Are you need IT Support Engineer? Free Consultant

A Chief Risk Officer’s (CRO) Role in an  Increasingly Changing Global Risk  Landscape 

  • By vt3a2
  • January 27, 2022
  • 445 Views

Risk has evolved and grown along with the complexity of institutions. Large global  banks as well as small institutions need to understand how risks are interrelated and  how a failure in one part of the bank can impact the enterprise. It is the role of the chief  risk officer to oversee a risk organization that takes an integrated approach and an  enterprise-wide perspective. 

CROs are invaluable for building resilient and risk-aware cultures. They know how to  identify, prioritize, and mitigate emerging risks and more importantly, how to build an  organization that factors risk into every decision. One of the main differentiators in  resilient organizations is that the business of managing risk is considered everyone’s job.  With everyone on the lookout for emerging risks and changing conditions, it’s easier to  catch issues early. A CRO’s leadership is instrumental in building a culture that spots and 

responds to early warning signs before they expand into exponentially greater  problems. 

The CRO takes a higher-level approach than the chief security officer (CSO), who is  tasked with overseeing the physical and/or cybersecurity of an organization. The CRO  looks at all aspects of risk and how it may affect an organization. This includes physical  security and cybersecurity, but also may include financial, insurance, reputational and  other risks. 

Risk is divided into two main categories: financial and non-financial.The management of  financial risks includes credit, market and liquidity risk. These are a risk officer’s bread  and butter. Now risk officers also have to cover non-financial risks. These include  responsibility for operational, cyber, climate, conduct, compliance, regulatory,  reputational, human resources, business disruption, projects, security and financial crime  risks among many others. They also decide how much risk a bank is willing to take i.e,  what is the bank’s tolerance for risk, and is a particular project inside or outside that  range? 

COVID-19 has accelerated the need to ensure that risk functions are flexible, agile and  adaptable but this trend was well under way before the crisis began, and will outlast it.  Digital and data analytics are fundamental in allowing organizations to react to more  stringent regulatory requirements without incurring excessive personnel spending and  chief risk officers need to be sufficiently ‘digitally fluent’ to understand the options  available to them. 

CROs should, for example should be able to: 

  • Move artificial intelligence and machine learning (AI/ML) to the core of everyday  processes such as AML and Know Your Customer (KYC) requirements thereby reducing  the overwhelming headcount burden that these processes can pose to organizations. 
  • Fully leverage the cloud in risk infrastructure to reduce costs and increase flexibility  allowing new systems and technologies to be much more readily adopted in the future. Deploy advanced analytics techniques to analyze risk across an organization providing  executive teams and board with full data-driven risk models, scenario planning and  predictive modelling that will enable better decisions on allocation of resources. Bring modern data management practices to risk allowing a much more regulator friendly central source of data on risk factors. 

In today’s global business environment, risk management must be aligned to business  strategy. As companies continue to shift their business models, strategies change and  risk management becomes even more important. A company must find the right  balance between risk resiliency and risk agility. As the financial industry is becoming 

increasingly more digital and is using more and more technologies like AI, blockchain,  big data, RPA etc., it is critical for CROs and risk management functions to understand  technology and to be able to identify and assess the risks and implications related to  these technologies. 

Furthermore, as financial services institutions become increasingly complex with  additional emphasis on efficiency, risk management functions will need to gradually  move towards adopting new technologies in their day-to-day activities. This could  include incorporating AI and big data in forecasting and stress testing processes, using  RPA to automate repetitive tasks (e.g. reporting), making use of cloud and edge  computing concepts and better using already existing risk management tools. 

Risk management has traditionally been focused more on constraining the business by  setting limits and monitoring and reporting risk exposure. In modern risk management,  financial institutions should ensure that the risk management function focuses less on  constraining the business and more on enabling the business to develop and execute a  strategy that is aligned to stakeholder expectations with regards to risk and return. 

The objective is not to have the CRO and the risk management function running the  business, but rather to make sure that risks the business is or could be facing are  properly identified and taken into consideration when taking business decisions. In  order to ensure that the risk management function focuses more on supporting the  business in the development and execution of its strategy, financial institutions should  ensure that CROs have a seat at the “decision making table” (i.e. the Executive  Committee or similar) and have easy and quick access to the Board of Directors and/or  the Risk Committee of the Board of Directors. 

As the global industry deals with emerging challenges, e.g. COVID 19, ESG and  geopolitical instability, CROs and their risk management functions will need to  significantly enhance their ability to spot future trends in risk exposure. They should  incorporate more external data in their reporting and analysis and broaden the scope of  data collection to include aspects such as environmental and social impact, geopolitical  exposure, risk interconnectedness and public image. 

Organisations should also make better use of their own internal data. By employing new  technologies such as cloud computing and data processing techniques, financial  services institutions should increase the scope of data that they collect and use this to  identify trends and future risk exposure. 

In a rapidly changing world, it is also fundamentally important for CROs and risk  management functions to stay ahead of the curve and understand emerging risks and 

trends. The use of forward looking risk indicators can help to ensure that institutions  have a good understanding of the risks to their business. 

Contrary to traditional CRO profiles, modern CROs will need to have a very broad range  of skills, e.g. knowledge of emerging risks and IT concepts, awareness of geopolitical  trends, deep understanding of strategy. In addition to this, CROs will only be effective in  implementing the right risk management framework within an organisation if they are  supported by a set of resources that have the appropriate technical knowledge and  mindset. 

Ensuring that a business stays relevant in rapidly changing times requires constant  evolution in business strategy, but also in the way that it identifies and monitors risk  exposure. The CRO is at the front line of this analysis and consequently must continually  evolve to meet current and future trends. CROs must also take note of broader social  movements and public perception relating to the transition to a low-carbon economy,  as well as new challenges such as the surge in activity in digital currencies.

Leave a Reply

Your email address will not be published. Required fields are marked *