The future of non-financial risk in financial services

Article

The future of non-financial risk in financial services

Building an effective non-financial risk management program

Risk management is at an inflection point with regulatory authorities placing greater emphasis on managing non-financial risks (NFR) such as non-compliance, misconduct, and cyber risk. Financial institutions need to implement a holistic risk management framework that includes a comprehensive risk taxonomy describing different types of risks, and a robust risk identification process to assess and mitigate non-financial risk across all lines of defense.

Institutions will need to move from the current piecemeal efforts to instead adopt a holistic approach to NFR. The foundation of an effective program to manage NFR, and a step that presents a challenge for many institutions, is to implement a comprehensive process to identify all the NFRs facing the organization. In this effort and as a first step, institutions should employ a comprehensive Risk Taxonomy and a comprehensive Risk Identification process.

PDF - 3.07mb

As financial institutions develop their overall approach to managing NFRs, they should consider carefully the following four key levers to achieve success in today’s risk management environment.

  • Strategy: Institutions require a clear process and explicit ownership to incorporate all material NFRs into their business strategies and risk appetite, while having in place appropriate metrics and risk limits.
  • Three lines of defense: The three lines of defense risk governance model should be reassessed to clarify the responsibilities of each line of defense in managing NFR.
  • People and culture: Many institutions will discover they need to hire or develop additional skills among their employees to address NFRs, such as in cyber risk, and also to build a culture, led by senior management, where employees throughout the organization recognize the importance of managing NFR.
  • Emerging technologies: New technologies—such as big data, natural language processing, robotic process automation, and predictive analytics—should be leveraged to automatically scan a wider set of data sources to provide early warning signals of potential risk events while at the same time reducing compliance costs through automation.

Risk management today requires financial institutions take their programs to an entirely new level if they are to remain effective in a more unpredictable economic environment. Institutions that take these and the other steps discussed will be in a better position to manage NFR and meet increasing regulatory expectations in today's fast changing risk management environment.

 

Local Contacts

Laurent Berliner
Partner | EMEA FSI Risk Advisory Leader
T +352 451 452 328
lberliner@deloitte.lu

Jean Philippe Peters
Partner | Risk Advisory
T +352 451 452 276
jppeters@deloitte.lu

Roland Bastin
Partner | Risk Advisory
T +352 451 452 213
rbastin@deloitte.lu

Stephane Hurtaud
Partner | Risk Advisory
T +352 451 454 434
shurtaud@deloitte.lu

Eric Collard
Partner | Forensic & AML, Restructuring
T +352 451 454 985
ecollard@deloitte.lu

Michael JJ Martin
Partner | Forensic & AML, Restructuring
T +352 451 452 449
michamartin@deloitte.lu

Martin Flaunet
Partner | Audit
T +352 451 452 334
mflaunet@deloitte.lu

Pascal Martino
Partner | Banking & Digital Leader
T +352 451 452 119
pamartino@deloitte.lu

Benjamin Collette
Partner | Strategy, Clients & Industries Leader
T +352 451 452 809
bcollette@deloitte.lu

Insert CSS fragment. Do not delete! This box/component contains code needed on this page. This message will not be visible when page is activated.

Did you find this useful?