The Rewards of a Risk Management Culture

Article excerpt

Byline: Ed Kramer

Banks are facing growing pressure from regulators to manage risk more effectively in today's financial services marketplace. In June, for example, the Office of the Comptroller of Currency, the Federal Deposit Insurance Corp., the Federal Reserve Board and the Office of Thrift Supervision finalized new joint guidance on executive compensation tied to risk.

The guidance includes a mandate for banks to provide incentives that appropriately balance risk and financial results. It also calls for banks to match effective controls with risk management and to implementsupporting corporate governance measures.

Meanwhile, the FDIC is intensifying its focus on banks' risk management methods. In a Financial Institution Letter last year that updated auditing and reporting requirements, the FDIC endorsed an enterprise risk management model promoted by the Committee of Sponsoring Organizations of the Treadway Commission.

And the OCC is taking it one step further, instructing examiners to evaluate banks' ERM systems. In testimony before the Financial Crisis Inquiry Commission in April, Comptroller of the Currency John Dugan said, "Banking and financial organizations need to substantially improve their ability to aggregate and manage similar risk exposures that take different forms in different parts of their businesses."

As regulatory scrutiny of how well banks manage enterprise risk increases, institutions can strengthen their compliance and risk programs as well as their market position with a proactive approach to ERM that includes a culture of risk management.

In addition to satisfying regulators, a comprehensive ERM program can have clear operational benefits for institutions. By effectively coordinating risk assessment efforts across departments, banks can improve efficiency, eliminate redundancies and reduce compliance costs. With a complete and timely view of risks and opportunities, banks can create value for their stakeholders.

A successful ERM program, however, requires commitment from senior managers and the board of directors. Buy-in from executive leadership includes well-defined roles for their oversight. In fact, board involvement in risk oversight is one of the Securities and Exchange Commission's new executive compensation and governance disclosure requirements for proxy statements and other public filings.

As a first step in promoting risk management transparency, senior leaders must define the institution's risk appetite, or the degree of risk the company is willing to accept when pursuing opportunities. Considerations may include financial targets, regulatory compliance and reputational effects. As the organization changes and industry and market conditions evolve, it is important for senior managers to accordingly change the bank's risk appetite.

Once that appetite has been determined, it must then be communicated to regulators, investors and other stakeholders. …