Skip to content
ORX News Platform Agora Platform Create an account
Login

Showing results for ""

Unfortunately, no results match your current query

    Service

    ORX Membership

    Risk programme

    Management, Practice & Framework

    Summary - June 2026

    Issue management is a core part of effective risk and resilience. Done well, it helps firms spot weaknesses early, take action quickly and reduce the chance of issues escalating into major events or losses.

    To gain insights into how financial firms are evolving their approaches to issue management, we held a series of virtual discussions with our members. These sessions were a chance for our community to share challenges, discuss solutions and learn from each other.

    This summary of the discussions highlights current practices, common challenges and where the industry is focusing efforts to improve outcomes. You’ll find practical insights on how firms are:

    • Strengthening definitions, roles and accountability
    • Automating elements of the end-to-end processes
    • Integrating issues across the wider risk and control framework
    • Exploring the use of data, tooling and AI to support more proactive management

    Background

    Issue management is a critical part of risk and resilience management. Ensuring emerging problems are identified, tracked and resolved in a timely manner helps to prevent escalation into major incidents or losses.

    Our members identified this topic as important for sharing practices and understanding challenges and solutions. As a result, we held three discussions in early 2026 to support members in this area. This article summarises the key findings from these discussions.

    Current industry position

    Many financial services institutions are currently progressing or optimising their issue management practices, for example to improve their logging and reporting of issues, streamline the end-to-end process and overcome challenges. Common challenges include:  

    • Efforts not focusing on the most material and potentially impactful areas
    • Fragmented reporting, creating duplicative administrative work
    • Lack of aggregation of issues
    • Lack of senior management focus on issue management
    • Unclear roles and responsibilities
    • System integration challenges

    Definition of ‘issue’

    We propose the following as a standardised industry definition of “issues”:

    An issue describes a weakness or deficiency (such as a control or process gap, ineffective control, or non‑compliance with policies or standards). If the issue is not addressed, a risk may materialise or exceed defined risk tolerances. Issues require assessment and remediation, either through timely corrective action plans to reduce residual risk within tolerance or through formal risk acceptance, subject to appropriate review and oversight.

    This definition is the result of consultation during the discussions and analysis of definitions submitted by member firms. It aligns with the majority of participating firms’ definitions, with one small difference that in some firms’ definitions, issues can also relate to a materialised risk event.

    Gated content start

    This study is available to all ORX members

    Interested in reading more?

    If your firm is a member of ORX, log in or create an account to access the article.

    Log into the ORX website

    Create an account

    Not a member? Talk to us today to discuss how you could join the ORX community.

    Speak to an expert

    Find out more about ORX Membership

    Gated content stop

    Contacts:
    Helen L’Abbate

    Helen L’Abbate

    Deputy Director - Research & Information, ORX

    Natasha Smith-Craig

    Natasha Smith-Craig

    Research Manager, ORX

    Emilie Odin

    Emilie Odin

    Senior Research Manager, ORX

    contact-icon

    Become a member of ORX

    Book a call to find out how ORX can support operational risk management at your firm.

    Talk to us today

    More resources from ORX