S3 | E4: Annual KRI Health Check: The Importance of Evolving Your Key Risk Indicators

In this episode of the Risk Intel Podcast, SRA Watchtower’s own Cathy Jackson, Director of Implementations and a seasoned risk management expert joined host, Ed Vincent, to explore the evolving nature of Key Risk Indicators (KRIs) and how financial institutions can ensure their KRIs remain effective and actionable. Listen to the full episode below or read the summary to get the key takeaways from their discussion:

Why Are KRIs Not A “Set It and Forget It” Exercise?

KRIs must evolve with the business because financial institutions operate in a dynamic environment. Cathy emphasized that both external factors—like market shifts, regulatory updates, and industry best practices—and internal changes, such as launching new products or services, require institutions to reassess their KRIs. Sticking with outdated indicators is risky and you could be overlooking emerging vulnerabilities or misaligning with current strategic objectives.

“They [KRIs] have to evolve as you evolve” – Cathy Jackson

How Often Should Institutions Review Their KRIs?

Determining the right frequency and timing for reviewing your KRIs depends on various factors, but recommended to at least review them once a year. Here are a few ideas Cathy suggests:

• ‍Strategic Alignment: Institutions should reassess KRIs whenever they review their strategic plans to ensure continued relevance. A good set of KRIs will be aligned with the strategic plan, so reviewing them every time the strategic plan is reviewed or updated is a best practice for financial institutions.
• ‍Reactive Triggers: Unexpected events, near-losses, or feedback from audits and regulators signal an immediate need for evaluation.
• ‍Routine Assessments: While annual reviews are a minimum, institutions should remain agile, periodically validating KRI values and results against risk appetite, evolving risks and actual outcomes.

How to Evaluate the Efficacy of KRIs

Cathy outlined a step-by-step approach for assessing KRIs:

1. ‍Start with Objectives: Align KRIs with core strategic goals and risk appetite to ensure they address key vulnerabilities.
2. ‍Prioritize Risks: Not all risks are equal. Institutions must identify and focus on the most critical indicators.
3. ‍Consult Stakeholders: Engaging management and employees offers valuable insights into practical and operational risks.
4. ‍Data Availability and Feasibility: Evaluate whether the data supporting KRIs is accessible and actionable. Address gaps through incremental improvements or a strategic roadmap.
5. ‍Keep It Manageable: Institutions should strike a balance—monitoring too many KRIs dilutes focus, while too few may leave blind spots.
6. ‍Iterative Reviews: Regularly refine KRIs to adapt to changing circumstances and ensure their continued utility.

A Pragmatic Approach

Cathy underscored the importance of pragmatism in managing KRIs. For instance, KRIs must be consumable and actionable to avoid overwhelming stakeholders with excessive or irrelevant data.

Ed shared an example from a recent conversation with a bank CRO he was recently speaking with. This bank had gained 5-10 KRIs, by regulator request, every review. But recently, in their last review their regulator asked how they were managing and digesting all the KRIs and the CRO was stumped. Driven by regulator request, they had accumulated too many KRIs to sustainably manage. The lesson? Institutions must focus on KRIs that provide meaningful insights, align with strategic risks, and enable effective decision-making. This all can be accomplished through an ERM platform like Watchtower.

Final Thoughts

KRIs are not static metrics—they are dynamic tools requiring regular attention to remain effective. Institutions must continuously align their KRIs with strategic objectives, evolving risks, and regulatory expectations. By fostering a pragmatic, data-driven approach and engaging stakeholders, organizations can turn KRIs into powerful guides for navigating uncertainty and achieving their goals.

We thought this was a timely episode with it being a new year and time for everyone to make a habit of reviewing their set of KRIs on an annual basis. If you have questions or need help with your KRIs or evolving your risk program, please reach out to Cathy or set time to connect with one of our risk experts today.