User:Fpitten/sandbox

The IMPORTANCE OF THE CRO

ERM vs Silo

ERM: An ERM requires an integrated risk organization what normally means, that a centralized risk management unit has to report to the CEO and the board of directors. The Chief risk officer in an ERM is responsible for knowing and gathering information over all the different aspects within an organization. He takes a portfolio view of all types of risks within the company. In an ERM approach the use of insurance and alternative risk transfer products is only considered if the risk seemed undesirable or unwanted to the management. Integration of risk management in the whole company’s business process becomes necessary. The ERM optimizes business performance by influencing different aspects like pricing and resource allocation. There are three major benefits connected to the use of the ERM approach and the CRO as liaison: Due to the fact that a CRO and an integrated team can better manage individual risks and interdependencies between these risks, the use of an ERM leads to an increased organizational effectiveness. Apart from this fact, a better risk reporting can be reached by prioritizing the content of risk reporting that should go to the different instances like the senior management or the board of directors. A side effect of this information prioritizing is a much better transparency throughout the whole organization. Last but not least you can also reach a better overall business performance in the company. This is only possible if the risk management team uses an ERM approach and supports key management decisions like pricing, product development or Mergers and Acquisition. Given the support, there will be several benefits like increased earnings and improved shareholder value. An ERM can combine and integrate several risk silos into a firm-wide risk portfolio and can consider aspects as volatility and correlation of all risk exposures. This can lead to a maximization of the diversification’s benefits.

SILO: Under a Silo approach, risk transfer strategies are executed under a transactional or individual risk level. As an example insurance can be mentioned, which transfers out operational risk. Risk assessment and quantification processes are not integrated. Value-at-risk models are used to quantify the market risk and credit default models are used to estimate credit risk. Both specific models could be used independently, still: that it is not the case in the Silo approach. There are different effects that can be caused by this less integrative model: Over-hedging and far too much insurance cover can be a result of not incorporating all the different kinds of risk and their wide diversification. Another characteristic of the Silo approach is the continuous fighting of one crisis after another without having an integrative concept or a specific individual that can be hold responsible. No one specifically takes responsibility for aspects like the overall risk reporting or other risk-related unit supplies. Further more there is another aspect that shows a weakness of this model: Having different organizational units to address every specific risk that then first has to be segmented in the company definitely speaks for a less effective technique. In the Silo approach the different business units use various methodologies to track counterparty risks. This can become a problem, if you look at the total counterparty exposure: it can get too great to be managed by all the different business units.

Risk Champion:

After a near miss or an actual crisis managers are often alarmed and focus more on all aspect of risk during the ongoing inspection. They are looking at aspects like the compliance risk and they are reinforcing important roles for the board. All these actions often lead to the naming of a risk champion who is then responsible for developing and establishing an ERM approach. In many companies the risk champion is becoming more and more a formal senior management position: the CRO. One of the important function of a risk champion that should be mentioned is his/her support to legitimize the implementation of the risk management itself. Apart from this fact he also helps the institution follow its objectives and better site it for the future. Further more he is also responsible for communicating its benefits. Normally a risk champion should have the different characteristics like skills, knowledge and leadership qualities, necessary to handle all the different specific aspects that can occur in the process of risk management. Other aspects that should be mentioned considering the responsibilities of a risk champion is his duty to intervene in instances where risk management efforts are actually disabled. This can be caused by the management itself or a lack of institutional skills. Additional he also provides support to the whole risk management process if a problematic, complicated risk occurs. In this case he can use the multiple participant approach. Assisting the risk owner, but not assuming his or her role to help find a solution for his/her problem is also one of the many duties a risk champion has to face. In some studies the risk champion is described as some kind of troubleshooter who alleviates risk related problems. After all you can summarize that the risk champion hast to be integrated into the company’s ERM approach and by this contribute to the institution’s goals and objectives.

Why is a CRO so important in financial institutions?

There is a report of having a CRO from 93% of all financial institutions that have more complex operations. A few institutions also established a chief compliance officer position. Integrating risk and finance can lead to getting more successful results and achieving strategic goals. Due to the fact that by using both: CRO and CFO, both skill sets are brought together. This can lead to the fact that the CFO’s pressure is relieved and he can focus more on helping organizations direct their activities and find new opportunities to growth. The CEO of Zions Bancorporation, Harris Simmons once wrote that there would be an „uncontested need for an independent risk management in large banking organizations“. But in his opinion “covered companies should be allowed a measure of flexibility in determining how such an organization should be structured”. According to Thomas Stanton, author of „Why Some Firms Thrive and Others Fail“, one of the differences between a company that was successful and another one that was not successful during the financial crisis, was their „application of a constructive dialogue“. On the one hand there were the employees who were responsible for making money by selling products and financial services and on the other hand there were the ones responsible for limiting risks.

Due to the fact that bank regulators have actually encouraged banks now for a longer time to adopt an enterprise risk management approach, the need of a CRO to manage risk across the whole organization has increased. You can see a close coordination between Finance and Risk Management if you take a look at how a risk model is developed. Data of the risk model are often “created by finance” and their outcomes exert influence on the financial reporting. Here you can clearly see the interdependencies. Its no longer the case that risk and finance can be seen independent. The integration between finance and risk platforms may also relax different aspects like calculation or the integration of Data. After all it can be said, that the banking industry would rarely need this systematic approach today if it would have employed more chief risk officers before the financial crisis began.

Sources:

•

•	 •	 •	 •	 •