Importance of Chief Risk Officer

Enterprise risk management (ERM) is an architecture that combines the various components of governance structure, strategy, risk culture, risk framework, policies, and risk management process. ?It further binds the risk management at the top of the hierarchy at the Board level to the last employee. In this activity, the Chief Risk Officer (CRO) drives the entire ERM program like any other function head. The role of a CRO is to specialise in the subject of governance, risk management, financial expertise, market understanding, knowing the strategy, and having the ability to anticipate risks.

CRO position is one of the most effective components of a quality risk management system, which plays an important role in the decision-making process.

The development of ERM has been around for 20 years, and the role of CRO is still evolving around the globe; very little research is being performed on its effectiveness. Different global regulators are joining various strings on the development of risk culture along with defining the responsibilities of CRO to strengthen ERM.

?One of the unanswered areas regarding the CRO is the reporting structure; some authors have proven that CRO reporting to the Board provides better financial results (Aebi et al.,2012). Their findings indicate that banks in which the CRO reports directly to the board of directors performed significantly better during the financial crisis, while banks in which the CRO reports to the CEO performed significantly worse than other banks.

?·?????? The main reason for such results is the conflict of interests between the CEO and CRO when one reports to the other.

·?????? To be more specific, they emphasise that the CEOs’ main interest is to maximise growth in sales, assets, and profits—possibly both in the shareholders’ and his interest, as growth helps to maximise the value of the personal remuneration package as well as prestige and power (e.g., managerial empire building).

·?????? Hence, the assessment and treatment of risk might be a lower priority for a CEO. Their research underlines the necessity of having a CEO and CRO at the same level, ideally reporting to the board of directors.

?The second question concerns the CRO's qualification. Author Bailey (2022) analysed the CRO's supervisory and industry expertise, as well as an MBA degree and internal promotion, which are associated with higher ERM quality. He found that risk and actuarial knowledge are associated with higher return on assets, whereas financial expertise, supervisory expertise, and an MBA degree are associated with higher levels of Tobin’s Q. Broad-based CRO expertise measures are also associated with ERM quality and firm value.

?The role of the CRO is pivotal in managing risk, and the regulator is to study the gaps resulting in different crises about CRO and guide the market. No one within the business looks at risk apart from the CRO. His/her hands need strengthening.

??References

?1.????? Aebi, Vincent, Gabriele Sabato, and Markus Schmid. "Risk management, corporate governance, and bank performance in the financial crisis."?Journal of Banking & Finance?36, no. 12 (2012): 3213-3226.

2.????? Bailey, Cristina. "The relationship between chief risk officer expertise, ERM quality, and firm performance."?Journal of Accounting, Auditing & Finance?37, no. 1 (2022): 205-228.