as well as to facilitate efficient application. The first step is the review of literature review articles, which helps the researchers in discovering and developing relevant search terms. In the second step, the researchers form an understanding of key findings that answer the research questions. The standardized protocol of systematic literature review, in the third step, helps ensure the quality of the review.
We validated our proposed methodology via the exploration of the ORM field. We walked the readers step-by-step through the proposed methodology and presented key findings from each step of the review. We discussed the characteristics of banking ORM as well as major gaps in the literature and general problems in banking ORM. We described how keywords for a potential interdisciplinary approach are systematically developed. Last but not least, we formed our analysis and synthesis from the SLR about how and how well system dynamics had been applied in previous studies in banking ORM.

5.1. Contributions

Our study provides two main academic contributions. First, our proposed methodology helps reduce bias in the selection of keywords. The methodology requires researchers to discover and form relevant keywords from a review and analysis of existing literature review articles. As a result, it allows researchers to be exposed to studies outside their own domain, thereby opening the opportunity for interdisciplinary studies. In addition, the methodology includes a systematic literature review that helps increase the quality of the review as well as assuring scientific results with replicability.
Second, to the extent of our knowledge, this paper is the first systematic review of SD applications in banking ORM. Our study contributes to the SD modeling literature by pointing to shortcomings in the practice of SD modeling in the field of banking ORM. These shortcomings serve as extensive opportunities for future interdisciplinary research in this field. We call for an interdisciplinary research team of ORM academia, SD modelers, and risk and policy experts to contribute to the extended use of SD to understand and manage the problem of operational risk in the banking sector. Furthermore, we encourage the researchers to involve risk managers and other key stakeholders, such as business unit managers and internal auditors, in constructing a model of risk drivers and their interactions. A model of risk drivers makes the assessment of the aggregate impacts, which are greater than the sum of individual parts possible (BCBS 2021b). Interactions between risk drivers can be simulated by using SD stock and flow diagram. The simulation model makes the analysis of large and complex models possible and efficient. In addition, simulation results enable the researchers and risk managers to select effective ORM policies and/or strategies. The engagement of stakeholders in the modeling process enhances the quality of the model and the implementation (Sterman 2000). The SD qualitative diagram is simple to understand and easy to use. It can be used with the case study method to enable understanding, trust, and data sharing between researchers and practitioners. The group model-building method where participants are able to share learnings through a group interaction process can be also employed to arrive at group consensus and commitment (Andersen and Richardson 1997; Vennix 1996). By being involved in the iterative modeling process, participants will form an understanding of the dynamic complexity of the ORM system as well as the implications of feedback created from the banks’ adopted policies. Participants will be able to develop skills, which are important for mitigating loss and managing operational risk.

5.2. Limitations

Like other literature review articles, our study depends on the reliability and accuracy of other studies. Validation of data accuracy with the primary studies and original sources of data helps mitigate this limitation. For example, we observed that Wei et al. (2018) did not provide information about the number of loss events and sample periods of some articles they surveyed. We validated the accuracy of data by reviewing these articles and found that some of them actually provided information about the number of loss events and sample periods. For instance, Chernobai and Yildirim (2008) used a total of 7680 operational loss data from a major commercial bank for a period of 39 months from 2004 onward to test and provide evidence that supported their proposed model. De Fontnouvelle et al. (2006) used the operational loss data in 2002 from two external databases to estimate operational risk capital. Homolya (2009) used a year-end 2008 non-audited data to survey the measurement approaches employed by Hungarian banks.
Our SLR reviewed only full text and peer review journal articles while we excluded non-English articles and conference or white papers. Generally, a systematic literature review cannot guarantee but it can provide assurance on the quality of our literature review. The use of more than one academic database like Scopus and ProQuest that have material coverages of titles and publishers worldwide provides a sufficient number of articles for our analysis and the formation of our conclusion.
The focus of this study was to systematically develop keywords to be used in a literature review, not developing the new literature review methodology per se. Therefore, a comparison between our proposed methodology and other literature review methodologies is not in the scope of this paper.
