Chief risk officers at crunch time: Compliance champions or business partners?

Abstract

New regulatory requirements have raised the bar on compliance and significantly expanded the remit of risk management departments in financial institutions. The compliance imperative requires banks to implement a firm-wide risk management framework complete with analytical models for the measurement and control of quantifiable risks. In addition, recent corporate governance guidelines advocate the ‘business partner’ role of risk management, considering it a high-level strategic activity, contributing to board-level decisions, planning and performance management. This requires senior risk officers to understand and communicate key strategic uncertainties to senior management and the business lines. This paper assesses the roles of risk functions and, in particular, senior risk officers in 15 international banks. The research, carried out between June 2006 and June 2007, offers a snapshot of the state of risk management before the liquidity and credit crunch became apparent in the second half of 2007. The findings suggest that the role of chief risk officers (CROs) had expanded dramatically, with more than half of them frequently involved in firm-level strategic decisions. In the majority of these banks, however, various compliance and risk modelling initiatives were still works-inprogress at the onset of the market turmoil. CROs voiced divergent views on the uses, benefits and limitations of risk models, suggesting that they promoted different ‘calculative cultures’ (‘quantitative enthusiasm’ versus ‘quantitative scepticism’). Fostering alternative calculative cultures, strategically involved CROs interpreted the ‘business partner’ role of their function differently. Some risk functions aspired for an influential expert voice in key business decisions, while others strived for the formal integration of risk management with performance management. The paper thus calls for a clarification of stakeholder expectations on risk management to reduce the danger of an expectations gap around particular risk management approaches that are adequate for certain banks but ill-suited for others.