Articles: Chief Risk Officers - Roles and Responsibilities

  • Strengthening the Role of the Chief Risk Officer in an Organization

    February 13, 2013

    The role of chief risk officer (CRO) has been put under a microscope to understand methods and key success factors that can enhance the role. Organizations now, more than ever before, are appointing CROs to improve their risk function and better manage potential risks that could impede their strategy. To achieve that, the CRO must be placed in a position that is fundamental as well as instrumental in the decision-making and strategy-setting process. A recent Protiviti white paper provides six key critical success factors that organizations should be aware of and promote to ensure that their organization is in a better risk management position than in the past.

  • Internal Audit’s Role in Risk Management

    October 02, 2012

    Michael Somich, Executive Director of Internal Audit at Duke University, discusses with Dr. Mark Beasley his views about the role internal audit should play within an organization’s ERM process. He shares insights from his experiences of leading the launch of the ERM initiative at Duke University while also serving as the general audit executive.

  • Chief Risk Officer vs. Risk Committees

    October 02, 2012

    A major stumbling block companies run into when beginning their ERM journey is whether to have one risk champion (CRO) or have a committee that handles risk oversight. Paul Zavolta, Director of ERM at Alpha Natural Resources, tells how Alpha Natural Resources uses both and discusses the importance of having individuals in risk leadership positions who possess strong people skills in addition to their technical expertise. He also goes into how he wishes he had risk management education as a college student and how that would have helped him throughout his career.

  • Allegations of Risk Management Overrides Swirl at JPMorgan Chase

    May 15, 2012

    The turmoil surrounding recent announcements of over $2 billion in trading losses at JPMorgan Chase is now shining a spotlight on risk management failures at the bank. A front-page story in The New York Times (May 15, 2012) reveals that in the years leading up to the bank’s trading loss, risk managers and some senior investment bankers raised concerns that the bank was making increasingly large investments in complex trades, but their concerns were ignored and dismissed. Some allege that the senior executives failed to respond to concerns from internal risk officers, who were largely side-lined. This unfolding story is highlighting the critical importance of the tone at the top regarding maintaining and enforcing an appropriate risk management culture and continues to support the call for direct lines of reporting from chief risk officers to independent members of the board of directors.

  • Responding to Shifting Global Risk Trends

    March 01, 2012

    The experiences associated with natural disasters and political events that occurred in 2011 are have implications for the kinds of risks organizations may need to consider in the near future. Lessons learned from prior events help challenge boards and senior executives as they think about the need to restructure their approach to risk management and their design of responses to these types of risks, according to a recent report by PricewaterhouseCoopers (PwC), Risk in Review: Rethinking risk management for new market realities. This report is based on the results of PwC’s 15th annual Global CEO Survey, in which more than 1,000 executives and risk management leaders responded on which risks are most significant to their company and how they plan to mitigate those risks.

  • Compiling and Presenting Interview Data from Risk Interviews

    January 10, 2012

    After conducting 80-90 interviews seeking the identification of major risk exposures facing the company, David Hughes, Assistant VP of ERM and Business Continuity Planning at Hospital Corporation of America (HCA) has a massive amount of data to compile and disseminate. During our interview of David, he speaks about how HCA breaks down the top ten risks by the type of risk and by level of management who identifies a risk to be a major risk. Hughes also tells how HCA informs its board members about what the top risks that the corporation faces as a whole.

  • Finding the Right Chief Risk Officer

    April 26, 2011

    If management decides to appoint a Chief Risk Officer (CRO), the company should evaluate a variety of factors when conducting a search for the right candidates. A whitepaper issued by Protiviti lists key considerations to evaluate in selecting a CRO, such as roles and expectations, critical thinking skills, interpersonal skills, and experience. Above all, the most important consideration to evaluate in choosing a CRO is whether or not the individual will “fit” or mesh with the organization. The whitepaper also suggests questions for the board to consider when evaluating the organization’s CRO position.

  • Five Secrets to Achieve Effective Risk Management

    December 01, 2010

    A whitepaper published by Protiviti introduces five secrets to help organizations build risk management as an effective and strategic contributor to the success of their business. With the deployment of all five secrets, chief risk officers will be able to advise management when to act or pass on potential great opportunities based on the risks involved. Additionally, the organization’s culture will be aligned with the performance and risk management methodology if all five secrets are applied.

  • Intensifying Dialogue on Risk and Strategy: A Banking Perspective

    November 15, 2010

    Technologies, products, and institutions are constantly becoming more complex, which ultimately increases the risks that organizations face. During recent economic crisis, the banking industry has experienced this first-hand. This white paper provides an analysis of how banks are improving their risk governance through enhanced dialogue of risk and strategy between the Board of Directors and management. Though this white paper contains a research study conducted on the banking industry, it is still applicable to other types of organizations.

  • Guidelines for Effective Risk Oversight

    October 01, 2010

    The International Corporate Governance Network (ICGN) recently released Guidelines, designed to assess institutional investors in their evaluation of the board of directors’ effectiveness in risk oversight in organizations across the globe. The board, management, and shareholders each have distinctive roles and responsibilities over the risk management process. These guidelines assist investors in further defining these roles and responsibilities, which ultimately lead an organization to possessing a strong risk oversight program.

