Navigating through uncertainty: European banks’ non-financial risks
European banks’ non-financial risks: findings & issues
How do banks respond to the increasing regulatory requirements around operational risk?
Costs and charges arising from banks’ non-financial risks have increased sharply in recent years. In part this reflects the compensation and litigation costs relating to misconduct, but it has also been driven by the costs of IT failures and cyber-attacks. Recent and prospective regulatory requirements and supervisory actions not only impose additional compliance costs but also require banks to take a more strategic view of how they identify, measure and control their non-financial risks.
To better understand how banks are responding to these developments and to provide banks with an opportunity to share and compare their views with peers across the market KPMG undertook a survey of 36 banks across Europe. The survey results highlighted the importance of banks’ non-financial risks. Nearly half of the respondents reported that such risks accounted for more than 10 percent of their banks’ total losses, and that operational risk represented more than 10 percent of risk weighted exposures.
- Non-financial risks are important
- Banks are planning to develop their frameworks for non-financial risks
- The assessment and measurement of non-financial risks is the main areas for improvement
- Banks also identify the need to align more effectively the elements of managing non-financial risks, to enhance risk reporting and to strengthen risk culture
- Many banks do not specify an effective risk appetite for non-financial risks
- Risk ownership and challenge remain unclear
- Many banks are addressing non-financial risks primarily through an emphasis on IT and compliance risks
- Strategic and business risks remain out of focus in most banks’ frameworks for non-financial risk
Conclusions and key issues for banks
Our survey results highlight the importance of non-financial risks and the ways in which banks are identifying, measuring and controlling these risks. Three themes stand out:
- Enhancing frameworks for non-financial risks - Nearly all banks are planning to enhance their frameworks for non-financial risks, with many planning a comprehensive overhaul.
- Limitations in frameworks for non-financial risks - Most banks’ frameworks for non-financial risks do not effectively cover strategic and business risks, which banks seem to find it difficult to identify, measure and control.
- Regulatory and supervisory pressures - Perhaps not surprisingly, regulatory and supervisory pressures stand out in the survey as key drivers of banks’ management of non-financial risks.
Please download our report to see the full detailed analysis of the challenges banks are facing in the area of managing their operational risks.