Chapter 9 - Risk oversight and corporate governance Flashcards
What is the board of directors responsible for?
Day-to-day running of the business
what are the directors responsible for?
what does nominee and shadow director mean
Responsible for ensuring the success of the business and its compliance with relevant regulations.
Not formally appointed
what is corporate governance? what does it include
mechanism needed to ensure companies continue with best interest of Shareholders
Includes - board, risk committee, audit committee, remuneration committee
what are the three lines of defense for managing risk
First line - business managers/staff own their risk
Second - risk and compliance work independently with business to advise/challenge management of risk
Third - audit function
what two things are key for good corporate behaviour
Honesty and integrity
what is the role of risk managers
Provide communication between two risk-taking groups
downwards and upwards communication
Downwards - polices, procedure’s, risk limits
Upwards - preparing risk reports that describe risk
what is the boards risk responsibilities?
- provide financial oversight
- determine company approach to risk
- installing risk culture
- monitor exposure
- identify risks
- oversee effectiveness
- ensuring company has risk process.
who does the board delegate the management of risk to?
the board delegates the management of risk to a risk committee
Risk Committee delegation for small firms and large firms
large firms - obligatory
small firms - chosen to set up a board risk committee
Types of risk committees
Larger firms/seniors - have senior or group risk committee overseeing risk management practices
Junior/divisional - focus on specific risks like credit, market, and often report to the senior/group risk committee
investment management - establish risk committees focused on fund-specific risks, while main risk committee oversees firm-wide risks
the different risk committee memberships
- Non-executive director (NED)
- Chief Risk Office (CRO)
- Chief financial officer (CFO)
- Chief investment officer (Investment management firms) - CIO
- Risk representative for parent firm
- Other non-executive directors
The risk committee functions
- ratify the key policies and procedures
- monitor effectiveness of policies
- translate overall risk appetite to firm
what is the risk management committee of the board responsible for
Independently reviewing the identification, measurement, monitoring and controlling of risk types. This includes the adequacy of policy guidelines and systems.
what is the main role of the risk committee. what can they do to improve risk focus of firm?
Recommends the firm’s overall amount of risk (appetite/tolerance) to board.
Determines financial risks aligned with the firm’s strategy
They hold strategic risk scenario identification workshops each year ti improve risk focus.
what does the regulatory oversight include for large firms and small firms?
Large firms - involves lengthy and in-depth on-site visits looking at important aspects of the way in which the firm is run.
Smaller firms - internal capital and liquidity process means regulator receives reports.
main role of the board
the board approves the firms risk appetite annually and delegates risk oversight to risk committee.
what does the chief risk officer do? Responsibilities.
- makes decisions, set business-level risk limits, approve risks in excess of limits
Responsible for
- firms risk management strategy, firms risk polices, firms infrastructure.
what does the risk committee do regarding business unit risk? what does the CRO do?
Risk committee provides detailed review and approval of each business unit’s risk limits, and delegates monitoring of these limits to CRO
The CRO may order business units, or advise fund managers.
what is the operational risk committee
Also known as controls committee.
Made up of both business and risk staff
Role = make sure that business decisions are in line with the firm’s desired risk/reward trade-offs, and that the financial and operational risks are well managed.
what is the key to a successful structure?
To ensure that committees exist to cover the risk of each ‘common area’ of the firm’s business.
what is essential rule for risk managers?
They should not take risks, or advise risks.
How to achieve risk management autonomy
Staff that takes risk should have no input to the performance appraisals, compensation, or promotions, and instead should be fearful of giving ‘bad’ news.
what is the role of risk managers?
Facilitate communication between the two risk-taking groups
Risk governance: Why does careful planning exist?
because of how a firms existing governance structure will be merged with the acquiring firm’s governance structure, and how any gaps and overlaps will be managed.
why is succession planning used?
Exists to deal with unplanned changes, such as senior managers leaving
Know the main factors determine risk and control culture: Governance and Policies
- ownership and management involvement (Senior managers and certification regime)
- staff remuneration policy
- staff appraisal policy
- risk policy
- risk functions independence
- calibre of risk personnel
- escalation and whistle blowing process
- code of conduct
Know the main factors determine risk and control culture: Risk appetite / tolerance
What is the current implicit risk appetite?
what does this include to monitor?
- understanding the firm’s current risk profile and trends
Monitor the firm’s ongoing performance against its desired risk appetite.
What does business planning tend to be driven by
what should it be driven by/ the outcome
Tends to be driven by earnings goals in a competitive environment
IT NEEDS to involve the risk management function from the beginning of the planning process, this means that targets can be tested to see how they fit with firm’s appetite, any nay potential downsides.
Know the main factors determine risk and control culture: Transparency
2015 BIS updated corporate governance principles for banks.
Principle 12 - Adequately transparent to its shareholders, depositors, and other relevant stakeholders and market participants
The principle supports public disclosure of:
- board structure
- organizational structure
- basic ownership structure
- information of incentive structure
- banks code or policy
- banks policy on conflicts of interest
why is internal transparency important
It ensures that risks can be uncovered and dealt with quickly.
The key = good and open communication, and lack of public blame
How to avoid mistakes
Maintain a robust, comprehensive database of losses and near misses, which includes cause and costs - and actions to prevent recurrence
what is blame culture
Sacking staff during the incident
what is silo effect?
Lack of communication, shared vision and knowledge flowing in organization.
what is moral hazard
how to reduce this
how firms manage
The possibility that people will behave different when protected from the effects of risks they take.
Reduce this by encouraging a climate of honesty and care
Many firms do this by defining a code of conduct