Our study does not cover questions such as why SD has not been widely used by academia in the field of banking ORM or whether other approaches, such as Discrete-Event Simulation and Agent-Based Modeling, are more suitable than SD for research in this field. However, we hope our paper inspires researchers in both extending and generating new research questions that encourage them to explore and discover a rigorous and novel methodology for future banking ORM research.

Author Contributions

Conceptualization, A.J. and R.B.; Methodology, A.J. and R.B.; Investigation, A.J.; Writing—Original Draft Preparation, A.J.; Writing—Review and Editing, R.B.; Supervision, R.B. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

Not applicable.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Ackoff, Russell L. 1994. Systems thinking and thinking systems. System Dynamics Review 10: 175–88. [Google Scholar] [CrossRef]
  2. Agrawal, Anukrati, Michelle Boese, and Saonee Sarker. 2010. A review of the HCI literature in IS: The missing links of computer-mediated communication, culture, and interaction. Paper presented at the Americas Conference on Information Systems (AMCIS 2010) Proceedings, Lima, Peru, August 12–15. Paper 523. [Google Scholar]
  3. Aldasoro, Iñaki, Jon Frost, Leonardo Gambacorta, and David Whyte. 2021. COVID-19 and Cyber Risk in the Financial Sector. BIS Bulletin No. 37. Basel: Bank for International Settlements, Available online: https://www.bis.org/publ/bisbull37.pdf (accessed on 13 May 2022).
  4. Aldasoro, Iñaki, Leonardo Gambacorta, Paolo Giudici, and Thomas Leach. 2020. Operational and Cyber Risks in the Financial Sector. BIS Working Paper No. 840. Basel: Bank for International Settlements, Available online: https://www.bis.org/publ/work840.pdf (accessed on 13 May 2022).
  5. Aldasoro, Inaki, Leonardo Gambacorta, Paolo Giudici, and Thomas Leach. 2022. The drivers of cyber risk. Journal of Financial Stability 60: 100989. [Google Scholar] [CrossRef]
  6. Andersen, David F., and George P. Richardson. 1997. Scripts for group model building. System Dynamics Review: The Journal of the System Dynamics Society 13: 107–29. [Google Scholar] [CrossRef]
  7. Aria, Massimo, and Corrado Cuccurullo. 2017. bibliometrix: An R-tool for comprehensive science mapping analysis. Journal of Informetrics 11: 959–75. [Google Scholar] [CrossRef]
  8. Ashby, Simon. 2022. Fundamentals of Operational Risk Management: Understanding and Implementing Effective Tools, Policies and Frameworks. New York: Kogan Page. [Google Scholar]
  9. Banomyong, Ruth, Paitoon Varadejsatitwong, and Richard Oloruntoba. 2019. A systematic review of humanitarian operations, humanitarian logistics and humanitarian supply chain performance literature 2005 to 2016. Annals of Operations Research 283: 71–86. [Google Scholar] [CrossRef]
  10. Barki, Henri, Suzanne Rivard, and Jean Talbot. 1988. An information systems keyword classification scheme. MIS Quarterly 12: 299–322. [Google Scholar] [CrossRef]
  11. Basel Committee on Banking Supervision. 2003. Sound Practices for the Management and Supervision of Operational Risk. Basel: Bank for International Settlements, Available online: https://www.bis.org/publ/bcbs96.pdf (accessed on 13 May 2022).
  12. Basel Committee on Banking Supervision. 2011a. Principles for the Sound Management of Operational Risk. Basel: Bank for International Settlements, Available online: http://www.bis.org/publ/bcbs195.pdf (accessed on 16 May 2022).
  13. Basel Committee on Banking Supervision. 2011b. Operational Risk—Supervisory Guidelines for the Advanced Measurement Approaches. Basel: Bank for International Settlements, Available online: https://www.bis.org/publ/bcbs196.pdf (accessed on 16 May 2022).
  14. Basel Committee on Banking Supervision. 2017. Basel III: Finalising Post-Crisis Reforms. Basel: Bank for International Settlements, Available online: https://www.bis.org/bcbs/publ/d424.pdf (accessed on 16 May 2022).
