Over the last decade, Chief Risk Officers (CROs) have become indispensable to executive teams. As traditional business models are disrupted, not least by globalisation and the march of technology, the need to manage risk appetites, develop effective risk frameworks and policies, and provide advice to boards and C-suite execs is higher than ever.
However, this same landscape of change and disruption means that the CRO role is rapidly evolving. Essentially, as technologies and business models change, so do the associated risks and responsibilities.
Key CRO trends
The ways in which the CRO role is it set to evolve in the next few years, as its importance rises, is a topic that was discussed in detail in a recent Riskonnect whitepaper titled Harnessing Risk Management. Some of the key CRO trends identified in the whitepaper include:
- As risks spread, grow and permeate all areas of business, the risk function has matured and expanded – meaning the CRO rightly no longer reports into the finance function.
- Organisations should already have a CRO in place and be modelling that role into one of leadership, coordination, and development of the risk management capability of the organisation.
- The CRO should be embedded at corporate level and work with each of the leadership teams within the business. The CRO must be at the top table and involved in all strategic decisions.
- CROs, now and in the future, should be “entirely focused on spotting threats and assessing if and how those threats affect the organisations, and whether the business has the capabilities to mitigate those threats,” explained John Ludlow, chief executive at Airmic.
- In the future, organisations will require a risk officer overseeing each business unit in each geography they operate in – the conventional risk model of three lines of defence will have to evolve to create more lines of defence. Each risk officer’s job will be to make sure the executive team are always forward looking in order to grasp the opportunities available and lessen the threats.
- CROs “need to become an enabler of effective change delivery rather than being perceived as impeding by providing challenge later in the process,” said John Shiels, CRO at Hitachi Capital UK.
- It is impossible to consider the future role of the CRO without considering technological advances. Any future CRO will need to have a keen eye on the digital risks which impact financial institutions without respite and are only set to worsen.
- “The CRO’s role must include oversight of cybersecurity elements in a digitally connected world,” explained Paul Mang, former global chief executive, analytics at Aon.
- “There must be more collaboration with both the chief information officer and chief information security officer to determine the risk profiles from new digital expansion such as cloud, automation and the internet of things,” said Mang.
More proactive risk management strategies and capabilities
The whitepaper concludes that, by 2025, chief risk officers and their teams will need to have become more proactive in their risk management strategies and capabilities in order to fend off the broadening swathe of multiple risks impacting financial institutions daily. The CRO will also have to be evolved into a more rounded, influential, business minded individual in order to persuade the executive board when to act to defend itself and when to take advantage of opportunities. Only that way will the CRO and its team ensure their worth and show how they have matured to benefit the broader business and keep their place at the top table.
More importantly, the future CRO will need to show organisations’ top teams that they are working with them rather than limiting growth in order to stay ahead of competitors and retain and build the customer bases.
Further detail on the future role of CROs can be found in Riskonnect’s Harnessing Risk Management whitepaper, which also covers how to understand risk as a competitive advantage, why companies are still struggling to build a culture of risk and five finance fines and how to avoid them. Click here to download your copy.