Historically in financial institutions, risk functions such as legal, compliance, audit, credit risk and market risk were managed in separate organisational silos. Operational risk was generally the responsibility of business units as part of their daily activities. Risk management was focused primarily on financial, predictable and quantifiable risks related to loss prevention. Since the 1980s, risk management has evolved to include corporate governance, alignment to strategic objectives, capital adequacy and stakeholder value. Additionally, regular discussions on risk management started appearing on corporate board agendas.
In 2003 FERMA has adopted the Risk Management Standard to establish a uniform pan-European approach to risk management procedures sets out a strategic process, starting with an organisation’s overall objectives and aspirations, through to the identification, evaluation and mitigation of risk, and finally the transfer of some of that risk to an insurer.