There is broad agreement among financial services firms that a Chief Risk Officer (CRO) is necessary. But the officer’s role and influence varies, according to a new survey from the Professional Risk Managers’ International Assn. (PRMIA) and Capital Market Risk Advisors (CMRA).
The final results of the risk governance survey, released today, show there is disagreement over whether the CRO should have a strategic, consultative role or only a control role.
Roughly 70 percent of the respondents have a CRO, while another 15 percent have a functional equivalent with a different title. Of those, just over half – 52 percent – say their CRO has both control and strategic or consultative responsibilities, while 25 percent of CROs have only control responsibilities.
“The need for the CRO to report at a very senior level and be independent of business is well established,” the report said. The survey found 70 percent of CROs report to the Chief Executive Officer, 14 percent to the Chief Financial Officer, and 16 percent to the Chairman of the Board.
In the survey, most respondents also said they communicate to their board about market and credit risk, while just over half – 57 percent – communicate about counterparty risk.
“At no time in history has there been a greater need for companies to evaluate and strengthen risk governance,” the report said. “Financial institutions especially are reevaluating their approach to risk management, as regulators consider whether to impose new requirements. In the midst of this debate, it is important to understand the approach financial institutions are taking to risk governance, and the plans they have for the future.”
The survey included 121 financial institutions from 26 countries, and covered current risk practices, including whether they have CROs, to whom CROs report, and other information on risk management functions. Preliminary findings were that financial firms rank credit losses as their number one concern, with volatility and government inconsistency following close behind.
PRMIA is a non-profit association focused on defining and implementing risk management best practices. CMRA provides risk management advice and litigation support to financial services firms.
The survey’s preliminary findings were released July 20.
This article can also be found at

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access