Non-Financial Risk

NON-FINANCIAL RISK

OUR VALUE PROPOSITION

At Neofin Advisory, we are actively engaging with our clients on key Non-Financial Risk topics which sit high on the current regulatory agenda. Our aim is to actively support our clients in transforming their risk frameworks to accurately identify, assess and mitigate the risks that arise. 

1LoD Risk Ownership

  • Strong risk ownership and risk decision making in the first line leads to better outcomes as the business is more agile in its response to risk events.
  • Overcoming resistance to change and recalibrating ownership of risk from 2LoD to 1LoD is a challenge

Operational
Resilience

  • Challenging implementation for firms who are not clear on the end-to-end process mapping of their business services
  • While BCM / DRP have been well understood within NFR Frameworks the complexity from adding a customer lens is significant

Conduct
Risk

  • Remediation has been in different stages for market players with the front runners having clear conduct risk inventory and control frameworks
  • Front runners are larger banks who have experienced regulatory pressure post IBOR and FX notice

Operational
Risk

  • Has been a focus for PRA for some time with recent PSM letters highlighting the following:
  • Robust RSCA process with clear risk reporting
  • Linkage of operational risk to business strategy
  • Reflecting operational risk within the business held capital adequately

Third-Party
Risk

  • Similar to operational resilience, supplier risk assessment has been enhanced through regulatory guidance
  • Firms find it challenging to clearly identify their key dependencies on third parties for the provision of their services and remediate through contracting

CASE STUDY

Project Duration: Ongoing

Objective

A small retail charity bank sought external support to develop its operational resiliency framework to ensure compliance with the latest PRA requirements.

Solution Implementation

  • Operational Resilience – Phase 1: Developed capabilities to meet the latest PRA requirements within the implementation phase.
  • Operational Resilience – Phase 2: Built on the foundations set during Phase 1, addressed vulnerabilities, and initiated scenario testing.
  • Material Outsourcing Notification: Supported the completion of required activities for the new service notification to the PRA following SS2/21 requirements.
  • ICAAP Preparation and Enhancement: Collaborated with ExCo members to draft, prepare, and enhance the bank’s ICAAP report.

 Impact

  • Operational Resilience: Established identification and mapping of critical business services, determined impact tolerances, and piloted scenario testing.
  • Third-Party Risk Management: Designed a supplier materiality framework, performed gap analysis on outsourcing contracts vs SS2/21, and enhanced service risk assessment.
  • ICAAP Compliance: Developed the bank’s Pillar 2 Capital Methodology and drafted qualitative and quantitative ICAAP sections.