Specialist Service
A comprehensive, regulator-aligned methodology for bank risk identification — built from 20 years of doing it at the world's largest institutions.
Most banks have a risk register. Very few have a defensible risk identification process. The difference shows up when the regulator asks "how did you identify this?" and no one can answer.
Billions are invested in measuring and managing risk — credit modelling teams, market risk systems, operational risk databases. But the question that precedes all of that — what are the risks? — is typically addressed in a two-day workshop once a year, producing a spreadsheet that no one revisits until the next regulatory review.
We built a six-phase methodology to fix that gap, grounded in ISO 31000, COSO ERM, and direct experience building and leading risk identification at a European G-SIB and a major international banking group.
The Methodology
External context (PESTLE), internal environment and risk culture assessment, risk criteria, risk appetite, building the starting universe.
Top-down SWIFT workshops and Delphi method. Bottom-up with 10 specialist sub-processes. Mandatory reconciliation and enterprise portfolio view.
Four-dimensional scoring. Multi-dimensional impact. Data quality ratings. Bow-tie analysis for critical risks. Cost-benefit with ALARP.
Living risk inventory with full audit trail. One-page risk profiles for every material risk. KRIs with RAG thresholds.
Direct linkage to ICAAP/ILAAP/CCAR scenario design, strategic planning, Board reporting, and regulatory submissions.
Quarterly re-identification. Event-driven updates. Annual full re-identification. Internal audit assurance over the process itself.
Aligned to 16 regulatory frameworks
Three ways to work together, depending on where you are and what you need.
Independent review of your current risk identification process against the methodology and 16 regulatory frameworks.
Design and build the full process — governance framework, risk taxonomy, templates, workshop facilitation, capital planning integration.
Stress-test your existing process against what supervisors actually look for in ICAAP reviews, SREP, and CCAR.
The complete methodology is available as a free practitioner toolkit.
27 questions. 10 minutes. Find out where your risk identification process is strong and where regulators will find weaknesses.
Score Your ProcessThe complete methodology: 16-chapter book, 31-tab Excel template pack, AI prompt library, and Copilot agent definition.
Download FreeBank Risk Identification: The Complete Methodology. 200+ pages covering every phase, with worked examples and regulatory mapping.
Learn MoreThe Evidence
In every case, the risk was identifiable before the loss materialised. We studied every one and built a methodology to prevent the next.