Governance: Risk Committees

Size: px

Start display at page:

Download "Governance: Risk Committees"

Melvin Stokes
5 years ago
Views:

1 Governance: Risk Committees Eric Holmquist Managing Director, ERM National Practice FIS Melinda Thompson SVP, Director, Operational Risk Management Rabobank NA

2 Agenda Introductions The Role of Risk Committees Committee Structure & Charters Addressing Common Challenges Final Thoughts Q & A Slide 2

3 Role of Risk Committees

4 ERM Goals and Objectives Building a risk aware culture that incorporates risk management into day to day activities Utilizing a clear framework and process for identifying and assessing risk, starting from strategy and throughout execution ERM Goals and Objectives: Ensuring a structure for establishing, communicating and enforcing compliance with risk appetite and tolerance Creating a process for monitoring key and emerging risks and being prepared with suitable response measures Ensure a timely analysis of all new, expanded or modified products or services and major strategic proposals Reporting to management and the board on risk issues To provide for the periodic independent evaluation of risk management systems and processes within the bank Slide 4

5 Risk Management Committees Slide 5

6 Risk Management Committees Board of Directors Where are we going? What happened? Audit Committee Audit Director CEO Board Risk Committee Chief Risk Officer What could happen? Compliance Officer CCO CFO CLO HR Etc. Mgmt Risk Committees How are we going to get there? Slide 6

Management and staff Operational Risk Committee

7 Risk Management Committees Board Board Risk Committee Executive Management Enterprise Risk Committee Management and staff Operational Risk Committee Information Security Compliance Committee Working Groups New Products Slide 7

8 Structure & Agenda

9 Board Risk Committee (BRC) Forwardlooking view of the enterprise Selected Board members Selected independent Board members preferably with some risk management experience Reports to BRC in order to provide independence from day-to-day operations. The CRO provides reporting & analysis on risk issues to this committee Responsible for overseeing the overall enterprise risk program, approving risk appetite and tolerance levels & monitoring risk levels within the bank Focus Membership Chairperson CRO Role Charter Board Risk Committee (BRC) Slide 9

10 Board Risk Committee (BRC) Board Risk Committee (BRC) Sample Agenda ERM risk reports Risk assessment updates ERM project task list New products New initiatives Periodic reports Vendor Management, IT, BCP/DR, Information Security, Compliance, etc. External Subject Matter Experts Annually: approve the ERM Policy & Program along with the Risk Appetite and Tolerance Statements Slide 10

11 Management Risk Committee (MRC) Forwardlooking view of the operation Executive and selected senior management Chief Risk Officer Coordinating the agenda, directing the ERM program, facilitating the enterprise risk assessment, overseeing the ERM program & its strategic objectives Responsible for overseeing execution of the enterprisewide risk management program, including strategic initiatives, emerging risk issues & risk oversight Focus Membership Chairperson CRO Role Charter Management Risk Committee (MRC) Slide 11

Board Risk Committee (BRC) Management Risk Committee (MRC) Sample Agenda Loss or other major events Risk assessment updates ERM project task list New products and services New

12 Board Risk Committee (BRC) Management Risk Committee (MRC) Sample Agenda Loss or other major events Risk assessment updates ERM project task list New products and services New initiatives Periodic reports Vendor Management, IT, BCP/DR, Information Security, Compliance, etc. External Subject Matter Experts Report preparation for BRC and BOD Other new business Slide 12

13 Risk Management Committees Use caution in combining with other committees such as Audit, ALCO, Credit, etc. These have different charters and focuses However, you should coordinate closely with other committees Avoid overlap or duplication Remember, the risk committee s role is to discuss issues, not engineer solutions That is management s job Guardians of the guardrails

14 Common Challenges

15 Common Challenges Chartered with the wrong membership, too junior Agenda is too backward looking Business reports only show what happened Majoring in the minors, trying to tackle minutia Culture: People afraid to talk, or overly critical (blame) Disconnect between stated risk appetite and actual risk taking Minutes do not reflect reality

identifying issues, not finding solutions Serves as a funnel for multiple types of

16 Keys to Success Get the membership right Avoid duplication / overlap Promote a forward looking emphasis Prioritize risk profiles and change management Focus on identifying issues, not finding solutions Serves as a funnel for multiple types of risk Minutes should be direct Always: Where are we going, and how do we feel about it?

Three Lines of Defense Eric Holmquist Managing Director FIS, ERM National Practice Leader 215.208.8775 eric.holmquist@fisglobal.

17 Three Lines of Defense Eric Holmquist Managing Director FIS, ERM National Practice Leader Melinda Thompson SVP, Director, Operational Risk Management Rabobank NA