  15. Basel Committee on Banking Supervision. 2019. The Basel Framework. Basel: Bank for International Settlements, Available online: https://www.bis.org/basel_framework/ (accessed on 13 May 2022).
  16. Basel Committee on Banking Supervision. 2021a. Revisions to the Principles for the Sound Management of Operational Risk. Basel: Bank for International Settlements, Available online: https://www.bis.org/bcbs/publ/d515.pdf (accessed on 16 May 2022).
  17. Basel Committee on Banking Supervision. 2021b. Climate-Related Risk Drivers and Their Transmission Channels. Basel: Bank for International Settlements, Available online: https://www.bis.org/bcbs/publ/d517.pdf (accessed on 16 May 2022).
  18. Besiou, Maria, and Luk N. Van Wassenhove. 2021. System dynamics for humanitarian operations revisited. Journal of Humanitarian Logistics and Supply Chain Management 11: 599–608. [Google Scholar] [CrossRef]
  19. Bhalla, A. S. 1995. Collapse of Barings Bank: Case of Market Failure. Economic and Political Weekly 30: 658–62. [Google Scholar]
  20. Biener, Christian, Martin Eling, and Jan Hendrik Wirfs. 2015. Insurability of cyber risk: An empirical analysis. The Geneva Papers on Risk and Insurance-Issues and Practice 40: 131–58. [Google Scholar] [CrossRef] [Green Version]
  21. Boell, Sebastian K., and Dubravka Cecez-Kecmanovic. 2015. On being ‘systematic’ in literature reviews in IS. Journal of Information Technology 30: 161–73. [Google Scholar] [CrossRef]
  22. Brailsford, Sally C., and Nicola A. Hilton. 2001. A comparison of discrete event simulation and system dynamics for modelling health care systems. In Planning for the Future: Health Service Quality and Emergency Accessibility. Operational Research Applied to Health Services (ORAHS). Glasgow: Glasgow Caledonian University, pp. 18–39. [Google Scholar]
  23. Brechmann, Eike, Claudia Czado, and Sandra Paterlini. 2014. Flexible dependence modeling of operational risk losses and its impact on total capital requirements. Journal of Banking and Finance 40: 271–85. [Google Scholar] [CrossRef] [Green Version]
  24. Carfora, Maria, Fabio Martinelli, Franceso Mercaldo, and Albina Orlando. 2019. Cyber risk management: An actuarial point of view. Journal of Operational Risk 14: 195–208. [Google Scholar] [CrossRef]
  25. Cetorelli, Nicola, James McAndrews, and James Traina. 2014. Evolution in bank complexity. Federal Reserve Bank of New York Economic Policy Review 20: 85–106. [Google Scholar]
  26. Chabrow, Eric. 2012. 10 Concerns When Buying Cyber Insurance. Information Security Media Group. June 14. Available online: https://www.bankinfosecurity.com/10-concerns-when-buying-cyber-insurance-a-4859 (accessed on 13 May 2022).
  27. Chapelle, Ariane, Yves Crama, Georges Hübner, and Jean-Philippe Peters. 2008. Practical methods for measuring and managing operational risk in the financial sector: A clinical study. Journal of Banking and Finance 32: 1049–61. [Google Scholar] [CrossRef] [Green Version]
  28. Chernobai, Anna, and Yildiray Yildirim. 2008. The dynamics of operational loss clustering. Journal of Banking and Finance 32: 2655–66. [Google Scholar] [CrossRef]
  29. Cowell, Robert G., Richard J. Verrall, and Yoon Khuen Yoon. 2007. Modeling operational risk with Bayesian networks. Journal of Risk and Insurance 74: 795–827. [Google Scholar] [CrossRef]
  30. Coyle, Geoff. 2000. Qualitative and quantitative modelling in system dynamics: Some research questions. System Dynamics Review 16: 225–44. [Google Scholar] [CrossRef]
  31. Coyle, Geoff. 2001. Rejoinder to Homer and Oliva. System Dynamics Review 17: 357–63. [Google Scholar] [CrossRef]
  32. Cummins, J. David, Christopher M. Lewis, and Ran Wei. 2006. The market value impact of operational loss events for US banks and insurers. Journal of Banking & Finance 30: 2605–34. [Google Scholar] [CrossRef]
  33. Dalla Valle, Luciana, and Paolo Giudici. 2008. A Bayesian approach to estimate the marginal loss distributions in operational risk management. Computational Statistics and Data Analysis 52: 3107–27. [Google Scholar] [CrossRef]
  34. De Fontnouvelle, Patrick, Virginia Dejesus-Rueff, John S. Jordan, and Eric S. Rosengren. 2006. Capital and risk: New evidence on implications of large operational losses. Journal of Money, Credit and Banking 38: 1819–46. [Google Scholar] [CrossRef] [Green Version]
  35. Deloitte Development LLC. 2018. How Technology Is Shaping the Future of Operational Risk Management. The Wall Street Journal. June 5. Available online: https://deloitte.wsj.com/articles/how-technology-is-shaping-the-future-of-operational-risk-management-1528171333 (accessed on 13 May 2022).