  • Report on the Current State of Enterprise Risk Oversight: 2nd Edition

    February 01, 2010

    This second edition report from the ERM Initiative at NC State University and the AICPA provides insight on how boards and senior management teams are responding the challenges of risk oversight in the current economic state. Increased pressures to strengthen risk oversight have pushed some management teams to implement an enterprise-wide approach to risk management while other organizations have maintained their traditional risk management procedures. The report indicates that over 76% of respondents indicated that key risks are being communicated on an ad hoc basis at management meetings, and that almost 70% noted that management does not report the entity’s top risk exposures to the board of directors. About half (48%) admit that they are “Not at All Satisfied” or are “Minimally” satisfied with the nature and extent of reporting to senior executives of key risk indicators.

  • Chief Risk Officers: Emerging Trends

    July 31, 2009

    The position of Chief Risk Officer is becoming more prominent in many industries and will likely change the skills and behavior of current risk managers. Some believe that risk managers already possess the necessary skills, while others believe that they need to become more financially literate in order to take on such a strategic position. CROs will be given many strategic and risk-related responsibilities that current risk managers do not have. Optimally, the creation of a CRO position will give risk managers something to aspire to and create a more risk-based approach during strategic decision-making.

  • Global Risk Management Survey

    June 01, 2009

    Risk management today is becoming increasingly important to the marketplace because of the financial instabilities felt by all. This turbulent atmosphere in the marketplace since the early part of 2008 has not only scrutinized the risk management practices of companies, but has proven that there is a significant need for effective risk management capabilities, which allow companies to consistently assess risk while identifying and monitoring emerging risks and reacting to them in a timely manner.

  • Financial Industry Assesses Role of Risk in Credit Crisis

    January 01, 2009

    This global survey conducted by KPMG in conjunction with the Economist Intelligence Unit in October 2008 summarizes responses from over 500 world-wide risk management senior officers in the banking industry about the role risk management played in the current economic crisis and how enterprise risk management would be used going forward. The report based on this survey highlight several themes permeating banking culture’s utilization of risk management that helped allow the current credit crisis. The report provides insights as to possible solutions, which many of the respondents are planning to or are currently taking.

  • Role of Risk Managers and Continuity Planning

    October 22, 2008

    Risk management executives have come to the realization that a cohesive corporate risk management strategy is needed in their companies. They are becoming more involved with business continuity planning and helping with preparedness, mitigation, and recovery for operations.

  • The Changing Role of the Finance Organization

    September 30, 2008

    Today’s focus on the rapid embrace of globalization initiatives has substantially increased the complexity and pace of change that risk executives face. Dealing with the volume and complexities of these uncertainties is becoming one of the most pressing strategic concerns. Responsibilities for addressing these challenges often reside with the finance organization within an enterprise, often led by the chief risk officer (CFOs). This study not only summarizes insights about the challenges CFOs face, but it also highlights best practices of finance organizations in high-performance organizations. It notes that the finance organization in most global companies is not sufficiently integrated into the businesses to promote strategy development or value creation and very few are very satisfied with the performance of the finance organization in the management of financial and non-financial risks. Masterful finance organizations identified by the study excelled in creating a shared services structure, a strategic approach to outsourcing and talent management, and the implementation of enterprise resource planning systems

  • Risk Managers Should Have Been Better Prepared

    August 07, 2008

    A risk manager at a large global bank explains how he did not expect the economy to take a turn for the worse. Since the economy was doing so well, it was always a possibility but it was thought inconceivable for the liquidity crisis to happen. This article highlights some of the difficult challenges those in risk management functions face when serving as “goal-keepers” facing internal front-line traders and bankers seeking deal approvals.

  • Risk Manager Trepidation

    June 05, 2007

    Even though some risks may involve unpredictable natural disasters, managers need to implement plans to reduce the impact such an event(s) would have on their business. Risk managers should implement and maintain successful enterprise risk management plans to give them confidence in the management of unpredictable risks.

  • ERM Progress

    June 01, 2007

    Internal Auditor recently published an article titled, Moving Forward with ERM, to provide news on recent developments in ERM and the increasingly important role that chief risk officers (CROs) play in risk management. As CROs and internal auditors work together on risk management issues, it becomes obvious that teamwork and enterprise-wide evaluation of risks is crucial. CROs, in particular, face the demands of providing a successful risk management program that effectively utilizes company resources.

  • CROs Challenged by IT Risks

    September 01, 2005

    The white paper focuses on the increasing dependency companies have on IT processes and the new challenges placed on CROs. Senior executives at various industries were asked to provide insight on digital risks and the role CROs play in tackling such risks.

  • Role of the Chief Risk Officer

    May 01, 2005

    The Chief Risk Officer (CRO) is rapidly becoming one of the most crucial members of the management team. CROs are involved with managing many types of risks faced by a business including regulatory risks, product development risks, and strategic risks.

  • Driving Need for ERM

    March 31, 2001

    Many environmental forces—such as globalization, technology, the Internet, and deregulation—have created uncertainty for twenty-first century businesses. Companies therefore have to re-think business models, core strategies and customer bases. As a result, new issues related to risk and risk management have also evolved. Now, more than ever, executives are confronted with calls for managing risk on an enterprise-wide basis. The idea of risk management is one that has become strategic, rather than defensive, as companies try to mesh risk management with business management.

  • Emergence of Chief Risk Officers

    September 01, 1997

    Many multinational organizations are implementing comprehensive risk management programs. This shift in management is being driven by several different forces. Comprehensive risk management programs aim to identify the plethora of risks faced by an organization and provide methods for mitigation. These risk management programs have lead to the emergence of the chief risk officer, who is key to managing and monitoring enterprise risk.