Risk management challenge

Over the last 18 months, the level of regulatory focus on the adequacy of the design, implementation and operating effectiveness of Risk Management Frameworks within the Building Society sector, and the adequacy of their Risk Functions, has heightened significantly. As a direct consequence, these matters are high on the agenda of Boards, Risk Committees and Audit Committees across the sector.

Given the current focus on the effectiveness of firms’ Risk Management arrangements, we have designed a series of monthly blogs aimed at providing an overview of the key matters that societies should be considering to ensure their Risk Management Frameworks and risk oversight arrangements are fit for purpose in line with the standards expected by the regulator. Our series of blogs cover the following ‘Hot Topics’:

  1. The Risk Function – How effective is yours?
  2. Risk governance arrangements – A case of blurred lines?
  3. A question of appetite and tolerance;
  4. Accountability, escalation and risk-based decision making; and
  5. Passing the embedding test – How do you know?

 The main drivers causing the Prudential Regulation Authority (‘PRA’) to focus on the areas covered by this series of blogs have typically arisen as a result of perceived: i) aggressive or ambitious growth strategies (by reference to historical performance; ii) lack of strength in the Chief Risk Officer (or equivalent) or Risk Function as a whole; and iii) lack of risk capabilities and / or experience within the Non-Executive Director group. Where the PRA has provided feedback and outlined their concerns to Boards, they have generally focussed upon firstly, the independence, expertise and level of resource within the Risk Function and its ability to provide both significant and appropriate levels of challenge and oversight; and secondly, the adequacy of the whole risk management structure underpinning the business. 

As a result of their concerns, the PRA has sought to use its regulatory toolkit in a number of different ways, including: i) commissioning Skilled Person reports under s166 of the Financial Services and Markets Act (‘FSMA’) (as amended by the Financial Services Act 2012); ii) imposing Pillar 2 capital add-ons or applying management scalars thereby increasing capital requirements; iii) restricting the level of lending activity undertaken; and iv) requiring Board’s to instruct the Society’s Internal Audit function to perform an independent assessment to areas of concern and provide them with the results.

In light of the above, the contents of our series of blogs should be of direct interest to Chief Risk Officers (or equivalents), Heads of Internal Audit and Board Risk Committee Chairs and members. 

Requests for additional blogs on Risk Management topics of interest are welcomed and you can provide us with details of these, together with any feedback on this series of blogs, using the comments box provided further below.

Our experience

We have a wealth of knowledge and experience of delivering both Audit and Assurance services to Building Societies across the sector. We have working relationships with more than 90% of the sector, giving us an unparalleled position and ability to provide a deep level of industry insight into current regulatory hot topics and key areas of focus.

Our depth of knowledge, understanding and industry experience means that we are well placed to provide invaluable insight and deliver tailored, pragmatic and proportionate solutions (either in an advisory or internal audit capacity) to help societies address new challenges and create competitive advantage.


Matt Perkins

Matt Perkins - Partner, Head of Building Societies, Deloitte

Matt leads Deloitte’s national Building Society practice and is responsible for a team of c. 80 individuals across External Audit, Internal Audit, Tax, Corporate Finance and Consulting.

Email | LinkedIn

Kieren Cooper

Kieren Cooper - Partner, Financial Services, Deloitte

Kieren is a Partner in Deloitte’s Midlands Financial Services Practice and leads a large number of Internal and External Audit engagement in the Building Society sector.

Email | LinkedIn

Adam Roberts

Adam Roberts - Senior Manager, Financial Services, Deloitte

Adam is a Senior Internal Audit Manager working in Deloitte’s Financial Services Practice based in the Midlands and works with a wide range of Building Societies. Adam is a specialist member of the Institute of Risk Management (‘IRM’) and specialises in the delivery of Risk Management audits.

Email | LinkedIn


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.