Non-Financial Risk Management: Getting It Right

by Sunil Rana, August 2021

Financial institutions have paid a record amount of fines in recent years for various non-financial risks (NFR) emanating from compliance issues, conduct and cultural issues plaguing the senior management, cyber security weaknesses etc. In Australia alone, several high profile cases of fines and penalties have been witnessed in the recent months. The investigations by AUSTRAC, ASIC or Royal Commission identified several serious breaches of trust and misconduct. Similarly, a recent report by the Wall Street Journal stated that Credit Suisse, Bank of America, Credit Agricole were fined by EU for Bond-Trading Cartel(1). It is not therefore surprising to learn that global surveys have consistently put the banking sector in poor light when it comes to the topic of public trust.

In Australia, following the recent failures of corporate governance, ASIC has been putting a lot more spotlight(2) on the issue of NFR and its Corporate Governance Taskforce provided an extensive viewpoint on this in its 2018 report dedicated to the topic: “Director and Officer Oversight of Non-Financial Risk”. It made it very clear that the non-financial risks have very real financial risks for companies, their investors as well as their customers. ASIC’s review highlighted important shortcomings when it came to managing non-financial risks amongst major financial institutions. The study found that, in general, non-financial risks have not received the kind of focus that financial risks have.

Previously, when the focus was primarily on various financial ratios and measures relevant to risk modelling, NFR was mostly a reactive aspect of risk management. With Basel III reforms, the focus on NFR has accelerated. There has been a growing acceptance of the need to be more diligent and structured when it comes to NFR management. And while when we generally speak of NFR management, it is primarily within the context of banking sector, the lessons are equally applicable to the broader issue of corporate governance and risk management across all sectors.

Organisations aiming to excel in non-financial and overall risk management need to focus on 5 key aspects:

  1. Measures and quantification: Organisations need to establish a measurable approach to assessing and managing non-financial risks. While quantification is more evident in the case of financial risks, organisations may struggle to quantify the impact of the non-financial risks. They need to be able to establish a standardised and meaningful approach to measuring such risks.
  2. Taxonomy and standardisation: A lot has been written about ensuring there is a clear taxonomy when dealing with non-financial risks. The non-quantitative nature of the risks makes it difficult, and therefore, even more important to ensure that the organisation can align on the underlying taxonomy that facilitates the risk discussion and risk management planning.
  3. Integrated perspective: NFR management can be effectively and credibly addressed only when organisations are able to create integrated business perspectives around such risks. Unless risk officers and business leaders can identify and align on such perspectives, it will continue to be a challenge to get the desired level of traction behind NFR in the organisations. Such integrated perspectives will enable organisations to:

    a. Identify priorities
    b. Drive cross-functional collaboration
    c. Allocate targeted resources, and
    d. Create broader and deeper buy-in into NFR management
  1. Prioritisation: Given the nature of the breadth of risks that can be categorised under NFR, organisations can easily get overwhelmed when it comes to working with non-financial risks. It is critical for the organisations to be able to establish clear and meaningful priorities when it comes to addressing such risks. This will enable organisations to:

    a. Ensure that risks with greatest business impact are addressed with priority
    b. Optimise the budget
    c. Streamline the associated resource allocation
  2. Risk management solutions: While several technology solutions are aimed at financial risk management, there are very few that are equally compelling when it comes to leveraging AI and analytics. This is perhaps a reflection of the complexity and the nebulous nature of quantifying non-financial risks as “elegantly and meaningfully” as financial risks can generally be. Organisations need to integrate technology on the NFR side as much as they do on the financial side. This will also allow organisations to better monitor, measure and track a much broader cross-section of risks in the organisation.

With growing acknowledgement of the criticality of NFR management and improving technological solutions capabilities, organisations are much better positioned to manage and act on the non-financial risks. The very fact that such risks have always been more difficult to identify, only make it more urgent for organisations to act on the issue with diligence and frequency that it deserves. Only then, can the business leaders claim, that risk is being holistically being addressed in their organisations.





About the Author:

Sunil Rana /

Sunil is the Founder & CEO of Vyzrd. Prior to founding Vyzrd, Sunil held senior and leadership positions across leading global management consulting firms such as BCG, Mercer and Oliver Wyman. He has extensive experience in advising the CxOs and Boards of some of the largest global firms and government organisations on topics related to investment, growth and risk. He also served as senior advisor to one of the top ESG investment research firms, which was subsequently acquired by a leading global ESG ratings company.

About Vyzrd:

VyzrdTM is an AI powered analytics platform that provides a targeted portfolio of scalable, incisive and cost-effective business capability diagnostics, investment and risk management solutions.

ESG solutions: Vyzrd’s ESG research and analytical solutions focus on ensuring that we enable Institutional Investors to meaningfully address their ESG investment objectives. Our approach to ESG analytics is arguably the most comprehensive and uniquely differentiated in the market today. The analytics platform is designed to present predictive analytics on key ESG variables that have fundamental impact on business performance and long term value creation.

Corporate Address:

Vyzrd Pty Ltd
Level 29, Chifley Tower, 2 Chifley Square, Sydney NSW 2000, Australia
Tel: +61 2 9216 9088