Riskier Business – Benjamins Hedges and the Financial Risk Landscape (Who Tends the Garden?)
You don’t need to run a bank to have Financial Risks.
You just need money moving through your business.
Liquidity strain, funding costs, FX volatility, and credit risk uncertainty sit quietly behind almost every intercompany interaction. Yet, as discussed in our prior Margin Notes on Risks (Infrastructure or Operational & Strategic or Marketplace), Transactional Risks tend to dominate Transfer Pricing Documentation, for good reason, but often crowd out broader categories of risk that shape real business outcomes. Financial risk is one of the most common casualties.
A Benjamins Hedge
Financial Risks—when mentioned at all!—are often diluted into generic statements about “funding,” “working capital,” or “routine treasury support.” In reports supporting low-risk operating entities, this usually appears as some variation of: “The tested party bears routine financial risks, including working capital and limited credit exposure.”
This may feel useful, but does it address the ‘big dollar’ analytical questions: who actually has the authority or capacity to manage the group’s financial uncertainty, and who merely lives with the consequences of decisions made elsewhere?
Financial risk rarely confined to a single transaction, where even a simple short-term loan may be part of a wider funding or currency strategy. Capturing this in a functional analysis requires attention to cash management, credit decisions, financing structures, hedging strategies, and Treasury policies, areas that often sit outside the immediate scope of the tested transaction but can still materially influence its outcomes.
Long-time veteran financial services transfer pricing practitioner, Ivan Mullinax, who has grappled with these issues on both sides of the Atlantic, often summarizes financial risk as control of exposure: (1) who decides how much uncertainty an enterprise accepts, and (2) who has the operational and financial capacity to manage it when conditions change.
Or, when it comes to Financial Risk, who tends the garden, and who just hopes the hedges hold?
This Margin Note continues our series about non-transactional risks under the OECD’s Transfer Pricing Guidelines (TPG), which call out that Financial Risks deserve separate consideration:
“Financial risks. All risks are likely to affect a company’s financial performance, but there are specific financial risks related to the company’s ability to manage liquidity and cash flow, financial capacity, and creditworthiness. The uncertainty can be externally driven, for example by economic shock or credit crisis, but can also be internally driven through controls, investment decisions, credit terms.” (TPG 1.72)
Herein we will focus on Financial Risks and illustrate how companies and management teams may already address these risks in annual reports in ways that materially exceed the level of detail found in most Local and Master Files.
Control of Risk (What it Actually Means)
Financial Risk is distinct in one respect: it is more directly tied to the use or value of money itself rather than other risk categories we’ve discussed in Margin Notes. Unlike long-horizon infrastructure risks or evolving market trends, the impact of financial risk volatility may be felt immediately in cash flow or profits. Currency movements, credit losses, and interest rate changes can affect transactional values and balances quite quickly, but customer credit policies or commodity price hedging can be more distant.
Both the TPG (1.72) and the US Treasury Regs (§1.482-1(d)(3)(iii)) clarify that control of risks is not defined solely as an allocation made in a contract. Rather, it is about processes, conduct, and the wielding of financial resources and authority. The OECD defines control through two distinct capabilities:
The Capability to Decide: The authority to assume or decline to assume a risk exposure in the first place; and
The Capability to Respond: The authority and capacity to manage, mitigate, or absorb that risk once it materializes.
These capabilities have direct practical consequences. For example: a Financial risk called simply “Credit Risk” in the abstract is not informative. What matters is: the specificity of who decides to extend credit, who issues contacts to issue credit, and who absorbs the loss for non-collection, and whether the entity has the balance sheet capacity to do so.
Vaguely Risky (What Exactly is the Risk?)
Using generic labels such as “Credit Risk” as a proxy for specific financial risks is further exposed when public disclosures reveal something more granular. Consider this manufacturer’s annual report disclosure of credit risk:
"We are subject to concentrations of credit risk... if our customers or the financial institutions that hold our cash and short-term investments experience significant financial distress, it could impact our liquidity."
It could be tempting to simply indicate that credit risk exists, and which parties assume it (or not). The relevant question is not merely that the risk exists, but how it fits into a framework of proactive measures taken by a company. Another annual disclosure shows the limitations of shorthand labels:
"Increases in the price of commodities, such as steel, increase our costs, but decreases in commodity prices can reduce demand for our customers’ products (e.g., mining), leading to lower sales."
This is not a single ‘commodity pricing risk.’ It is a mix of input cost exposure, demand sensitivity, and pricing strategy. Stopping at a vague label hides the active mechanics: who is contributing to and making decisions about pricing, hedging policies, and demand management.
There is a real story in every company. Tell it.
