Role of a CRO

Senior Supervisors Group (SSG) had carried out a self assessment survey to analyse the 2008 debacle. Isnt it funny that one year period in the past 100 years is all set to dramatically change the way business is being done. Risk management has taken a new meaning and every organisation is taking 2008 debacle as the example to set things straight, including in firms that were once considered to be world class.

Anyway, a recent study by SSG titled “ Risk Management Lessons from the Global Banking Crisis of 2008” revealed that the role of a Chief Risk Officer (CRO) needs to be enhanced to incorporate the ever increasing responsibilities and oversight functions that he should possess. The following are some of the points mentioned in the report. Personally, everyone interested in risk management should read this report. It can be downloaded using links below.

http://www.newyorkfed.org/newsevents/news/banking/2008/ssg_risk_mgt_doc_...

A supplemental report is also available at the following link. This report consolidates points from various recent study into various risk management categories.

http://www.occ.treas.gov/ftp/release/2009-125c.pdf

Using the above report, the following are the roles of the CRO.

“The Policy Group recommends that risk management and other critical control functions be positioned within all large integrated financial intermediaries in a way that ensures that their actions and decisions are appropriately independent of the income-producing business units and includes joint approval of key products and transactions. This would generally mean having a chief risk officer (CRO) with a direct line of responsibility to the CEO and having the CEO and the board take a highly active role in ensuring that the culture of the organization as a whole recognizes and embraces the independence of its critical control functions. Even without the direct reporting, the CRO should have a clear line of communication to the board”. (Comparable to IIF I.15, I.16.)

“While firms retain freedom to determine their internal structures, firms should strongly consider having the CRO report directly to the CEO and assign the CRO a seat on the management committee. The CRO should be engaged directly on a regular basis with a risk committee of the board of directors. Regular reporting to the full board to review risk issues and exposures is generally advisable, as well as more frequent reporting to the risk committee.”

“Chief risk officers should have a mandate to bring to the attention of both line and senior management or the board of directors, as appropriate, any situation that is of concern from a risk management perspective or that could materially violate any risk-appetite guidelines.”

“The CRO and risk management function should be a key part of analyzing the development and introduction of new products, including the extension of products into new markets. New products with risk exposure, including those for which the bank accepts contingent liquidity or credit exposure, should be explicitly approved by the risk organization.”

Other Services of Interest

  • HIPAA Awareness Training (Mandatory) - Riskpro India

    EVENT OVERVIEW: HIPAA stands for the Health Insurance Portability and Accountability Act and is a US regulation that deals with security measures for protecting patient’s medical records. Employees...
  • SEBI's Insider Trading Amendment - Free Webinar by Riskpro India

    Another important compliance topic that kicks off today. SEBI Amendment to Insider Trading Regulations. Join us for an hour to learn the important changes and how to deal with these. Register -...
  • Sox Training

    Our sox training covers the following points. 1. What is SOX? 2. The Act and its Sponsorors. 3. The background for bringing in this act. 4. Major Sections in the Act 5. Section 404 overview 6...
  • EUC Risks : Manage Spreadsheet risks - Riskpro India

    EVENT OVERVIEW Uncontrolled and untested spreadsheet models pose significant business risks. These risks include: lost revenue and profits; mispricing and poor decision making due to prevalent but...
  • 1 Day AML Training by Riskpro India - Mumbai

    Training event in Bangalore on Anti Money Laundering (AML) and KYC “Are we doing enough to protect integrity of Indian financial sector?” Banks face growing costs to comply with AML requirements...
  • Risk Management Software - Riskpro India's solution for Automating Risk Management

    Riskpro India finally offers small and mid enterprises a risk management tool that helps them to manage risks effectively. To request a 30 days trial, please contact info@riskpro.in Why is Risk...
  • EU-US Privacy Shield for Data Transfers

    Come GDPR (General Data Protection Act) and EU-US PRivacy shield will assume more importance. Privacy Shield Overview The Privacy Shield program, which is administered by the International Trade...
  • Reduce your GDPR implementation Costs - Hire GDPR Experts in India

    Reduce cost for GDPR Compliance - Remote Consulting from India GDPR readiness assessment and implementation can be costly. And time is short. Instead of paying premium fees to local GDPR consultants...
  • Riskpro India on top of Emerging Risks that bother you

    Riskpro India is well positioned to offer advisory services for emerging risks such as Data Protection (GDPR), information security, assurance services such as Third party risk management, internal...
  • Go to top