Accessibility Links

Introduction to risk



While risk has always been part of financial activity, the 1990's saw risk management become a key business function within banks and other financial institutions. A major reason for its growth in importance were the massive losses incurred by some huge global companies during the 1990's, which shocked financial institutions into placing more emphasis on risk management and controls.


However, industry globalisation and consolidation, product complexity and the increasingly sophisticated requirements of customers were already leading to a greater emphasis on ensuring that losses were not incurred due to adverse market conditions, counter party failure, or inappropriate controls, systems or people.


These factors led to increased regulation, and banking and financial institutions now have to adhere to the principles of banking regulation advocated by the Basel Capital Accord. They must strengthen internal controls, enhance disclosure and transparency of financial information and ensure effective supervision, in order to maintain the sound operation of the banking and financial markets. This includes identifying and quantifying various risks in advance, as well as establishing and carrying out effective risk management.


The role of Risk Management


Risk Management is primarily concerned with reducing the potential of any internal or external events to detrimentally affect a business. It should be a set of continuous and developing processes that are applied throughout an organisation's strategy and should methodically address all the risks surrounding past, present and future activities.


Risk Management objectives


There are two main areas of focus for Risk Management, each with its own set of objectives:



To reassure management that the business is aware of, and in control of, current and future business risks

·         To safeguard business assets and reputation

·         To help improve the business's operating performance and shareholder value

·         To improve efficiency by reducing risk exposure inherent in the business processes

·         To support the achievement of strategic goals



·         To ensure compliance with regulatory requirements

·         To deliver competitive advantage

·         To reassure stakeholders and interest groups that the business is actively managing risk


The process


The Financial Services Authority has identified a number of key stages in the process of risk management:

·         Risk Identification

·         Risk Assessment

·         Risk Mitigation

·         Risk Monitoring

·         Risk Reporting


It is important to note that risk management does not end with the reporting of risk events - it is an ongoing and iterative process continually reviewing the organisational risk profile.




Risk management should also support the quantification of any risk exposure such as: Value at Risk (VaR), Credit Exposures and loss of Systems and Controls.


However, the measurement approach for different categories of risk varies significantly, particularly in operational risk. This is an area where best practice is still under development, although the Basel Committee on Banking Supervision, which provides direction for European legislation, has offered significant guidance for financial institutions to follow.


Different types of business risk


The Audit Commission, in its 2001 paper Worth the Risk, Improving Risk Management in Local Government, defines business risk as:


“the threat that an event or action will adversely affect

an organisation's ability to achieve its business and strategic objectives”.


Here are further definitions for the different types of business risk, definitions which have either been drawn from or reflect the approach of both the Basel Committee of Banking Supervision and the Financial Services Authority:


Market Risk

"Market risk is the risk that arises from fluctuation in the values of, or income from, assets."


Group Risk

"Group risk is the potential impact of risks arising in the parts of a firms group as well as those resulting from its own activities."


Credit Risk

"Credit risk occurs whenever a firm is exposed to loss if another party fails to perform its obligations."


Operational Risk

"Operational risk is the risk of loss, resulting from inadequate or failed internal processes, people or systems, or from external events."


Liquidity Risk

"Liquidity risk is the risk that a firm does not maintain sufficient financial resources to meet its liabilities as they fall due.”


Reputational Risk

"Reputational risk is the risk that arises as a result of negative publicity having a detrimental effect on shareholder value and position in its market place."


The benefits of Risk Management


Proper risk management allows a financial institution to prosper through taking and avoiding risks. Well run companies are now taking a closer interest in what its management is doing to mitigate risk exposure, allowing for a more efficient, effective and prudently run business.


Good risk management will greatly improve the transparency of how an organisation operates, providing a roadmap to achieve strategic goals and objectives and reassurance over the management of risks.


The recently published Turnbull Guidance on Internal Control has focused attention not just on downside risk, but also on the positive aspects of risk. For the first time, the link between risk management and improved business performance is acknowledged in governance regulations.


Good risk management enables companies to seize opportunities, as well as prevent disasters.


It is vital to the well being of a company, therefore, that managers at all levels take risk management seriously and not simply during an annual certification process.


A risk based approach can make a company more flexible and responsive to market fluctuations, making it better able to satisfy the needs of its various stakeholders, in a constantly changing environment. Companies can also gain an advantage over competitors by identifying and adapting to circumstances faster than their rivals.


Summary of benefits


The benefits of effective risk management and internal control are:

·         Increased risk awareness

·         Prioritisation of business risks to those that matter

·         Fewer unexpected and unwelcome surprises

·         A better focus internally on doing the right things well

·         Reduced losses through process improvements developed by the business

·         Providing a better basis for making key strategic decisions

·         Increasing the chance of change initiatives being achieved

·         Creating a greater likelihood of achieving business goals and objectives

Latest jobs

Model Validation Manager
  • Location New York
  • Salary $150,000 - $190,000
  • Job type Permanent
  • Sector Banking, Market Risk, Credit Risk
  • Description THE COMPANY: Our client is a global banking institution with a strong North American presence. They are seeking multiple managerial hires at VP and SVP level in their Model Validation team across the
Senior Auditor - Global Financial Services Firm
  • Location Chicago, IL
  • Salary Up to $100K + competitive bonus
  • Job type Permanent
  • Sector Banking, Other Financial Services
  • Description Our client, a global financial services firm, is seeking a Senior Auditor to lead and execute an integrated audit plan across its trading platform and the financial products traded on the platform.
IT Risk Assessment and Information Security Consultant
  • Location Manhattan, NYC
  • Salary Competitive
  • Job type Contract/Temp
  • Sector Cyber Security / Resilience
  • Description IT Risk Assessment and Information Security Consultant – Cybersecurity, Information Security, IT Risk, Banking, 6m Contract, NYC Our leading Banking client requires ...
Information Security AVP - Vulnerability, Assessment, IT Risk, Asian Banking
  • Location New York, Midtown
  • Salary Competitive
  • Job type Permanent
  • Sector Financial Crime Compliance , Cyber Security / Resilience, Interim
  • Description Information Security AVP - Vulnerability, Assessment, IT Risk, Asian Banking Our leading banking client is requiring an Information Security AVP to supp
Latest news