Riskier Business – Beyond Market & Transactional Risks
Understanding risks (e.g., financial, commercial) is so fundamental to conducting a thorough transfer pricing analysis that the OECD Transfer Pricing Guidelines (TPG) devotes more than 20 pages to the topic in Chapter 1 alone. Despite this, the risks narrative of many transfer pricing reports focuses disproportionately on discrete transactional risks (e.g., FX, credit & collections, inventory, etc.) and then casually collapses the broad spectrum of all other existing business risks into a single category — ‘Market Risk’ — depicted as little more than sales volatility. This pattern is especially common in reports that document low-risk and otherwise ‘routine’ intercompany activities.
This approach usually serves the purpose of generating a quick (and inexpensive) report that appears to check the required transfer pricing boxes. Transactional risks are numerous and often easy to describe and even quantify. But this narrow focus may disregard vital elements that can demonstrate why a tested party is considered low-risk in the first place. Often, you may find that that risks your business considers most critical have been overlooked entirely.
In addition to being unhelpful, this approach is certainly not what the OECD and member Tax Authorities had in mind.
This Margin Note kicks off a series focused on Non-Transactional business risks as outlined in the OECD Transfer Pricing Guidelines (TPG). The TPG presents five different categories of risks for consideration when delineating a controlled transaction. We will explore the ‘Interesting’ risks—the risks that simultaneously tend to be the most consequential and the least measurable—which are also the risks commonly left underdeveloped in Local and Master Files. We will also consider some examples for how they can be identified and incorporated into your documentation.
The OECD Risk Framework
The TPG (1.72) acknowledges that it is neither possible to fashion a comprehensive list of risks, nor to impose a hierarchy among them. (Additionally, there are reported to have been no volunteers to conduct such a survey...) Nonetheless, the TPG does identify five general categories to ensure, “…that a transfer pricing analysis considers the range of risks likely to arise from the commercial or financial relations of the associated enterprises, and from the context in which those relations take place.” These are as follows:
A) Strategic Risks or Marketplace Risks,
B) Infrastructure or Operational Risks,
C) Financial Risks,
D) Transactional Risks, and
E) Hazard Risks.
Local files often emphasize Transaction Risks over the others, whereas the TPG presents Transactional Risks with the least fanfare and flourish of the lot. One could readily interpret what is barely a full sentence of elaboration as a polite bureaucratic yawn.
Another interesting contrast is found in the TPG’s (1.72) guidance that,
“Risks which are vaguely described or undifferentiated will not serve the purposes of a transfer pricing analysis seeking to delineate the actual transaction and the actual allocation of risk between the parties.”
In contrast to generic portrayals of ‘Market Risks’ found in basic documentation packages, it is clear that the OECD is looking for more than an throw-away statement that Market Risks are mysterious, and when they are encountered, they principally make sales go down (or up).
Strategic Risks or Marketplace Risks
The TPG defines these risks as,
“…largely external risks caused by the economic environment, political and regulatory events, competition, technological advance, or social and environmental changes. The assessment of such uncertainties may define the products and markets the company decides to target, and the capabilities it requires, including investment in intangibles and tangible assets, as well as in the talent of its human capital. There is considerable potential downside, but the upside is also considerable if the company identifies correctly the impact of external risks, and differentiates its products and secures and continues to protect competitive advantage. Examples of such risks may include marketplace trends, new geographical markets, and concentration of development investment.”
This is immediately a far broader scope, and it rebuts an argument that ‘Market Risk’ is actually the same as ‘Marketplace Risk’
Reacting to this more robust framing of business risks requires establishing a clear connection between potential movements in future profitability and Management’s ability to plan for and navigate drivers of market volatility. It is also better to telegraph key risks in advance, rather than having to develop a story ‘whole cloth’ for post hoc justification of a sudden (and unfavorable!) shift in profitability.
What is often overlooked is Management teams already address these risks every year in their annual reports and Board presentations. So the problem of developing this narrative is likely not an absence of information!
Where Strategic or Marketplace Risk Language May Be Hiding
Where does this language come from? How does one avoid needing to schedule a C-level functional analysis interview? If you are a public company—and most everyone has public company competitors in the same market environment—those business leaders have already spoken their minds in the annual report, particularly those listed in the U.S. markets.
Where you are at a public company, being aware of Management’s guidance on key business risks is wise since tax authorities can easily find public filings. Incorporating relevant elements when drafting your documentation not only will save time but will mesh the transfer pricing with corporate history.
Below are examples for each of the sub-categories taken from the annual reports of large US public companies. (Specific 10-ks are purposefully not cited for anonymity.) Of course, the language may be abstracted by degrees from the narrow context of a specific tested transaction, but nominal knowledge of the associated activities should make it possible to further develop the necessary narrative connective tissue.
Economic Environment:
Public companies often describe macroeconomic exposure as an actively managed strategic condition or ‘state of play,’ rather than economic background noise affecting entrepreneurial profitability. Consider this annual report excerpt which elevates management of economic conditions into formal governance structures:
“Economic conditions (such as …) are assessed as part of our enterprise risk management program, with senior management and the Board taking an active role in our risk management process.”