Financial Capacity (The “Deep Pockets” Requirement)
A Quartet of Tender Billossoms
The TPG is unambiguous that the party bearing a financial risk must have the capacity to absorb the associated loss. It may be difficult to argue that an undercapitalized, newly-formed subsidiary can absorb the residual risk on a substantially leveraged intragroup loan. Tax authorities will examine balance sheet resilience (including the location of relevant personnel), not only contractual language. A host of public transfer pricing cases (e.g., Veritas, Amazon, Chevron Australia, BlackRock, etc.) hinge, in part, on whether the entity said to bear risk actually had the balance sheet and control to do so.
The OECD’s Three Dimensions of Financial Risk
The TPG organizes financial risk around three core analytical dimensions:
Liquidity and Cash Flow,
Financial Capacity, and
Creditworthiness.
Importantly, the OECD also distinguishes between externally-driven uncertainty (e.g., interest rate shocks, credit market dislocations, macroeconomic volatility) and internally-driven uncertainty arising from enterprise level choices about capital allocation, treasury controls, and customer credit terms.
That distinction matters. OECD’s framing makes clear that a significant portion of financial risk is internally created through strategy, policy, and governance decisions made within the group. The documentation question is simple: where?
We’ve been demonstrating how public companies routinely present risks in their annual reports with a level of detail rarely found in transfer pricing documentation. Financial risks are no exception. The examples below, drawn from Fortune 500 disclosures, align with the OECD’s three sub-categories of Financial Risks.
Liquidity & Cash Flow
Since ‘Cash is King,’ companies rarely describe liquidity as a passive condition. It is an actively managed obligation. As one company’s annual report explains:
“Our ability to meet ongoing cash requirements depends on cash generated from operations, access to capital markets, and our credit facilities. We actively manage liquidity through centralized treasury operations, cash pooling arrangements, and disciplined working capital management.”
There is no mystery here about the level of internal effort, or its importance. In another excerpt, the risk is framed as endogenous conditions which are actively planned for:
“We regularly evaluate our liquidity position under various stress scenarios, including reduced demand, supply chain disruption, and restricted access to credit markets.”
Those dynamics tend to point beyond day-to-day cash management and toward a more structural question: Who actually has the balance sheet strength to stand behind the risk? It rarely sits with a routine operating entity.
Financial Capacity & Capital Structure
Since financial structure and capacity to absorb risk are fundamental to the survival of all businesses, it’s no surprise that annual reports devote pages to the demand for capital and related controls, such as:
“Our capital allocation framework balances reinvestment in the business, acquisitions, shareholder returns, and maintaining a strong investment-grade credit profile.”
And,
"The high cost of constructing and equipping new fabrication facilities... involves significant risks, as we must commit to these expenditures years before we know if the products will have market demand."
Very specific internal reasons may also be found:
“Decisions regarding leverage, share repurchases, and long-term investment are overseen by senior management and the Board, with the objective of preserving financial flexibility across economic cycles.”
And once the foundational capital structure is established and documented, further elaboration becomes harder to ignore.
Creditworthiness & Access to Capital
If cash is king, then next in line to the throne must be creditworthiness, the affordability of obtaining cash from investors or creditors. Unsurprisingly, creditworthiness is well-represented in annual reports:
“A downgrade in our credit ratings could increase borrowing costs, restrict access to capital markets, and limit our ability to execute our business strategy.”
And,
"Our ability to obtain funding on favorable terms is subject to volatility in the capital markets and our credit ratings... any downgrade in our credit ratings could increase our borrowing costs and limit our access to capital."
Viewed as a group-level strategic asset, rather than a local attribute, it’s easier to position the relative importance of creditworthiness, as well as which party manages it.
MariGold Standards in Crystal
A Little Round Up & Closing the Gate
Typical documentation might say the tested party bears “routine financial risks.” But annual reports tell a far grander story—one about centralized decision-making, structured governance, and enterprise-level control over liquidity, capital, and credit.
The gap is not missing information. It is where we choose to look.
A simple shift in functional analysis framing can help close much of the gap, and lower the risk that tax authorities jump to incorrect conclusions. Instead of asking what risks attach to the transaction, consider asking:
Who created the exposure?
Who manages it?
Who has the capacity to absorb it?
These answers are rarely to be found at the level of a routine, tested party. They sit with treasury teams, executive committees, and on balance sheets that actually carry the weight of the financial outcomes.
And once you start following those threads, another boundary becomes visible. Not all risks originate within funding structures, credit policies, or capital decisions.
Some arrive from outside the hedge entirely.
In the Next — and Final — Margin Note in the Riskier Business series, we turn to Social, Environmental, and Hazard Risks. These represent the kinds of risks that companies increasingly disclose in annual reports, but that rarely appear in transfer pricing documentation at all. We will also propose a pragmatic solution to covering more in your risk narrative.
