Governing Risk: A Top-Down Approach to Achieving Integrated Risk Management
In reaction to the business failures of the early 2000s, many large financial institutions worldwide spent in excess of $25 million on rolling out enterprise risk management (ERM) frameworks. These initiatives failed and left institutions in a deeply vulnerable position as they faced the fallout of the financial crisis. One of the most notable reasons for this large scale failure was that the lack of engagement by the Boards of Directors and executive management in risk strategies and risk functions. They were satisfied that risks were adequately measured if their organizations were compliant. Ultimately, they failed to understand and take accountability for complex risks that spanned multiple businesses lines and support functions.
In the report Governing Risk: A Top-Down Approach to Achieving Integrated Risk Management, Celent provides a risk management taxonomy and governance framework that enables institutions and their technology partners to address the myriad of risks facing financial institutions in a structured and holistic way. Such a framework will quickly pay for itself by helping institutions avoid large-scale fines and reputational damage, as well as allow management to focus on optimizing long-term value creation within the bounds dictated by the institution’s risk appetite.
To fully integrate risk management, financial institutions must take a phased approach to the different risk disciplines. Prioritization begins by creating a risk governance framework that is owned by the Board.
“A strong governance framework should provide clear and cohesive guidance, policies, procedures, controls, and communication across the organization. And, most importantly, the technology enablers (big data crunching techniques, in-memory computing and dynamic reporting) are now readily available to make the implementation of an integrated risk management program much easier,” says Joan McGowan, a senior analyst with Celent’s Banking practice and author of the report.
The report looks at best practices for integrating risk governance, conduct risk, model risk management, stress-testing, and operational risk. It addresses the regulatory challenges financial institutions face and shows how a strong compliance foundation can not only check the box, but also add value to a bank’s risk program and provide greater confidence in the organization’s ability to innovate safely.