What Regulators Want

Ariane Chapelle

The financial industry is global, so it’s not surprising that supervisors in different countries share common concerns when it comes to operational risk. Listen to regulators from the US Federal Reserve System, the Bank of England and the UK Financial Conduct Authority and you will hear a number of familiar themes. Whether you are a newly regulated entity or an approved person preparing for your first visit from regulators, it’s useful to bear in mind some essentials on how to demonstrate good practice.


One important question is so simple that it can sometimes be missed in the piles of files, reports and colourful risk charts: what are the main risks to your business? In other words, what are the adverse events that could harm your profitability or cause problems for your stakeholders, especially your customers?

The more you are specific about the risks and how they should be mitigated, the more you will demonstrate ability and credibility. Try to define risks as potential negative events, not as processes or control failures: “technology” is not a risk, it’s a theme. All firms rely on technology. Be more specific. Are parts of your systems outdated or in

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Risk.net? View our subscription options

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here