Elements of Risk Management

It can be argued that risk management and compliance in banks became a mathematical exercise which for all practical purposes ignored human nature. We have, hopefully, now learned that risk management is just as much an art as a science. For the CRO of a financial institution, the most important things now are culture and its related risks.

Effective risk management comprises the following.

* Understanding the control environment, including the competence of the board and staff, the culture, key motivators and the ethical climate.

* Understanding the company’s strategy and purpose and the associated risks.

* Understanding of the business model, the value drivers, the systems and their associated risks.

* Balancing risk against reward.

* Efficient business processes, including management and financial reporting systems.

* Compliance with relevant requirements.

* An appreciation that risk management is not about managing individual risks, but about understanding patterns of risk and how they are interrelated.

* Understanding all the significant risks threatening, or potentially threatening the company, including those which might kill it.

* The board and the company’s attitude to risk and their willingness to accept it.

* The ability to manage risks so they are within limits of acceptability.

* A process of feedback involving monitoring and learning, so that strategic and other key decisions are taken only where the risks are understood and acceptable.

* In any complex large organisation, an independent assurance function that gives objective assurance, to the board or the non-executive directors, on each of the above elements.

* The board having ownership of, and strong commitment to, risk management, including a clear understanding of the above elements.

A holistic understanding of risk is essential. If we liken a company to a 50-floor building, it is important that risk is considered at each floor. The best view of risk will probably be gained from the top floor or the roof, but problems could also exist below ground. Other risks can arise from activities on each of the floors. It is important to know who and what you let into the building. It follows that risk should considered across the whole organisation and taking into account its place in the environment. Scenario planning of risk is highly desirable.

Source  Risk and reward: tempering the pursuit of profit by ACCA


About surenraj

“Views expressed are my own”
This entry was posted in Governance and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s