  36. Donthu, Naveen, Satish Kumar, Debmalya Mukherjee, Nitesh Pandey, and Weng Marc Lim. 2021. How to conduct a bibliometric analysis: An overview and guidelines. Journal of Business Research 133: 285–96. [Google Scholar] [CrossRef]
  37. Durach, Christian F., Andreas Wieland, and Jose A. D. Machuca. 2015. Antecedents and dimensions of supply chain robustness: A systematic literature review. International Journal of Physical Distribution & Logistics Management 45: 118–37. [Google Scholar] [CrossRef] [Green Version]
  38. Eceiza, Joseba, Ida Kristensen, Dmitry Krivin, Hamid Samandari, and Olivia White. 2020. The Future of Operational-Risk Management in Financial Services. Brussels: McKinsey & Company, Available online: https://www.mckinsey.com/business-functions/risk-and-resilience/our-insights/the-future-of-operational-risk-management-in-financial-services (accessed on 13 May 2022).
  39. Eling, Martin, and Werner Schnell. 2016. What do we know about cyber risk and cyber risk insurance? The Journal of Risk Finance 17: 474–91. [Google Scholar] [CrossRef]
  40. Elsevier. n.d. Content Coverage. Scopus. Available online: https://www.elsevier.com/solutions/scopus/how-scopus-works/content?dgcid=RN_AGCM_Sourced_300005030 (accessed on 14 March 2022).
  41. Fantazzini, Dean, Luciana Dalla Valle, and Paolo Giudici. 2008. Copulae and operational risks. International Journal of Risk Assessment and Management 9: 238–57. [Google Scholar] [CrossRef] [Green Version]
  42. Farhan, Muhammad, and Hassan Mobeen Alam. 2019. Operational Risk Management in Islamic Banking: A System Thinking Approach. Paradigms 13: 83–89. [Google Scholar] [CrossRef]
  43. Flood, Robert Louis. 2010. The relationship of ‘systems thinking’ to action research. Systemic Practice and Action Research 23: 269–84. [Google Scholar] [CrossRef]
  44. Frachot, Antoine, and Thierry Roncalli. 2007. Mixing Internal and External Data for Managing Operational Risk. Available online: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1032525 (accessed on 13 May 2022).
