top of page

Risk & Control
Self-Assessment

A platform for banks to Monitor & Manage Risks

sbi-SCREEN.png

*Note: Work is confidential, redacted to prevent visual publication.

Overview

The Operational Risk Management Department of the bank currently relies on a manual process to detect and assess operational risks arising from business operations, products, and activities from branches all over India. This approach is proving to be challenging as it makes it difficult to gather, store, and display risk impacts reported by different departments.

Role

Research

Facilitator

Task Flow

Wireframing

Prototyping

Testing

Tools

Balsamiq

Figma

Adobe CC

Suite

Miro

Notion

Concept

MS Excel

Duration

8 Weeks

The Challenge

The challenge is to design a digital centralized platform for departments and branches all over India, that allows respective employees to assess and report risk impacts, and provides a centralized storage system to display this information to decision-makers for prompt action.

1.

ORMD department is ineffective in managing and storing data.

2.

Empolyees find manual process complicated, time-consuming.

3.

Lack of inter-departmental collaboration and information sharing.

The Process

ux process.png

Empathise

Understanding the User

As this was a pre-existing manual process, I used the employee database to determine the users and their roles. It helped me in selecting the right group of people for conducting research interviews and focus groups.

department invloved.png

No of Departments and Involvement

age & designation.png

Overall Designations and Age range invovled in process

Insights

The existing process involves four key departments across India, each of which has four user roles actively participating in the process, including Assistant Manager, Chief Manager, Assistant General Manager, and Deputy General Manager.

  1. Operational Risk Management

  2. Business & Support Groups (B&SG)

  3. R&DB & Circles

  4. Validators at Internal Audit Department (IAD)/Circle Audit Office (CAO)

Qualitative Interviews

I conducted semi-structured interviews and focus groups of professionals who are AM, CM, AGM, and DGM, and Identified officials of the age group ranging from 25-58 years to understand their concerns regarding conducting assessments, coordination, and managing data manually in Excel. 

Semi-Structured Interview Process:

First, I gave users a questionnaire using google forms, and then I did one-on-one interviews over call to learn about their concerns and understand their pain points.

Sample user interview questions

  • Can you describe your current role and responsibilities in the risk management process within the bank?

  • What challenges have you faced with the current risk management process in the bank?

  • How do you gather and consolidate risk information in your department?

  • How do you ensure the accuracy and completeness of risk information collected in your department?

  • Can you describe your current process of sharing and tracking risk information with other departments?

  • Have you faced any difficulties with tracking and reporting risk information in real-time?

  • Are there any specific tools or software that you use to manage risks in your department?

  • How do you prioritize and mitigate the identified risks in your department?

  • What support or resources would you need to improve the efficiency and effectiveness of the current manual risk management process in the bank?

"I mostly share excel sheet to circles B&SG for gathering risks and consolidate it in one excel and present it to AGM, DGM. It is very confusing, stressful through MS-Excel. Can't keep track on risk reported in excel file"

Chief Manager

ORM Department

"I oversee risk reported in Excel by AM of my branch and provide email instructions for approval/rejection, which is difficult to cordinate with AM."

Assistant General Manager

B&SG- CAG

B&SG - CAG

"I need to keep track of risks that occur in the Ghatkopar branch by adding them to an Excel file and updating it to ORMD department on a monthly basis.

Assistant Manager

B&SG- Mumbai Branch

Gathering Insights
bulb illustration.webp

  • Most of them find it hard to maintain the data and are looking for some system to ease their work

  • AM often find updating rsik to excel sheet is tedious and boring

  • ORM department AGM spends more time to consolidate all risk reports in Excel file

  • People notice a decrease in data accuracy due to the manual process being used

  • Managing Excel files has become challenging due to the involvement of multiple departments

  • AGM/DGM are face difficulties in adding comments/remarks to branch level reports 

  • Updating responses after submitting the Excel is a challenge for many people

  • AM of branch are not able to back track the assessments

Define

User Persona

We discussed several users and their personalities to create user personas from the information derived from the interviews and insights.

