Financial Institutions Still Lag Behind on Less Quantifiable Forms of Risk: PricewaterhouseCoopers

London, 28 July 2004 – Financial services companies have pushed risk management further up the corporate agenda and regard reputational risk as the greatest threat to their market value, according to a new study by PricewaterhouseCoopers and Economist Intelligence Unit (EIU). Yet, it is the quantifiable risks, such as credit and market risk, which still absorb the most attention amongst financial institutions.

In a survey of more than 130 senior executives in financial institutions worldwide, 82% agreed that awareness of risk is now more pervasive in their organisations than it was two years ago and 73% agreed that their organisations define their appetite for risk more clearly. However, these encouraging results are shrouded by some significant concerns.

The survey identified four reasons why risk management remains primarily focused on meeting regulatory requirements and only secondarily on protecting and enhancing the value of the franchise:

  • A culture of risk awareness has yet to emerge
  • Compliance is not being turned into competitive advantage
  • The importance of governance is underestimated
  • Quantifiable risks are still the focus of too much attention

Phil Rivett, global leader, banking/capital markets group, PricewaterhouseCoopers said:

“Financial institutions have made significant strides since our last risk management survey two years ago, but our latest findings have revealed that too many organisations are still concentrating on calculating market and credit risk to a further order of accuracy and too few on understanding the totality of the risks they face in order to give themselves a competitive advantage.

“In an environment where new and potentially lethal risks can suddenly emerge, institutions need to look at the bigger picture. They need to seek to anticipate and avoid the submerged risks that can abruptly sink an enterprise and have both the crisis management processes in place and the underlying standards of behaviour that are likely to soften the impact of such risks when they do come to pass.”

The study, entitled ‘Uncertainty tamed? The evolution of risk management in the financial services industry’, also revealed that many central risk groups did not have much input into strategic decision-making. When asked in which business processes their company had a structured approach to assessing risk, only 43% of respondents pointed to mergers and acquisitions and only slightly more (44%) to forming alliances and partnerships. Just 17% pointed to the setting of compensation policies for directors and recruitment policies.

Even though senior executives of financial institutions may appreciate the dangers of reputational risk to their market value, many respondents’ confidence in their organisations’ risk management capabilities dipped markedly in the less traditional areas of risk. Some 24% felt their institution was ineffective in dealing with reputational risk and even more took the same view of sovereign and political risks. However, the fact that only 16% admitted to quantifying intangible risks may help to explain why many organisations felt they were less than effective in dealing with them.

Phil Rivett continued:

“Financial institutions are increasingly attuned to the dangers posed by less quantifiable risks but they need to turn their good intentions into action. Less quantifiable forms of risk can do as much, if not more, damage to companies’ reputations, shareholder value and the long-term sustainability of their business as the more straightforward types of risk.

“It is also just as important for financial institutions to protect themselves from potential liabilities and reputational harm stemming from their external relationships with customers, suppliers and partners.”

In PricewaterhouseCoopers first briefing on risk management in financial services, ten attributes were identified to help companies create a world-class culture of risk management. Two years on, PricewaterhouseCoopers believes they are as valid now as they were then:

  • Pay equal attention to quantifiable and unquantifiable risks
  • Identify, report and quantify all possible risks
  • Let an awareness of risk pervade the enterprise
  • Make risk management everybody’s responsibility
  • Avoid products and businesses the enterprise does not understand
  • Accept that uncertainty exists
  • Monitor your risk mangers
  • Good risk management delivers value
  • Define and enshrine your company’s risk culture

About PWC

PricewaterhouseCoopers ( provides industry-focused assurance, tax and advisory services for public and private clients. More than 120,000 people in 139 countries connect their thinking, experience and solutions to build public trust and enhance value for clients and their stakeholders. Unless otherwise indicated, PricewaterhouseCoopers refers to PricewaterhouseCoopers LLP a limited liability partnership incorporated in the United Kingdom. PricewaterhouseCoopers LLP is a member firm of PricewaterhouseCoopers International Limited.