In our previous article about strategic risk management, Crowe risk management specialists introduced three fictional risk management leaders – Edward, Jeanine, and Pierre – and described their unique circumstances along with their dreams for a better approach to financial services risk management.
Crowe specialists can help your teams transition to a business-empowered risk management approach.
The journey to strategic risk management
In this infographic, the same Crowe specialists take Edward, Jeanine, and Pierre further along their journey to a business-enabled risk management approach and a seat at the organization’s strategic table.
Get infographic transcript
Choose your adventurer
Some risk leaders have longer journeys than others, but the goal for each is the same.
Edward
Edward has a huge risk management to-do list and never enough time. He struggles to find talent to fill key roles. All his time is spent on solving urgent problems. Edward needs to find his footing so he can begin thinking strategically.
Jeanine
Jeanine inherited a risk management program that’s over-engineered and too complicated. The overgrowth of roles and processes obscure a strategic through-line. More than anything, she needs a breath of fresh air and an opportunity to simplify.
Pierre
Pierre’s risk teams are highly competent, but they handle too much. His organization sees little coordination between first- and second-line teams, which means strategy and communication suffer. Now, Pierre needs to bring business and risk teams together in collaboration.
Desert of Scarce Resources
- EDWARD STARTS HERE
- Assess
- Collaborates with the first line to identify important risks related to products and services and develop shared language
- Integrates risk management into products, services, and processes instead of operating within a rigid line-of-business structure
Maze of Complexity
- JEANINE STARTS HERE
- Align
- Works with leadership to implement a proactive, right-sized risk management approach that’s aligned to risk appetite
- Communicates with stakeholders to identify and remove unnecessary tasks that don’t affect risk exposure
Forest of Unclear Communication
- PIERRE STARTS HERE
- Reorient
- Adjusts tone from “the second line does it all” to emphasize first-line responsibility; smooths transition via change management
- Identifies which risk management activities might be handled by business teams so risk teams can shift to advisory and governance
- Shifts to a first-line perspective and talks about risk management using business-oriented language
- Harmonize
- Moves many risk management activities into the first line so that the second line can focus on governance and risk oversight
- Aligns business and risk management teams through standard hierarchies and taxonomies for risk and controls
- Refines taxonomies and risk assessments for consistency across risk areas and throughout the organization
Road to Strategy
- Document
- Captures and communicates information in terms that are meaningful to the first line
- Blends business data with governance data so the organization can evaluate risk management costs versus opportunity costs
- Assess
- Identifies concentrations of risk to allocate governance resources and address hot spots
- Moves toward assessing risk based on change instead of fixed intervals
- Report
- Implements technology that allows business and risk teams to monitor and react to data in real time
- Integrates tools and technologies to push and pull data efficiently and without manual manipulation
- Respond
- Responds quickly and with sharp focus when risk threshold or appetite is breached
- Manages issues in accordance with a robust issues management program
- Applies deep understanding of the business and risk landscape to advise business teams on growth strategies
Success!
With risk management tasks shifted to the business while your risk teams provide guidance in business-oriented terms, you can serve as a strategic resource for your organization and help drive innovation, growth, and business value.
Every great risk management journey begins with a vision for the right result.
As you embark on your strategic risk management quest, have you considered the foundational elements that a successful risk management framework includes? The right strategic risk management framework accounts for and addresses:
- Risk appetite. Risk management should align to the overall level and types of risk the board and management are willing to assume to achieve strategic objectives and advance the business plan. The organization’s risk appetite needs to remain consistent with applicable capital, liquidity, and regulatory requirements.
- Governance and oversight. At the highest level, oversight should come from the organization’s board of directors. Oversight should create and maintain clear lines of risk management accountability and a structured escalation process for key risk information.
- Organization and structure. Risk organization and structure should create checks and balances in an adaptive risk management framework. Effective lines of defense should carry the expertise and organizational standing to deliver critical insight and sustain credible challenges.
- Data and aggregation. Safe and sound governance and risk management activities depend on robust, secure, and reliable risk measurement and reporting capabilities. These capabilities include cross-organizational, comprehensive risk reporting and a data governance program for the systems and processes that capture and aggregate risk data.
- Risk processes. In an effective framework, strategy needs to translate to processes. The primary goal for programs and processes should be to make sure that adequate controls and risk considerations become fully incorporated into day-to-day business activities throughout the organization.
- Risk culture. Culture follows the tone from the top, so the board and executive management need to establish and communicate the organization’s risk management values and expectations. Employees at all levels should feel empowered to speak up and talk openly about risk considerations.
Knowing these elements of a successful framework can help you avoid detours and stay on a path toward a more holistic risk management approach and a more confident, risk-informed business line.
Crowe specialists can help risk management teams claim a seat at the table.
We’ve guided a range of banks and financial services companies on the journey to realize a strategic, highly efficient strategic risk management framework based on shared language and responsibility between the first and second lines.
Contact us and let’s start the journey together, today.
Crowe banking risk management and enterprise risk management specialists have the deep skillsets, resources, knowledge, and perspectives to help your organization build a fundamentally different and more holistic approach to risk management.
The names, businesses, situations, events, and incidents are the creations of the author's imagination and are being presented for demonstration purposes only. Any resemblance to actual companies, persons, living or dead, or actual events is purely coincidental.