In the aftermath of the 2008 global financial crisis, bank boards are taking a much more active role in overseeing enterprise risk management (ERM) at their institutions. Bank directors face greater liability from shareholders and regulators, (1) more stringent regulatory and disclosure requirements, and higher expectations from key stakeholders. At the same time, banks face significant risks, including geopolitical turmoil, economic and business uncertainty, and business model challenges posed by greater regulatory constraints and costs.
Bank directors recognize the significant uncertainties they face, and recent surveys indicate that risk management has emerged as one of their top concerns. So what can bank directors do to improve risk oversight? The key levers include establishing an effective governance structure to oversee ERM, approving a risk policy that includes a risk appetite statement, and establishing reporting processes to monitor risk management effectiveness. (2)
To fulfill their fiduciary responsibility for risk oversight, however, bank boards must obtain the requisite human capital and talent. And indeed, industry observers have reported a sustained high demand for risk professionals from corporate boards and executive suites, regulatory agencies, consulting firms, and other organizations. This demand is seen across traditional and emerging sectors (3) as well as global markets. (4)
Given the growing demand for top-notch risk talent, boards should address the following key questions:
1. Which key regulatory requirements must bank directors consider as part of their risk governance and oversight?
2. What are the current industry practices in board risk governance, and which professional credentials are found at bank boards today?
3. What should the criteria and job description be for a "risk expert" at the board level?
4. To improve their risk governance, which actions should all bank boards consider taking today?
The level of regulatory scrutiny on risk management at financial institutions has never been greater. Moreover, directors and officers of failed institutions face substantial exposure to professional liability lawsuits from regulators and shareholders. Consider the following regulatory mandates faced by bank boards:
* Dodd-Frank Act. Section 165 of the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act established new requirements for risk management oversight by bank boards. This provision mandates that each publicly traded bank holding company with total consolidated assets of over $10 billion establish a risk committee of the board that includes at least one risk management expert. The risk committee of the board is responsible for "the oversight of the …