  45. Galvan, Jose L., and Melisa C. Galvan. 2017. Writing Literature Reviews: A Guide for Students of the Social and Behavioral Sciences, 7th ed. New York: Routledge. [Google Scholar] [CrossRef]
  46. Gardiner, Philip, and Gert Jan Sikking. 2010. Risks in running the business. In Risk Management in Financial Institutions: Formulating Value Propositions. Edited by Jürgen Hendrikus Marinus Grinsven. Amsterdam: IOS Press BV, pp. 81–133. [Google Scholar]
  47. Girling, Philippa X. 2022. Operational Risk Management: A Complete Guide for Banking and Fintech. Hoboken: John Wiley & Sons. [Google Scholar]
  48. Giudici, Paolo, and Annalisa Bilotta. 2004. Modelling operational losses: A Bayesian approach. Quality and Reliability Engineering International 20: 407–17. [Google Scholar] [CrossRef]
  49. Goodhart, Charles. 2001. Operational Risk. No. sp131. Financial Markets Group. London: London School of Economics. [Google Scholar]
  50. Green, Bo. 2000. Cross the Borders. In Risk Behavior and Risk Management in Business Life. Edited by Bo Green. Dordrecht: Springer, pp. 1–36. [Google Scholar] [CrossRef]
  51. Grimwade, Michael. 2022. Ten Laws of Operational Risk. West Sussex: John Wiley & Sons. [Google Scholar]
  52. Hassani, Hossein, Stephan Unger, and Christina Beneki. 2020. Big Data and Actuarial Science. Big Data and Cognitive Computing 4: 40. [Google Scholar] [CrossRef]
  53. Herring, Richard J. 2002. The basel 2 approach to bank operational risk: Regulation on the wrong track. Journal of Risk Finance 4: 42–45. [Google Scholar] [CrossRef] [Green Version]
  54. Homer, Jack, and Rogelio Oliva. 2001. Maps and models in system dynamics: A response to Coyle. System Dynamics Review 17: 347–55. [Google Scholar] [CrossRef]
  55. Homolya, Dániel. 2009. The impact of the capital requirements for operational risk in the Hungarian banking system. MNB Bulletin (Discontinued) 4: 6–13. [Google Scholar]
  56. Huber, Jan-Alexander, and Daniele Funaro. 2018. How Banks Can Manage Operational Risk. Boston: Bain & Company, Available online: https://www.bain.com/insights/how-banks-can-manage-operational-risk/%20accessed%20October%2028,%202021 (accessed on 13 May 2022).
  57. Jorion, Philippe. 2007. Value-at-Risk: The New Benchmark for Managing Financial Risk, 3rd ed. New York: McGraw-Hill. [Google Scholar]
  58. Kaur, Gurpreet, and Renuka Sharma. 2017. Financial Risk Assessment and Management by Banks: Evidences from Past Research. International Journal of Applied Business and Economic Research 15: 265–82. [Google Scholar]
  59. Kopp, Emanuel, Lincoln Kaffenberger, and Christopher Wilson. 2017. Cyber Risk, Market Failures, and Financial Stability. IMF Working Paper No. WP/17/185. Washington, DC: International Monetary Fund, Available online: https://www.imf.org/en/Publications/WP/Issues/2017/08/07/Cyber-Risk-Market-Failures-and-Financial-Stability-45104 (accessed on 13 May 2022).
  60. Laot, Maxime. 2017. Managing operational risk in the banking business—An internal auditor point of view. In Extreme Events in Finance: A Handbook of Extreme Value Theory and Its Applications. Edited by François Longin. Hoboken: John Wiley & Sons, pp. 555–62. [Google Scholar] [CrossRef]
  61. Leo, Martin, Suneel Sharma, and Koilakuntla Maddulety. 2019. Machine learning in banking risk management: A literature review. Risks 7: 29. [Google Scholar] [CrossRef] [Green Version]
  62. Levy, Yair, and Timothy J. Ellis. 2006. A systems approach to conduct an effective literature review in support of information systems research. Informing Science 9: 181–212. [Google Scholar] [CrossRef] [Green Version]
  63. Li, Jianping, Xiaoqian Zhu, Yongjia Xie, Jianming Chen, Lijun Gao, Jichuang Feng, and Wujiang Shi. 2014. The mutual-information-based variance-covariance approach: An application to operational risk aggregation in Chinese banking. Journal of Operational Risk 9: 3–19. [Google Scholar] [CrossRef]
  64. Meadows, Donella H. 2008. Thinking in Systems: A Primer. London: Earthscan,. [Google Scholar]
  65. Mizgier, Kamil J., Manpreet Hora, Stephan M. Wagner, and Matthias P. Jüttner. 2015. Managing operational disruptions through capital adequacy and process improvement. European Journal of Operational Research 245: 320–32. [Google Scholar] [CrossRef]
  66. Moosa, Imad A. 2007. Operational risk: A survey. Financial Markets, Institutions and Instruments 16: 167–200. [Google Scholar] [CrossRef]
  67. Operational Riskdata eXchange Association (ORX). 2019. Operational Risk Reporting Standards (ORSS). Available online: https://managingrisktogether.orx.org/standards (accessed on 13 May 2022).
