Operational Risk & Control Effectiveness: Practical Management for Financial Institutions

Date: 23rd June 2026
Venue: DoubleTree by Hilton Kuala Lumpur

Classroom Training

WHY THIS PROGRAM?

Operational risk is a fundamental concern for financial institutions due to its potential to cause significant financial losses, reputational damage, regulatory sanctions, and disruption to critical services. In an environment of heightened regulatory scrutiny, rapid digitalization, and increasing operational complexity, financial institutions are expected to demonstrate strong operational risk management practices and effective internal controls.

This program is designed to enhance participants’ understanding of the nature and sources of operational risk, its impact on institutional resilience, and the regulatory expectations governing its management. The program highlights the importance of robust operational risk frameworks, sound governance, and effective controls embedded within day-to-day business activities. Participants will gain insights into how regulators assess control effectiveness, how risk assessments and monitoring tools are used to identify control weaknesses, and how institutions can strengthen assurance and promote a proactive risk management culture.

The program equips participants with practical knowledge and skills that can be directly applied to their daily roles in managing operational risk and strengthening control effectiveness within financial institutions.

  • Key Learning Outcomes and Takeaways
    • Explain key concepts, sources, and impacts of operational risk in financial institutions
    • Analyse and relate regulatory and supervisory requirements to governance and control practices
    • Incorporate Risk and Control Self-Assessments and Key Risk Indicators effectively into decision making
    • Apply operational risk assessment and monitoring tools to identify control weaknesses and emerging risks
    • Evaluate and recommend improvements to operational controls to strengthen risk management, compliance, and assurance

AGENDA

Module 1: Understanding Operational Risk and Why it Matters: Nature, Sources, and Impact
  • What operational risk means in practice (beyond formal definitions)
  • Where operational risk actually arises: people, processes, systems, and external events
  • How operational risk translates into:
    • Financial loss
    • Regulatory scrutiny
    • Business disruption
    • Reputational damage
Module 2: Understanding Regulatory Expectations and Avoiding Common Findings
  • Core regulatory principles for operational risk management
  • Governance structures, risk appetite, and ownership responsibilities
  • Typical supervisory findings, and what triggers them
Module 3: Linking Risk Assessments and Monitoring Tools to Control Effectiveness
  • Risk and Control Self-Assessments (RCSA): making them practical and decision-useful
  • Using Key Risk Indicators (KRIs) as early indicators
  • Loss event data and incident reporting, and what they can teach us
  • Identifying control gaps and root causes
Module 4: Strengthening and Enhancing Control Effectiveness and Assurance Mechanisms
  • Designing and implementing controls that genuinely mitigate risk
  • Assessing design and operating effectiveness
  • Turning control failures into meaningful remediation
  • Building sustainable assurance and a strong control culture
How you will learn
  • Interactive, experience-based lectures
  • Facilitated discussions grounded in real-world scenarios
  • Practical examples and case illustrations from financial institutions
  • Open Q&A to reinforce learning and address real challenges

EXPERT COURSE DIRECTOR

Lan Yann Erl is an accomplished Governance, Risk & Compliance (GRC) practitioner with over 26 years of senior leadership experience across leading financial institutions. She brings deep expertise in operational risk management, regulatory compliance, internal audit, and risk-based assurance, with a strong track record of strengthening control environments, embedding compliance culture, and enhancing institutional resilience. Lan is a trusted advisor to senior management and Boards, having worked extensively with Board Committees on governance oversight, regulatory expectations, and risk management effectiveness. Her experience includes designing and enhancing operational risk and compliance frameworks, leading thematic reviews and special investigations, managing regulatory engagements with Bank Negara Malaysia, and overseeing remediation of supervisory findings. She is formally accredited as an HRD Corp Malaysia–Accredited Trainer and is highly regarded for designing and delivering impactful governance, regulatory compliance, and operational risk training programs for Board members, senior management, and business units. Her training approach is practitioner-led and experience-based, focused on translating regulatory and risk requirements into clear, practical, and business-relevant actions. Lan has held senior roles including Head of Group Regulatory Advisory, Head of Compliance Governance, Head of Group Operations Control, and Head of Operational Risk Management. Across these roles, she led enterprise-wide risk framework implementation, control testing programs, breach investigation and reporting, business continuity and resilience initiatives, and first-line risk ownership models aligned to the Three Lines of Defense. Her professional qualifications include Chartered Banker, certifications in compliance, AML/CFT, governance, and digital banking, and formal accreditation as an HRD Corp trainer. She is a Fellow of the International Compliance Association (FICA) and a Professional Member of the Institute of Operational Risk (UK).

KEY SKILLS

  • Ability to identify, assess, and articulate operational risks across business activities
  • Understanding of regulatory and supervisory expectations for operational risk management
  • Practical application of operational risk tools such as RCSAs, KRIs, and incident reporting
  • Capability to evaluate control design and operating effectiveness
  • Skills to identify control gaps, root causes, and emerging operational risks
  • Enhanced judgement in strengthening control effectiveness and management assurance
  • Improved risk awareness, accountability, and control culture within business units

WHO WILL BENEFIT FROM THIS PROGRAM?

  • Operational Risk Management and Enterprise Risk professionals
  • Compliance officers
  • Internal Auditors and Control Assurance teams
  • Business Unit Heads, Managers, and Process Owners
  • Operations, Finance, and Shared Services managers
  • Governance, Risk, and Control (GRC) and Risk Analytics practitioners

REGISTRATION

*Please note there is a fee for attending this program. Please contact us for more details.

Approving Manager

Verification

Before completing this registration form please read and understand our booking and cancellation policy. Thank you.

Booking, Payment and Cancellation Policy – important, please read carefully

By completing, signing and revised, sent separately us this registration form you are confirming participants on the program. You are also confirming your understanding of our Booking, Payment and Cancellation Policy.

Cancellation Policy: If participants cannot attend the program, replacement participants are always welcome. Otherwise, participants must notify us any of cancellations or requests to transfer to a different program at least 14 days before the program date to be eligible for a refund, less a 5% administration on fee. Participants who cancel within 14 days of the program start date are liable to pay the full program fee and no refunds will be given. Instead fees will be converted to a REDmoney Seminars voucher equivalent to the original fee, less a 10% administration charge. This voucher is transferable within your organization and must be redeemed within one year of issue or become void. If a program is postponed for whatever reason registrations and fees will be automatically transferred to the new program date. Participants who wish to transfer to a different program will be subject to the same terms as above and charged any difference in fees. No refunds or program vouchers will be issued for a no-show.
Payment Terms: All program fees are payable upon invoice. REDmoney shall receive the full program fee with no deductions of any description. All telegraphic transfer fees, taxes and levies (domestic or otherwise) shall be borne by the sponsoring organization.
CAPTCHA image

This helps us prevent spam, thank you.

HRDCorp

FEE

Fee per participant: RM2,600/US$700

Please note that the Ringgit price is applicable to Malaysia-domiciled participants only. Discounts are available for group bookings. Please contact us for more details.

HRD-Corp-Claimable-Logo

Send me Details

Register Now

IN-HOUSE/GROUP TRAINING

If you are looking for an in-house training program or wish to send a group to an existing public program, kindly please contact Andrew Tebbutt at [email protected] or +603 2162 7802.
Learn More

Contact us

For any inquiries contact us
Our team will be glad to answer any questions you may have about this event.