Elsewhere, in another annual report, specific macroeconomic uncertainties are detailed:
“The weakening of foreign currencies relative to the U.S. dollar adversely affects… net sales and gross margins… To protect against foreign exchange rate risk, the Company may use derivative instruments, offset exposures, or adjust local currency pricing… however, the Company may choose not to hedge certain exposures.”
Viewed through this lens, macroeconomic risks are identified, monitored, and mitigated (selectively) through specific actions and with specific personnel. They are not merely absorbed—or not absorbed—mechanically by routine operating entities, and the functional analysis should consider which entities are capable of managing or bearing these risks.
Political and Regulatory Events:
Political and Regulatory changes are frequently framed as a driver of investment decisions, rather than just a compliance cost. Consider the following excerpt:
“The changing political and regulatory environment in certain jurisdictions… has required us to open new data centers in those jurisdictions. Operating new data centers… may expose us to increased operational complexity and additional regulatory risks associated with compliance requirements.”
Growth strategy is often explicitly tied to regulatory volatility:
“Growth in new geographies… can expose the Company to volatile economic, political, and regulatory risks that may negatively impact operations and the ability to achieve growth strategy… integration risks may require significant management resources.”
Both annual report excerpts describe how regulatory changes influence managements’ decisions about where to invest, how to structure operations, or whether to expand at all. The strategic and enterprise-level aspects of these risks may change substantially from one year to the next so management will likely revisit regularly.
Competition:
Competitive risk is rarely described in annual reports as simple pricing pressure. Instead, it is framed as a dynamic condition shaped by market structure, distribution channels, and evolving business models:
“We face competition … and expect competition to persist and intensify. … smaller local companies … may use the internet or mobile internet to offer services quickly … may pressure us to reduce (service) fees or increase spending.”
Competition is also increasingly described within ecosystems, where counterparties may simultaneously operate as partners and also as rivals:
“The partners we rely on … may compete with us, which could harm our results of operations… our ability to refinance depends on prevailing economic and competitive conditions.”
These disclosures treat competitive risk as strategic positioning and response—choices about pricing architecture, investment levels, channels, and partnerships—rather than as the routine execution of individual transactions.
Technological Advance:
Technological change is often described as a source of risk tied to asset deployment, product cycles, and planning horizons, rather than abstract innovation uncertainty. For example:
“If we fail to adapt and respond effectively to rapidly changing technology, evolving industry standards and changing business needs… our systems may become less competitive.”
In other cases, technology risk is explicitly linked to tangible balance-sheet exposure:
“Inventory management remains an area of focus as we balance the need to maintain strategic inventory levels… against the risk of inventory obsolescence because of rapidly changing technology and customer requirements.”
These passages frame technological advance as a risk that requires anticipation, investment, and trade-offs, with upside and downside borne by those deciding when and how to commit resources—not by routine entities merely executing established processes.
Social & Environmental Changes:
Social and environmental changes are increasingly articulated as a market-shaping forces that affect both demand and the ability to recover costs. On the social side, companies highlight shifts in consumer expectations and brand perception:
“Changes in consumer preferences and failure to maintain favorable consumer perception of our brands and products could negatively impact our business… prolonged negative perceptions or failure to satisfy consumer preferences could materially and adversely affect our business, financial condition, and results of operations.”
Environmental change is similarly framed in strategic terms, particularly where regulation constrains pricing flexibility:
“Climate change and climate change legislation or regulations may adversely affect our business… future laws or regulations restricting GHG emissions would likely have a negative impact… and… we may not be able to recover any increased operating costs… while maintaining competitive pricing.”
Both types of disclosures reflect external forces that shape markets, influence long-term planning, and constrain managerial options—again reinforcing their classification as strategic or marketplace risks.
Incorporating ‘Interesting’ Risks
You may observe that NONE of these ‘interesting’ and ‘new’ risks have anything to with the low-risk, controlled transaction that is the subject of your report. Believe it or not, that may actually be the point. That transaction is not ‘low-risk’ just because it is deemed so in the title of the intercompany agreement, and because the tested party earns a fixed margin or markup. Rather, it’s low-risk because NONE of the risks that keep senior management up at night are genuinely at stake for the tested party in the controlled transaction. And if this isn’t developed in your documentation, how do you demonstrate that executives are not actually up at night worrying about generally minor troubles, such as intercompany currency exposures or which balance sheet carries certain slow-moving inventory?
In Summary
The goal is not to turn every transfer pricing risk analysis into an enterprise-grade risk registry. It is to demonstrate a certain proportionality: the tested party is low-risk precisely because it is insulated (not simply via TP method) from these strategic, enterprise-grade forces that drive the business’s real upside and downside. Documentation that makes this distinction evident—while drawing on management’s own public statements, where appropriate—achieves far more than by completing a template built around ambiguous boilerplate. It makes the risk narrative markedly more defensible.
Stay tuned the next instalment of this Margin Note series: “Riskier Business – Infrastructure & Operational Risks.”