  68. Operational Riskdata eXchange Association (ORX). 2021. Annual Banking Loss Report Executive Summary. August 9. Available online: https://managingrisktogether.orx.org/loss-data/annual-banking-loss-report (accessed on 13 May 2022).
  69. Pakhchanyan, Suren. 2016. Operational Risk Management in Financial Institutions: A Literature Review. International Journal of Financial Studies 4: 20. [Google Scholar] [CrossRef] [Green Version]
  70. Power, Michael. 2005. The invention of operational risk. Review of International Political Economy 12: 577–99. [Google Scholar] [CrossRef] [Green Version]
  71. ProQuest LLC. n.d. ProQuest: A Global Leader in EdTech. Proquest. Available online: https://about.proquest.com/en/ (accessed on 14 March 2022).
  72. Ramanujam, Rangaraj, and Paul S. Goodman. 2003. Latent errors and adverse organizational consequences: A conceptualization. Journal of Organizational Behavior 24: 815–36. [Google Scholar] [CrossRef]
  73. Randolph, Justus. 2009. A guide to writing the dissertation literature review. Practical Assessment, Research, and Evaluation 14: 13. [Google Scholar] [CrossRef]
  74. Reynolds, Martin, and Sue Holwell. 2010. Introducing Systems Approaches. In Systems Approaches to Making Change: A Practical Guide. Edited by Martin Reynolds and Sue Holwell. London: Springer, pp. 1–24. [Google Scholar]
  75. Rowley, Jennifer, and Frances Slack. 2004. Conducting a literature review. Management Research News 27: 31–39. [Google Scholar] [CrossRef]
  76. Sands, Peter, Gordon Liao, and Yueran Ma. 2018. Rethinking operational risk capital requirements. Journal of Financial Regulation 4: 1–34. [Google Scholar] [CrossRef]
  77. SAS Institute Inc. 2015. SAS® OpRisk Global Data. A Comprehensive Database of Operational Loss Information. Available online: https://www.sas.com/content/dam/SAS/en_us/doc/productbrief/sas-oprisk-global-data-101187.pdf (accessed on 17 May 2022).
  78. Senge, Peter M. 1990. The Fifth Discipline: The Art and Practice of the Learning Organization. New York: Doubleday. [Google Scholar]
  79. Siddiqi, Sifatullah, and Aditi Sharan. 2015. Keyword and keyphrase extraction techniques: A literature review. International Journal of Computer Applications 109: 18–23. [Google Scholar] [CrossRef]
  80. Snyder, Hannah. 2019. Literature review as a research methodology: An overview and guidelines. Journal of Business Research 104: 333–39. [Google Scholar] [CrossRef]
  81. Sterman, John. 2000. Business Dynamics: Systems Thinking and Modeling for a Complex World. Boston: McGraw Hill. [Google Scholar]
  82. Tranfield, David, David Denyer, and Palminder Smart. 2003. Towards a Methodology for Developing Evidence-Informed Management Knowledge by Means of Systematic Review. British Journal of Management 14: 207–22. [Google Scholar] [CrossRef]
  83. Vaughan, Diane. 2005. Organizational rituals of risk and error. In Organizational Encounters with Risk. Edited by Bridget Hutter and Michael Power. Cambridge: Cambridge University Press, pp. 33–66. [Google Scholar] [CrossRef]
  84. Vennix, Jac A. M. 1996. Group Model Building: Facilitating Team Learning Using System Dynamics. West Sussex: John Wiley & Sons Ltd. [Google Scholar]
  85. von Bertalanffy, Ludwig. 1968. General System Theory: Foundations, Development, Applications. New York: George Braziller, pp. 30–53. [Google Scholar]
  86. Webster, Jane, and Richard T. Watson. 2002. Analyzing the Past to Prepare for the Future: Writing a Literature Review. MIS Quarterly 26: Xiii–XXiii. Available online: http://www.jstor.org/stable/4132319 (accessed on 13 May 2022).
