Posted: 15 Jan. 2020 5 min. read

Risk and the family office: What’s top of the agenda?

At Deloitte Private’s 2019 Family Office Symposium in London, we used voting technology during one of the main plenary sessions to poll the audience - consisting of more than 50 senior executives of single family offices - on the topic of risk management.

The results showed that risk is high on the agenda for many family office executives, and so this blog post marks the first in a series on “Risk and the family office” where we’ll explore some of the key risk issues keeping family offices awake at night, as highlighted by our quick survey.

Which risks are highest on the agenda?

During the Symposium, we asked the attendees an open question on what they considered to be their greatest risks. The outputs from that question are summarised in the word cloud below.

The larger the word in the word cloud, the more family office executives mentioned that risk of being high on their list of risk issues. And whilst a number of risks appear multiple times and are phrased slightly differently, (e.g. cyber, cyber crime, cyber risk) the themes are unmistakeable.

deloitte private
  • Cyber risk
  • Investment risk
  • Tax and political uncertainty
  • Next generation
  • Economic crime
  • Succession planning

So who really cares?

deloitte private

The results show that despite many family offices having a low to mid attitude to risk, executives didn’t consider risk management to be high on the family’s agenda. This may be because they have not yet experienced a significant event that has threatened their family and so do not see the value in implementing risk management tools. However, as the pace of life continues to increase and our world becomes more reliant on technology, risks are evolving and becoming more complex to identify and react to. It therefore follows that it is the responsibility of the family office executive to educate the family and protect them from risks that they may not consider as potential threats.

What can I do about it?

All but one executive said that they manage risk in-house; yet 69% of the executives in attendance stated that they do not have a risk register within their organisation. Whilst this is not surprising given the nature of most family offices (small teams, limited resources and competing priorities), this is a straightforward way to start managing risk more effectively - and something we always recommend implementing no matter the scale of your organisation.

A risk register is where management seeks to document and monitor all possible risks that threaten the family office and family members. The live document lists out all identified risks, their likelihood of occurrence, scale of their potential impact, action points and action owners.

The risk register will be bespoke to each family office and the specific risks that they face. Some questions that you could ask when beginning to construct your risk register are:

  • What are we most concerned about that will negatively impact the family office/family?
  • Which of these are most likely to occur?
  • Which would have the biggest negative impact on the family office?

Working as a team to answer these questions, incorporating staff from different areas of your family office (including legal, tax, compliance, finance, investment management), to identify a vast range of risks and potential threats - this brainstorming exercise is the first iteration of your risk register.

Once you have identified the threats, the next step is considering how each of those threats (risks) can be prevented (or mitigated), and to identify actions in the event that they can’t be. For example, a classic key risk for any family office is the death of a principal. Having a clearly documented plan for when this happens, in our experience greatly improves the outcome for both the remaining family members - as well as the family office.

Sign up for the latest updates

Key contact

Charlotte Lord

Charlotte Lord

Senior Manager

Charlotte is a senior manager in our Investment Management and Private Equity practice with over 7 years of experience in external audit and advisory engagements, specialising in private wealth managers, private equity houses and family offices.

Jutta Tornivaara

Jutta Tornivaara


Jutta is a Director in our Investment Management and Private Equity practice specialising in audit and assurance for family offices. She has experience working with private equity houses, sovereign wealth funds and family offices. In addition to external audits, Jutta has delivered a number of AAF, ISAE3402 and SOC1 control reports, and has experience in performing bespoke operating model, asset verification and other reviews.

Jessica Hodges

Jessica Hodges


Jessica is a Partner within our Investment Management and Private Equity Audit and Assurance Practice and the UK lead for Family Office audit and assurance. She has spent 15 years at Deloitte helping to build our cross-service line Family Office team, and delivers a range of audit and assurance services to those clients, as well as other private asset managers – including large PE houses, Sovereign Wealth Funds and Endowment Funds. Jessica is passionate about the ESG agenda, and has presented at a number of events on the topic – specifically as it impacts private investment managers.