Role of a CRO

Senior Supervisors Group (SSG) had carried out a self assessment survey to analyse the 2008 debacle. Isnt it funny that one year period in the past 100 years is all set to dramatically change the way business is being done. Risk management has taken a new meaning and every organisation is taking 2008 debacle as the example to set things straight, including in firms that were once considered to be world class.

Anyway, a recent study by SSG titled “ Risk Management Lessons from the Global Banking Crisis of 2008” revealed that the role of a Chief Risk Officer (CRO) needs to be enhanced to incorporate the ever increasing responsibilities and oversight functions that he should possess. The following are some of the points mentioned in the report. Personally, everyone interested in risk management should read this report. It can be downloaded using links below.

A supplemental report is also available at the following link. This report consolidates points from various recent study into various risk management categories.

Using the above report, the following are the roles of the CRO.

“The Policy Group recommends that risk management and other critical control functions be positioned within all large integrated financial intermediaries in a way that ensures that their actions and decisions are appropriately independent of the income-producing business units and includes joint approval of key products and transactions. This would generally mean having a chief risk officer (CRO) with a direct line of responsibility to the CEO and having the CEO and the board take a highly active role in ensuring that the culture of the organization as a whole recognizes and embraces the independence of its critical control functions. Even without the direct reporting, the CRO should have a clear line of communication to the board”. (Comparable to IIF I.15, I.16.)

“While firms retain freedom to determine their internal structures, firms should strongly consider having the CRO report directly to the CEO and assign the CRO a seat on the management committee. The CRO should be engaged directly on a regular basis with a risk committee of the board of directors. Regular reporting to the full board to review risk issues and exposures is generally advisable, as well as more frequent reporting to the risk committee.”

“Chief risk officers should have a mandate to bring to the attention of both line and senior management or the board of directors, as appropriate, any situation that is of concern from a risk management perspective or that could materially violate any risk-appetite guidelines.”

“The CRO and risk management function should be a key part of analyzing the development and introduction of new products, including the extension of products into new markets. New products with risk exposure, including those for which the bank accepts contingent liquidity or credit exposure, should be explicitly approved by the risk organization.”

Other Services of Interest

  • Celebrating 1 Year of GDPR - Webinars from Riskpro

    GDPR turns ONE on 25 May 2019. On this Anniversary, lets explore what the last 12 months meant for global companies as it relates to Data Protection and Privacy. Riskpro India has organised 6 GDPR...
  • Procurement Fraud - Riskpro can help

    If you suspect procurement fraud, do contact Riskpro India and we can help to unearth the suspicious activity. Following are some of the ways in which we can help. 1. Review of onboarding...
  • GDPR - Data Privacy Trainings - Six Webinar on GDPR Anniversary - Riskpro

    GDPR turns ONE on 25 May 2019. On this Anniversary, lets explore what the last 12 months meant for global companies as it relates to Data Protection and Privacy. Riskpro India has organised 6 GDPR...
  • HIPAA Awareness Training (Mandatory) - Riskpro India

    EVENT OVERVIEW: HIPAA stands for the Health Insurance Portability and Accountability Act and is a US regulation that deals with security measures for protecting patient’s medical records. Employees...
  • SEBI's Insider Trading Amendment - Free Webinar by Riskpro India

    Another important compliance topic that kicks off today. SEBI Amendment to Insider Trading Regulations. Join us for an hour to learn the important changes and how to deal with these. Register -...
  • Sox Training

    Our sox training covers the following points. 1. What is SOX? 2. The Act and its Sponsorors. 3. The background for bringing in this act. 4. Major Sections in the Act 5. Section 404 overview 6...
  • GDPR Countdown

    Riskpro is working hard so that clients can GDPR deadline as the clock ticks away.
  • EU-US Privacy Shield for Data Transfers

    Come GDPR (General Data Protection Act) and EU-US PRivacy shield will assume more importance. Privacy Shield Overview The Privacy Shield program, which is administered by the International Trade...
  • Reduce your GDPR implementation Costs - Hire GDPR Experts in India

    Reduce cost for GDPR Compliance - Remote Consulting from India GDPR readiness assessment and implementation can be costly. And time is short. Instead of paying premium fees to local GDPR consultants...
  • Go to top