Risk

Never before has the role of the Chief Risk Officer (CRO) and the risk management function been so important or so central to good business management. The recent credit crisis has served to highlight the fundamental importance of the management of risk, and with risk the management of capital.

Many institutions are now redefining the role of risk management, as are many regulators. Whilst the role can be complex and varied PricewaterhouseCoopers believes the role of the CRO and the risk management function to be as follows;

Firstly, it is a ‘second line of defence’ activity and should be clearly differentiated from the first line management activities in both the risk and capital areas. Overlap in this respect simply leads to confusion of role and potential conflicts of interest. It also needs to be clearly distinguished from ‘third line of defence’ audit activities.

The overall role of the CRO is that of a champion, mentor, aggregator and challenger.
Champion of good risk management practices and behaviours throughout the organisation.

Mentor to management about the meaning of and benefits of risk management and its practical application.

Aggregator of risk management information across all risk categories and across and across the entire business to ensure that a comprehensive view of the combined impact of risks being taken.

Challenger of management actions, decisions and strategies based around good quality risk data in the context of risk appetite and future developments of the organisation and external business environment (i.e. scenario planning). The purpose being to support the development and success of the business by acting as independent counsel to provide an additional level of balance and check into the executive decision making.

In order to be successful, we believe there are four key attributes to the successful CRO and risk management function, these are shown in the below diagram.