The journey to strategic risk management

Ryan C. Luttenton, Clayton J. Mitchell, Gayle Woodbury
4/17/2023
The journey to strategic risk management

In our previous article about strategic risk management, Crowe risk management specialists introduced three fictional risk management leaders – Edward, Jeanine, and Pierre – and described their unique circumstances along with their dreams for a better approach to financial services risk management.

Crowe specialists can help your teams transition to a business-empowered risk management approach. 

The journey to strategic risk management

In this infographic, the same Crowe specialists take Edward, Jeanine, and Pierre further along their journey to a business-enabled risk management approach and a seat at the organization’s strategic table.

Download the infographic

The journey to strategic risk management
Get infographic transcript

Every great risk management journey begins with a vision for the right result.

Every great risk management journey begins with a vision for the right result

As you embark on your strategic risk management quest, have you considered the foundational elements that a successful risk management framework includes? The right strategic risk management framework accounts for and addresses:

  • Risk appetite. Risk management should align to the overall level and types of risk the board and management are willing to assume to achieve strategic objectives and advance the business plan. The organization’s risk appetite needs to remain consistent with applicable capital, liquidity, and regulatory requirements.
  • Governance and oversight. At the highest level, oversight should come from the organization’s board of directors. Oversight should create and maintain clear lines of risk management accountability and a structured escalation process for key risk information.
  • Organization and structure. Risk organization and structure should create checks and balances in an adaptive risk management framework. Effective lines of defense should carry the expertise and organizational standing to deliver critical insight and sustain credible challenges.
  • Data and aggregation. Safe and sound governance and risk management activities depend on robust, secure, and reliable risk measurement and reporting capabilities. These capabilities include cross-organizational, comprehensive risk reporting and a data governance program for the systems and processes that capture and aggregate risk data.
  • Risk processes. In an effective framework, strategy needs to translate to processes. The primary goal for programs and processes should be to make sure that adequate controls and risk considerations become fully incorporated into day-to-day business activities throughout the organization.
  • Risk culture. Culture follows the tone from the top, so the board and executive management need to establish and communicate the organization’s risk management values and expectations. Employees at all levels should feel empowered to speak up and talk openly about risk considerations.

Knowing these elements of a successful framework can help you avoid detours and stay on a path toward a more holistic risk management approach and a more confident, risk-informed business line.

Crowe specialists can help risk management teams claim a seat at the table. 

We’ve guided a range of banks and financial services companies on the journey to realize a strategic, highly efficient strategic risk management framework based on shared language and responsibility between the first and second lines.

Contact us and let’s start the journey together, today.

Crowe banking risk management and enterprise risk management specialists have the deep skillsets, resources, knowledge, and perspectives to help your organization build a fundamentally different and more holistic approach to risk management.

Ryan Luttenton
Ryan C. Luttenton
Partner, Financial Services Consulting
Clayton J. Mitchell
Clayton J. Mitchell
Principal, AI Governance
Gayle Woodbury
Gayle Woodbury
Principal, Integrated Risk Management Leader

The names, businesses, situations, events, and incidents are the creations of the author's imagination and are being presented for demonstration purposes only. Any resemblance to actual companies, persons, living or dead, or actual events is purely coincidental.