Language EN | DE

Partners in Risk & Capital Management

Non-Financial Risk Management

Reshaping the 3-LoD-Model for the Management of Non-Financial Risk and Improving Efficiency in the Resources Involved

Not only scandals with media attention and high reputational losses increased the focus on non-financial risks (NFR) in the last couple of years. Regulators also show high interest in management of NFR. Many financial institutions already invested in NFR management, but existing control functions with their own risk management processes and reporting structures lead to duplicated work, unnecessary costs and rejection of the NFR topic.

The challenge for financial institutions is to establish an integrated NFR framework that leads to a coordinated risk management methodology for all control functions, increases efficiency of resources being used and creates an enterprise-wide acceptance for NFR.

Our Approach

We support our clients by every step of the development and implementation of an integrated NFR framework:

  • Comprehensive enterprise-wide identification of all NFR (OpRisk, BCM, Compliance, Information and IT Risk Management, Cyber Risk, Project Risk, Reputational Risk, Business and Strategy Risk, Outsourcing Risk, Conduct Risk, Legal Risk, Model Risk, Step-In Risk)
  • Development of a consistent NFR taxonomy without overlaps
  • (Re-)Defining a governance structure for NFR management (three lines of defence model)
  • (Re-)Defining responsibilities of the 1st and 2nd Line of defence
  • Development of consistent risk management processes for all NFR functions
  • Implementation of a comprehensive NFR measure management
  • Building a consistent and comprehensive NFR reporting structure
  • Creating acceptance for NFR and establishing NFR in the financial institute‚Äôs risk strategy

Our Experience

  • Implementation of an Integrated Non-Financial Risk Management Framework at German banks
  • Design and application of an Integrated Risk Management system for financial institutions (conglomerates, specialised financial service providers) in Germany (method integration of OpRisk, BCM, Compliance and IT Risk Management)
  • Implementation of a reputational risk management at several German banks
  • Several NFR management gap analyses for status quo identification at German banks