We are pleased to welcome you to our Non-Financial Risk (NFR) Insights series. The series serves as a continuation of our original Point of View: The pressing case to design and implement a Non-Financial Risk Management Framework.
Each release will focus on one of the implementation categories:
Issue #6 – Supervision and Control Model
A supervision and control model for non-financial risk (NFR) identifies and reflects the controls associated with all relevant processes across all businesses and functions. In this issue, we review the challenges that commonly arise in the absence of a top-down control framework. We also look at what it takes to build an effective and efficient NFR control framework so that financial institutions can identify, measure, monitor, and mitigate NFR risks in a comprehensive yet efficient way.
Issue #5 – Measurement and monitoring
Measurement and monitoring contribute to an informed evaluation of non-financial risk (NFR). They can also help mitigate NFR and reduce the amount of operational risk capital that financial institutions must hold. In this issue, we examine what makes NFR uniquely challenging to measure and monitor, then explore an integrated model for overcoming these challenges and reducing the impact of NFR on an institution’s risk profile.
Issue # 4 - Culture
Risk culture refers to the norms, attitudes, and behaviors related to risk awareness, risk taking, and risk management in an organization. Risk culture’s significance increases for non-financial risk (NFR), as it can be difficult to create policies and procedures to manage all of them. Short comings in conduct,compliance, and other elements of non-financial risk are often the result of a risk culture gone sideways. Since the financial crisis, regulators have been dialing up the accountability. In this issue, we unpack the risk culture dimension of the NFR framework, including ways to assess it.
Issue # 3 - Governance
Adapting the existing governance model to include NFRs, with clear responsibilities across all risks.
Setting up a governance model with clearly defined roles and responsibilities, a compatible organizational structure and oversight committees is a prerequisite for effective and efficient NFR management. An emerging trend in the industry includes centralizing
NFR responsibilities in the second line of defence, often referred to as “umbrella function”.
Issue # 2 – Risk Appetite
An integrated Risk Appetite Framework, covering financial and non-financial risks, is fundamental to informed decision-making and steering an institution within the business and risk strategy.
Issue # 1 – Risk Taxonomy and Risk Identification
A thorough analysis of a bank’s risk profile that takes into consideration its business model and strategic direction is a fundamental prerequisite of an effective risk and control management framework; it necessitates a comprehensive risk taxonomy and a dynamic Risk Identification process.
What's next ?
Selecting and deploying a common infrastructure to link processes to controls and support measurement and management of risks, while enhancing automation and transparency
Creating a common reporting framework, where risks are monitored and communicated consistently across all lines of defence