The Death of the Chief Risk Officer

Since the Financial crisis, the role of the Chief Risk Officer has increasingly come under scrutiny. Regulatory demands, already evolved from Controlled Function to Senior Managers Regime, have made the CRO, a pivotal point in the organisation, responsible for governance. This is the natural consequence of the dire breakdown in corporate responsibility, especially in the pre-2008 Financial Services. But what does the future hold? Is the current incarnation of the CRO fit for purpose, or does the CRO role need to change?

Technocrat vs Business Executive

It’s a difficult question, and the answers differ depending on the maturity of an organisation’s risk model. The CRO must balance their inherent risk based ethics with the inherent need for a commercially successful organisation. A number of our clients seeking support with senior Interim Risk roles, have similar challenges. They have felt an existing or departing CRO can stifle business opportunities with a blinkered approach to governance. One client even referred to the “Black Hat” syndrome. In these cases – already three this year – we were able to assign a strong Risk Interim Professional. Their role was to ‘reset’ the 3 lines of defence model, and begin an enterprise wide process of reviewing the risk appetite of the business. Additionally, they paved the way for a permanent successor, allowing that person to come in ‘clean’, with no perceived baggage. related to a potentially difficult transformation. These are the benefits a flexible resourcing model offers – build, buy, rent.

A wider business challenge?

The future of the CRO is now considered a serious Board level challenge. A recent Deloitte report asked more than 300 C-suite and Board members from around the world to share their views. Interestingly, Chief Risk Officers were not part of the report. It noted that “nearly 9 out of 10 organisations recognize that risk management should focus on value creation—not mere risk avoidance”. In addition, 58% said in the future, CROs need to devote significantly more time to strategy, over double the number CROs currently spend.

Compounded with the need for strategy and value creation, Boards are now coming up against a shortage of strong, senior risk professionals with the right commercial attitude. As the latest EY/IIF Bank Risk Management survey reported: “banks are now firmly focused on the difficulties of operationalizing the three-lines model in a way that delivers both effective risk management and cost efficiency …… they also expect talent shortages across all three lines in areas”. This has increased the demand for Interim Transformational CROs and other senior Risk Professionals, as they bring experienced, considered, quick and effective change to organisations in transition, allowing a more considered process to appoint the permanent successor.

But what of the Regulator?

The FCA has been vigorous in its drive to ensure that the Financial Markets can never return to the pre-2008 practices, and that consumers are protected as much as possible. However, it has also recognised that for organisations to be successfully commercially viable, and ultimately benefit their staff, shareholders, members and the economy, the CRO mandate has to evolve. Recently, Jonathan Davidson, Director of Supervision for Retail and Authorisations, said at the Building Societies Conference: “My main message to you here today, is that, although change brings risk, it also brings opportunity”. He went on to encourage engagement with the regulator, saying “please maintain a two-way dialogue with us – especially if you are looking to pilot innovative products. Do consider engaging with our Innovation Hub, which can provide additional support, or consider testing your product ideas through our sandbox.”  This is backed up by the experiences of two clients in recent searches whose choice of a senior risk individual was influenced by comments from the regulator who ‘gave the nod’ to our Interim appointments because they wanted to encourage entrepreneurialism as well as governance.

Summary – the rise of a new breed of Chief Risk Officer

In summary, the CRO of tomorrow requires a wider, more strategic set of skills to fulfill the leadership role that is required. No longer will the role be solely focused on Risk downside, but one where they play a key part in the commercial success of the business. CRO’s need to shift the focus from Compliance to Customer, from Controls to Efficiency and lastly, but most importantly, from the Transactional to the Strategic. As part of this transition, businesses need to ensure they have the right people at the right time, and when gaps appear, utilise the strong Interim market across Governance, Risk and Compliance.

One of our clients, the CEO of a large Insurer, summed this sentiment up nicely: “we had a problem, but wasn’t sure what it was. It turned out to be a people issue, with old style thinking from our risk team frustrating our growth. Fortunately, the Interim that Norman Broadbent supplied us with got to grips with it quickly, made significant changes and put in place a solution – we are now on the right track”.

To find out how Norman Broadbent Interim Management may help your business or to discuss this topic further, please contact Mike Davies, Director of Norman Broadbent’s Risk Practice, for a confidential and initial conversation on: or +44 (0) 20 7484 0067