I defined the two target group profiles Shebin and Nitin to better empathize with my main user groups and prioritize goals according to their needs.

RCSA User Persona 1.png
RCSA User Persona 2.png

Empathy Mapping

Based on the user persona, we created an empathy map to gain a better understanding of the user's feelings, thoughts, and pain points, to know the user better.

Empathy map-1.png
Empathy map-2.png

How might we create a centralized platform that can help departments to identify and manage operational risks?

Ideate

This section consists of some of the assumptions along with the requirement gathering, constraints and final trade-offs

I made to proceed with the design solution. Ideation provides both the fuel and also the source material for building prototypes and getting innovative solutions.

Platform Requirements

Based on Nitin and Shebin goals, needs and pain points, the platform should be

Reliable

  • Should manage and display accurate data and information

  • The automatic flow of data from the creation till reporting

Usable

  • Understand users needs & goals

  • Platform should be easy to use

  • Multi-user access with real-time functionality

Effective

  • User should be able to complete their goals with a high degree of accuracy

  • Complete task efficiently

Engaging

  • Platform should lookpleasant and gratifying to use

  • Platform must be personalised according to thier designation 

Assumptions

  • Users will access the bank system using their login credentials.

  • There will be dedicated employees within departments handling the process

  • User roles will be assigned by the ORM department

  • User in charge of managing risks (RCSA entity) will document the risks in the format of process, sub-process, activity, risk statements, risk owner, and causal factors

  • Risks will be reported with impact ratings of high, medium, or low

  • assistant manager of the branch will identify and report potential risks in the RCSA assessment

  • Users below DGM will require approval for their actions

  • Senior management will have the ability to approve/reject and add comments to specific RCSA reports

  • ORMD and the RCSA entity discuss and finalize the risks documented

  • The Internal Audit Department (IAD) checks the results of the RCSA to make sure that the risks rated as high are correct and consistent across different departments.

Constraint

The below constraints were made for this project to keep the design solution in a linear path in order to achieve the priority goal of the user

  • User access is limited to viewing details according to their designation and branch

  • Senior management must review every action taken by lower-level users before sharing the report with ORM

  • Users must manually check for any occurring risks in the branch/product and manually add them to the system.

Organization Structure 

Focus groups with departments helped us to understand the existing organizational structure based on their reporting, leading to a better understanding of prioritized areas.

organization chart.png

Proposed Roles & Responsibilities

Based on our understanding of the organizational structure, we plan to establish new user roles and responsibilities to simplify data management and accuracy checks within departments. 

ORMD.png

Roles for Operational Risk Management Department

B&SG.png

Roles for Business & Support Groups (B&SGs) Department

R&DB & Circles.png

R&DB & Circles

IAD.png

Roles for Internal Audit Department (IAD)/Circle Audit Office (CAO) Department

Proposed Task Flows

The task flows have been designed based on the user roles outlined previously. The overall process flow has been divided into three parts: User Management, RCSA Register (Assessment), and RCSA Exercise (executing assessments).

RCSA Assessment.png
user management.png
RCSA Creator flow chart.png

Prototype

In accordance with the user roles and responsibilities, multiple wireframes have been designed and the final versions are presented below. To view them, please click on the links provided.

rcsa wire-ui.png

Conclusion

Impact

Since the implementation of the new platform, we have seen significant users successfully able to complete tasks within 10-15mins and were able to create, check and assign assessments through the dashboard. Additionally, I have received positive feedback from users and the platform is performing well than before the manual process.

Takeaways

Working as a sole designer for the entire project was an extremely steep learning curve. I feel fortunate to have got an opportunity to work on this project.

Research: The cooperation and involvement of employees and other stakeholders in sharing their thoughts and experiences served as a cornerstone for our project.

Collaboration: The workshops were extremely beneficial in ensuring everyone was aligned and comprehended the purpose of digitizing the process. 

Like what you see?

Let's chat.

Email me at: adityatmulik@gmail.com  or Call me at: +971 522366418 

© 2025 All rights reserved by Aditya Mulik

© Copyright
bottom of page