Risk Management Framework

For British Land, effective risk management is fundamental to our business. Our ability to identify, assess and effectively manage current and emerging risks is critical to our strategy and how we position the business to create value, whilst delivering positive outcomes for all our stakeholders on a long term, sustainable basis.

We maintain a comprehensive and well-established risk management and internal control framework, focused on proactive risk awareness and effective risk oversight across the business. We clearly define our risk appetite, respond quickly to changes in our risk profile and foster a strong risk management culture across the business, with clear roles and responsibilities. Our framework integrates a top-down strategic perspective with a complementary bottom-up operational process, as illustrated in the diagram below. This approach enables us to effectively identify, assess and manage both financial and non-financial risks – including principal risks that could impact solvency and liquidity, as well as emerging risks. Our objective is not to eliminate risk entirely, but to manage exposures within our defined risk appetite, while at the same time maximising opportunities.

The Board has ultimate responsibility for risk management and maintaining a robust internal control framework. It determines the nature and extent of the principal risks the Group is willing to take to achieve its strategic objectives, assessing risk tolerances within the context of strategic priorities and the external environment – referred to as our risk appetite (see below).To support the Board, the Audit Committee provides essential oversight and assurance.

Through the below approach, the Group operates a ‘three lines of defence’ model to manage risk effectively:

  1. Operational management is responsible for the day-to-day identification and mitigation of risks.
  2. The Risk Committee and internal risk team oversee and integrate risk management practices across the Group.
  3. Internal Audit provides independent assurance on the effectiveness of the Group’s risk management.

Our Risk Appetite

Our risk appetite is at the core of our risk management approach, guiding business planning, decision making and strategy execution. Reviewed annually and approved by the Board, it is embedded within our policies, procedures and internal controls. Whilst our risk appetite may evolve over time and in response to property cycle shifts, our overall risk appetite remains balanced, with a low appetite for financial and compliance risks, and a balanced appetite for property and operational risks.

Learn more here

Our principal risks

Our principal risks comprise the eleven most significant Group risks, including four external risks primarily influenced by market factors, and seven internal strategic and operational risks which, while subject to external influence, are more under the control of management. External principal risks stem from the broader macroeconomic and political environment, as well as our core property markets. Internal principal risks relate to our capital allocation, development, customers, sustainability, people and culture, as well as key operational risks such as technology, health and safety, and fraud and compliance. 

Learn more here

Our priorities for 2025/26 

  • Strengthening Internal Controls and Governance: Monitor compliance with the revised UK Corporate Governance Code, including Provision 29. Focus on material controls to enhance Board oversight and formalise assurance processes. Identify opportunities to streamline and improve processes, driving both efficiency and added value.
  • Responding to Economic and Market Volatility: Proactively manage the impacts of prolonged inflation, interest rate uncertainty and geopolitical tensions. Maintain financial resilience through disciplined leverage, strong liquidity management and scenario planning.
  • Enhancing Technology and Cyber Resilience: Achieve full ISO 27001 certification to reinforce information security practices. Leverage digital tools to enhance decision-making and operational efficiency. Continue to explore opportunities of emerging technologies, particularly AI, while assessing associated risks to ensure responsible implementation.
  • Continued Technology Transformation: Evaluate and oversee the risks associated with the Group’s ongoing transformation projects, including, where feasible, the automation and streamlining of control processes.


Full details on our approach to risk are outlined in our Annual Report