Risk Culture is defined as institution's norms and attitudes related to risk awareness, risk taking, and risk management. In PwC's globally recognised methodology, the Risk Culture is described by 6 Focus Areas. Within each Focus Area there are attributes formulated on the level of individual risk categories or processes. There are separate attributes for attitudes and norms (technical aspects of risk management).
The initiative is unique in covering all types of risks (credit, market, operational, liquidity) and related processes (stress testing, capital management).
By performing the initiative, a collection of improvement opportunities and recommendations are formulated towards reaching regulatory compliance and leading market practice. The initiative delivers targeted projects designed to implement the recommendations. It usually defines the risk management agenda for the next 1-3 years, supporting the strategic goals of the institution.
Two layers (attitudes-focused and norms-focused) define the extent to which a deep dive into the technical aspects of managing risks is performed during the assessment. The Risk Culture Assessment report aggregates information gained during each step. The report provides (i) maturity levels for each Risk Culture attribute, (ii) improvement opportunities identified, and (iii) mitigation actions formulated as recommendations (see Examples).
Risk Culture Survey
Improvement opportunities and recommendations from Assessment phase are processed to deliver the Master Roadmap – a collection of projects, grouped by focus areas (or risk categories), considering the institution's priorities, capacities, and interdependencies amongst the projects.
Master Roadmap is submitted to project Sponsor and Board of Directors for approval.
Aggregation of Recommendations in project
Grouping of projects
Design of Master Roadmap
Board of Directors approval
Implementation support in the execution of selected Risk Culture projects - project owners, objectives, deliverables, timeline defined in Phase 2.
Subject-matter experts from the area of transformational projects and Risk Management will provide the necessary capacities needed for implementation activities and their rapid acceleration.
Designing the controls identified as missing and implementing them to business as usual operations.