Non-Financial Risk Management: Regulatory fines, warnings and investigations persist across non-financial risks

Whilst many banks have embedded management of traditional financial risks such as credit and market, CROs and CCOs are under increasing pressure to address known and emerging non-financial risks. Pressure is further exacerbated by shrinking budgets and increasing costs of managing expanding control stacks, as well as remediation programmes driven by risk and control self-assessment (RCSA) blind spots for non-financial risks.

Some banks are reimagining the way they treat NFRs, focussing on:

  • Embedding proactive identification: regulatory scanning and RCSA and taxonomy
  • Continuous monitoring to achieve compliance: measures and reporting
  • Embedding end to end strategies: people and culture and risk technology

How Protiviti can help?

We work with 92% of Fortune 100 Financial Service Clients and 80% of the world's largest banks. We have delivered a number of non-financial risk management engagements. Our accelerator frameworks support non-financial risk management.

To get started, we can help you conduct a rapid assessment to discover high level pain points related to the management of non-financial risk. We can then conduct a hypothesis led design thinking workshop to support identification of data driven solution. Using insights gathered, we can curate a proposal outlining issues identified, and a proposed book of work to support your NFRM journey.


Bernadine is a Managing Director within our Financial Services Industry (FSI) Regulatory practice in the UK. Prior to joining Protiviti ten years ago, Bernadine was a Director in KPMG’s Regulatory Services practice. A chartered accountant by training, Bernadine has over ...