Page 32 - RMAI Bulletin July - September 2021
P. 32

RMAI BULLETIN JULY TO SEPTEMBER 2021


                 designated as ‘Chief Risk Officer’(CRO), shall  especially the CEO—find ways to connect with people
                 report to the RMCB which will be responsible for  inside and outside the organization. Once tone at the
                 selection, oversight of performance including  top is established, the CEO, Board and the CRO
                 performance appraisals and, if necessary,    continually work to reinforce and strengthen it.
                 dismissal of the CRO. The CRO, together with
                 RMCB, shall be actively engaged in monitoring  Within the board, where does responsibility for risk
                 performance relative to risk-taking and risk limit  oversight lie? In many companies, it rests with the
                 adherence                                    Board’s Audit Committee while in some others there
                                                              is an exclusive Committee dealing with Risk
             4. The CRO shall be a senior official in hierarchy with
                                                              Management.
                 equivalence no less than those at one level below
                 the WTDs/CEO. The CRO shall have the necessary
                 and adequate professional qualification /    According to the Basel III framework, financial firms
                 experience in the areas of risk management so as  should have an independent senior executive with
                 to interpret as well as articulate risk in an  distinct responsibility for the Risk Management
                 understandable manner. The CRO shall have the  function and the institution's comprehensive risk
                 ability to effectively engage the Board, RMCB and  management framework. This executive is commonly
                 management in constructive dialogue on key risk  referred to as the Chief Risk Officer (CRO). Whatever
                                                              the title, the role of the CRO should be distinct from
                 issues. The CRO will function as a secretary to the
                                                              other executive functions and business line
                 RMCB.
                                                              responsibilities, and there generally should be no "dual
             5. The risk management functionaries shall have
                                                              hatting" (COO, CFO, Chief auditor or other senior
                 direct access to the RMCB.”
                                                              management should not also serve as CRO).
             Though the document is still a draft, this has stirred a  Where the ERM (Enterprise Risk Management)
             serious debate on the issue of reporting structure of
                                                              Function reports is often a contentious issue. In some
             Risk Management team (particularly CRO). And this
                                                              organizations, the CRO, or equivalent, reports to the
             makes it a perfect background for any meaningful
                                                              CFO. But there is a distinct disadvantage to this set-up.
             thought sharing on this issue.                   The CRO is expected to challenge the CFO on financing
                                                              or securitization choices. In this set up, he or she may
             Introduction:                                    fail to challenge effectively due to his subordinate

             Wikipedia points out that the term, ‘Tone at the Top’,  position.
             originated in the field of accounting and referred to the
             transparency and integrity of the financial statements  Some organizations have responded to this challenge
             and other reporting to shareholders. The term has  with a second option, in which the CRO reports directly
             been used much more widely recently and primarily  to the CEO. This structure may help ease potential
             refers to the tone set by the Board of an organization,  conflicts between the CRO and CFO. However, this
             but it can also refer to the tone set by the Audit and/  structure may also be an imperfect solution. Given the
             or Risk committee, other Board committees as well as  CEO’s many other concerns and responsibilities, he
             by the CEO and Senior Executives.                may not have the ability to adequately address risk
                                                              issues when other strategic issues require time and
             Risk oversight is a primary Board responsibility, and in  focus. Besides, there is always a pressure on CEO to
             the evolving business and risk landscape, Directors  show Quarter wise performance, forcing him to take
             need to develop and continuously improve practices  a myopic view of the things.
             to establish a well-defined and effective oversight
             function.                                        Another alternative is that the CRO reports to the
                                                              Board of Directors, either directly or via a Board-level
             The Board sets the tone of the organization in the way  Committee. If the reporting line includes a Committee,
             it executes its responsibilities. Establishing the right  the structure typically works best when ERM is
             tone at the top is much more than a compliance   incubated under a separate Risk Committee and not
             exercise. “Tone at the top” demands that leaders—and  under the existing Audit Committee. The Audit


                                                           30
   27   28   29   30   31   32   33   34   35   36   37