Preparing a Road Map for Risk Management Success amidst Ec..

Show Me: Jump to:

Preparing a Road Map for Risk Management Success amidst Economic and Regulatory Change

by CCI @ 2009-06-25 Featured Article, Financial Compliance, General Interest, Risk

(This article was contributed to Corporate Compliance Insights by Mr. James Bone, formerly the Chief Compliance Officer for Fidelity Investments. Mr. Bone can be contacted via email.)


During a time of financial crisis survival is typically the priority of the day for most organizations, as well it should be. However, examples of success stories have begun to emerge through all of the dire economic news. Some banks and other institutions are surviving quite well and even thriving in this tough economic environment. The question is what has prepared these firms to do more than just survive and how are they preparing for the coming changes in regulation that may impact the future of their organization?

I offer, as an example, a family-owned regional bank in Missouri with an affiliate bank in Colorado whose assets have grown by one-third. This bank has increased loans by 40% while maintaining a nonperforming loan ratio of 0.2% compared to an average of 1.17% for similar sized banks. The bank’s revenues are up and they are expanding and taking market share while others are retrenching.

When asked how they are doing so well the Chief Executive stated, “It’s basic blocking and tackling, in my opinion, and it has paid off for us.” Why has United Missouri Bank thrived where others have not? The simple answer from the CEO is that “If conservative means [being] responsible or prudent, we are conservative.” UMB practiced strong risk management during a time when sound operating principles were not in vogue.

Much has been made of the failure of complex quantitative risk models, alternative products, and over leverage. However, all quantitative risk professionals understand the inherent weaknesses in their mathematical models. There should be no surprise that these models could not predict all possible outcomes across an unlimited risk spectrum. The worse case scenarios seem highly unlikely when the incentives for profit, bonus enhancement, and share growth take precedent. It is very difficult for the risk officer to say no when everyone else in the room wants to move forward.

What lessons can be learned in preparing a road map for significant changes in regulations, tough economic times, and competition? What are the roles of the Chief Executive, Boards of Trustees, and the Chief Compliance and Chief Risk Officers in navigating risks and opportunities facing all organizations?

Now is not the time to take a bunker style approach! Proactive steps now will pay dividends when the economy and markets recover.

Practical actions that can be taken now include:

  • Assess gaps in risk systems and analytical models, such as, liquidity risks
  • Make an object evaluation of internal controls given current resource constraints
  • Use the current market environment to hire new skills that complement existing staff
  • Communicate with customers, vendors and clients about the actions you are taking to enhance controls and evaluate their controls, as appropriate
  • Review risk and compliance policies to clarify and strengthen awareness of expectations on risk management
  • Engage senior executives on their expectations about managing risks
  • Evaluate systems resource capability to support new regulatory requirements
  • Develop budgetary flexibility to respond to rapid and unexpected change

Longer term:

The road map begins with a well defined and strategic framework for the core operating principles of the organization. These core operating principles define fiduciary responsibility, sound risk management, and prudent business practices that are consistent with the long-term viability of the firm and accrue to the benefit of all stakeholders.

The Board of Trustees and the Chief Executive Officer should be responsible and accountable for the risk profile and appetite of the firm. Risk management should not be delegated to functional staff. Just as the financial performance of the organization is the responsibility of the CEO yet managed by the Chief Financial Officer, the Chief Risk Officer should manage risk while overall risk performance is the responsibility of the Chief Executive Officer. The Board should base merit or demerits for senior management on financial as well as risk management performance.

The Chief Risk Officer, therefore, should not be a siloed C-Suite position but an active member of the corporate strategy responsible for anticipating changes in systemic and regulatory risks for the firm. Sarbanes-Oxley elevated the Chief Compliance Officer to a Board-level position responsible for managing internal controls for financial disclosure and required trustees to have audit expertise. The role of risk management should be elevated to the top of the organization with Board level ownership for risk management.

While it is too early to tell the final outcome of regulatory change or to predict the direction of economic recovery, firms like United Missouri Bank have hewed to conservative risk management practices throughout its 95-year history. This is not to say that firms should not take on risks. However, the fundamentals of conservative risk management practices — understanding who you do business with, the risks you are taking, and aligning these practices with the core principles and the long-term growth of the firm — are the basic blocking and tackling needed with so much change in the offing.

Related Articles

Related Premium Articles