Risk management is at an inflection point with regulatory authorities placing greater emphasis on managing non-financial risks (NFR) such as non-compliance, misconduct, and cyber risk.
Financial institutions need to implement a holistic risk management framework that includes a comprehensive risk taxonomy describing different types of risks, and a robust risk identification process to assess and mitigate non-financial risk across all lines of defense.
Institutions will need to move from the current piecemeal efforts to instead adopt a holistic approach to NFR. The foundation of an effective program to manage NFR, and a step that presents a challenge for many institutions, is to implement a comprehensive process to identify all the NFRs facing the organization. In this effort and as a first step, institutions should employ a comprehensive Risk Taxonomy and a comprehensive Risk Identification process.
As financial institutions develop their overall approach to managing NFRs, they should consider carefully the following four key levers to achieve success in today’s risk management environment.
Risk management today requires financial institutions take their programs to an entirely new level if they are to remain effective in a more unpredictable economic environment. Institutions that take these and the other steps discussed will be in a better position to manage NFR and meet increasing regulatory expectations in today's fast changing risk management environment.