OSFI issues final guideline on Operational Risk Management

OSFI (Office of the Superintendent of Financial Institutions) has issued their final guideline today for Operational Risk Management (ORM) for Canadian financial institutions. They’ve set a deadline of June 2017 for organizations to demonstrate compliance.

At Iceberg, we’ve worked closely with several Canadian FI’s on ORM projects to help harmonizing risk taxonomies, automate risk and control assessments, as well as more advanced projects to develop effective KRI/KPIs and reporting.  If you’d like to learn more about these projects, or have any questions about what OSFI’s new ORM guideline means to your organization, please email info@icebergnetworks.com or call us at 613-595-0808 x226.


OSFI / BSIFHere’s the full media advisory from OSFI:

The Office of the Superintendent of Financial Institutions (OSFI) today released a final version of the Operational Risk Management Guideline (Guideline E-21) following a public consultations process. The guideline outlines OSFI’s expectations for the management of operational risk and is applicable to all federally regulated financial institutions (FRFIs).

OSFI considers effective operational risk management essential to the safety and soundness of an institution and expects all FRFIs to have a framework for operational risk management. The guideline formalizes OSFI’s operational risk management expectations for FRFIs and outlines principles for effective operational risk management. The guideline promotes industry best practices and reflects international standards in operational risk management. It is principles-based so that the expectations can be scaled to reflect the nature and complexity of institutions in the course of supervisory oversight.

Quick Facts

  • The guideline contains a principles-based approach to regulatory requirements that reflects the nature, and complexity of institutions OSFI supervises.
  • OSFI expects FRFIs to demonstrate effective and comprehensive adherence to four high-level principles outlined in the guideline no later than June 2017.
  • The guideline provides a consolidated piece of guidance that allows institutions flexibility to meet the principles in a manner that suits their businesses.
  • The guideline incorporates several revisions resulting from comments received during the public consultation process, which began in August 2015.
  • A summary of material comments received from industry stakeholders and an explanation of how they have been addressed is available in a table attached to the cover letter.


“Federally regulated financial institutions have made significant improvements in their operational risk management practices over the last several years,” said Deputy Superintendent Mark Zelmer. “This guideline supports continual improvement in their operational risk management activities.”

Associated Links

Share this post:

Glen Gower

About the author

Glen is the director of marketing and communications at Iceberg.

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign-up to our Risk Intelligence Newsletter for updates on new content, resources and events from the Iceberg team.

We promise to respect your time and inbox!

Thank you! Please check your email to confirm your subscription.