  87. Wei, Lu, Jianping Li, and Xiaoqian Zhu. 2018. Operational Loss Data Collection: A Literature Review. Annals of Data Science 5: 313–37. [Google Scholar] [CrossRef]
  88. Wolff, Josephine. 2014. Models for cybersecurity incident information sharing and reporting policies. TPRC 43: The 43rd Research Conference on Communication, Information and Internet Policy Paper. Available online: https://ssrn.com/abstract=2587398 (accessed on 13 May 2022).
  89. Wolstenholme, Eric F. 1999. Qualitative vs. quantitative modelling: The evolving balance. Journal of the Operational Research Society 50: 422–28. [Google Scholar] [CrossRef]
  90. Xiao, Yu, and Maria Watson. 2019. Guidance on conducting a systematic literature review. Journal of Planning Education and Research 39: 93–112. [Google Scholar] [CrossRef]
  91. Yan, Huan, and Richard Wood. 2017. A structural model for estimating losses associated with the mis-selling of retail banking products. Journal of Operational Risk 12: 69–87. [Google Scholar] [CrossRef]
Risks 10 00108 g001 550
Figure 1. A proposed literature review methodology.
Figure 1. A proposed literature review methodology.
Risks 10 00108 g001
Risks 10 00108 g002 550
Figure 2. A summary of key findings from the test of the proposed methodology for literature review on operational risk management in banks.
Figure 2. A summary of key findings from the test of the proposed methodology for literature review on operational risk management in banks.
Risks 10 00108 g002
Table
Table 1. Literature review articles in banking operational risk management.
Table 1. Literature review articles in banking operational risk management.
Author (Year)TitleScopeNumber of Reviewed PapersDatabaseIdentified Gaps
Pakhchanyan (2016)Operational Risk Management in Financial Institutions: A Literature ReviewAcademic papers from all peer-reviewed scientific journals, irrespective of their rankings, on operational risk in financial institutions, covering the period from 1998 to 2014279Electronic databases, such as EBSCO and Google Scholar, and own collection specified as “articles referred to in previously identified studies and separately screen for relevance all the selected articles”A lack of research on the effect of operational loss events on the firm’s rivals and large shareholders
Concern over a reliability in the findings of empirical studies using internal database identified as scarce, inaccessible, and biased towards high-frequency and low-severity events
Kaur and Sharma (2017)Financial Risk Assessment and Management by Banks: Evidences from Past ResearchPublished and unpublished articles related to risk and distress in banks, covering the period from 2000 to 201650Not mentionedRequiring both the analysis of all parameters, including micro and macro factors, and alternative techniques for risk management scores
Wei et al. (2018)Operational Loss Data Collection: A Literature ReviewAcademic papers on the topic of operational risk in banks, covering the period from 2002 to 2017301Web of Science Core Collection platform and own collection specified as “relevant articles referred to in previously identified studies”Concern over a reliability in the estimation of operational risk from the Standardized Approach that accounts only the internal database identified as insufficient and biased towards high-frequency and low-severity events
Business environment and internal control factors (BEICFs), which provide “forward-looking assessments” of key business environment and internal control factors, such as Key Risk Indicators (KRIs) from Risk Control Self Assessments (RCSAs), not used as a primary source of data for operational risk capital calculation
Leo et al. (2019)Machine Learning in Banking Risk Management: A Literature ReviewPapers, including conference papers, journal articles, and selected theses (postgraduate or doctoral), that study the application of machine-learning in bank risk management, after 200750Google Scholar, SSRN, and ProQuest databasesLimited application of vast amounts of operational data internally available to a bank by existing researches
Table
Table 2. Number of banking operational risk management studies applying systems thinking approaches identified from a literature review.
Table 2. Number of banking operational risk management studies applying systems thinking approaches identified from a literature review.
