Last year, we published a paper sharing our vision for successful operational and non-financial risk (ONFR) management. A year on, we've revisted our vision to reflect the big changes happening across financial services. The updated report is now available to download.
Our refreshed vision for operational and non-financial risk management
Resilience and strategy are now core objectives
Last year, we said that there were four primary goals for operational and non-financial risk management:
- Reduce loss
- Safeguard customer services, data and assets
- Ensure firms are trusted by customers, the market and regulators
- Help firms grow and transform safely
This still holds true, but the risk environment and practice have continued to evolve. The emergence of strategy as a core objective and the intensified focus on resilience are significant enough for us to update our vision.
When this vision becomes a reality, operational and non-financial risk management will have a broader purpose and wider scope. It will be able to generate new risk insights, combining emerging risks, ecosystem risks, change risks and resilience.
Operational and non-financial risk needs to be managed at scale, at speed, and deliver new insights and capabilities to the business.
How has risk management developed this year?
A year is a long time in risk management. Growing geopolitical volatility, continued digital transformation and increasing interconnectivity mean the risk environment remains challenging. However, financial firms have made huge progress toward our shared vision. Our vision includes a pathway for successful operational and non-financial risk management, which groups the key milestones into three areas:
- Fit-for-purpose foundations: This includes governance, culture and communications, skills and framework
- A digital core: This is needed to match the digitalisation taking place across the wider business. It consists of data and AI.
- New insights and capabilities: We've identified four primary areas of risk that require more expertise and focus - emerging risk, ecosystem risk, change risk and holistic risk.
Progress made in 2024-2025
These are some of the areas where financial firms have made progress since we first published our vision. To read the full list, download the report.
Fit foundations
- Evolving 2LOD models
- Building partnership with 1LOD
- Aquiring critical new skills
Digital core
- Improving data quality
- Implementing new technology
- Automating core processes
Insights and capabilities
- Focusing on risk-managing change
- Building ecosystem risk management capability
- Improving views of emerging risk
Download the report to read our vision in full
Read the paper, Our strategic vision for operational and non-financial risk, for more insights and to find out how you can support your firm in today's digital world.