Combined KeywordsNumber of Articles from ScopusCombined KeywordsNumber of Articles from Scopus
“operational risk”, “viable systems model”, and “bank”-“operational risk”, “viable systems model”, and “financial institution”-
“operational risk”, “system dynamics”, and “bank”1“operational risk”, “system dynamics”, and “financial institution”-
“operational risk”, “strategic options development and analysis”, and “bank”-“operational risk”, “strategic options development and analysis”, and “financial institution”-
“operational risk”, “soft systems methodology”, and “bank”-“operational risk”, “soft systems methodology”, and “financial institution”-
“operational risk”, “critical systems heuristics”, and “bank”-“operational risk”, “critical systems heuristics”, and “financial institution”-
Table
Table 3. Number of banking operational risk management studies applying system dynamics identified from a systematic literature review.
Table 3. Number of banking operational risk management studies applying system dynamics identified from a systematic literature review.
Keywords and Equivalent KeywordsNumber of Articles
ScopusProQuest
Operational risk40376270
Bank or financial institution7135
System dynamics155
Table
Table 4. Banking operational risk management studies applying system dynamics identified from a systematic literature review.
Table 4. Banking operational risk management studies applying system dynamics identified from a systematic literature review.
Author (Year)TitleObjectives and Scope of SD ApplicationSourceAssessed Gaps
Ramanujam and Goodman (2003)Latent errors and adverse organizational consequences: A conceptualizationThe study developed the concept of latent errors and used SD conceptual model to:
  • Examine the relationships between organizational antecedents, latent errors, and adverse consequences.
  • Explore the feedback systems and external triggers that link to an acceleration of latent errors.
  • Explain the collapse of Barings Bank caused by an acceleration of latent errors and ineffective corrective actions.
Data on latent errors were collected from a large financial institution consisting of 80 organizational units in three divisions that are private, retail, and corporate banking.		ProQuestThe effects of different types of latent errors that are execution, monitoring, and infrastructure need to be quantified in order to gain important insight into the dynamics of the system.
Yan and Wood (2017)A structural model for estimating losses associated with the mis-selling of retail banking productsThe study developed a structural model based on risk drivers and key dynamics, including resourcing cost and penalty, to estimate operational losses associated with the mis-selling of retail banking products. The frequency distribution is constructed using a Bayesian network. The severity distribution is developed using SD.
Operational loss data, specifically to the mis-selling scenario category on the retail banking business line from Western Europe and North America, were collected from Operational Risk eXchange database, covering period from H2 2010 to H2 2014.		ScopusSD is not appropriate for this study for two main reasons.
  • Distinct individual complaints are not qualified for homogeneous condition of SD.
  • Assumption that complaints will not be investigated before the trigger event is not qualified for a continuous state change of SD (Brailsford and Hilton 2001).
Farhan and Alam (2019)Operational Risk Management in Islamic Banking; a System Thinking ApproachThe study developed a causal loop diagram to understand the interrelationships between various characteristics of operational risk and its management.
The qualitative model was developed from the researchers’ knowledge and understanding through literature review and refined based on the semi-structured interviews with risk managers of sampling Islamic and conventional banks.		ProQuestThe model needs to be tested in order to uncover the flaws in the model. Impacts of variables and their interactions in the model also need to be quantified.
Table
Table 5. Types of system dynamics models used in banking operational risk management studies.
Table 5. Types of system dynamics models used in banking operational risk management studies.
Author (Year)Conceptual ModelCausal Loop DiagramSimulation ModelReal DataHypothetical Data
Ramanujam and Goodman (2003)XX X
Yan and Wood (2017)XXX X
Farhan and Alam (2019)XX X
Source: Adopted the table template from Besiou and Van Wassenhove (2021).
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Jiravichai, A.; Banomyong, R. A Proposed Methodology for Literature Review on Operational Risk Management in Banks. Risks 2022, 10, 108. https://doi.org/10.3390/risks10050108

AMA Style

Jiravichai A, Banomyong R. A Proposed Methodology for Literature Review on Operational Risk Management in Banks. Risks. 2022; 10(5):108. https://doi.org/10.3390/risks10050108

Chicago/Turabian Style

Jiravichai, Ajjima, and Ruth Banomyong. 2022. "A Proposed Methodology for Literature Review on Operational Risk Management in Banks" Risks 10, no. 5: 108. https://doi.org/10.3390/risks10050108

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop