The analytical CRO and the risk-aware CFO: Forging new partnerships
Thorsten Hein, Risk Business Consulting, SAS
IFRS 9 has presented many banks with an opportunity to assess the relationship between risk and finance functions. For those who have taken on the challenge of integrating these formerly siloed functions through strategic transformations, the outcome is having a positive impact on their firm’s business strategy.
Institutions that viewed IFRS 9 (and its US analog, current expected credit loss, or CECL) requirements as opportunities to improve capital allocation and optimize returns are most prepared to make finance more forward-looking.
Free white paper
This report by Chartis and SAS explores what effective risk-aware finance means, the challenges you're likely to face when creating a more risk-aware organization and how to overcome these challenges.
Joining forces to create the risk-aware organization
The impact of new analytics approaches, such as scenario-based analytics, with the right risk platform will enable the analytical CRO and the risk-aware CFO to assess scenarios relevant to their firm’s business strategy. And for the CRO, advanced analytics will help build better models more quickly to support scenario-based risk and finance analyses.
The most significant development, which is a key success factor for the analytical CRO, is to support collaborations that enable the long-term transformation of risk management into an innovative source of value creation at the epicenter of bank management.
The most important collaborative relationship for the CRO is with the CFO and the finance team. The CFO and CRO – as the executives responsible for budgeting and supervision – tend to get caught in the middle of competing objectives. For example, it’s the CFO, who must:
- Work with CROs to deliver balance sheets that incorporate risk data.
- Satisfy shareholders with enterprise-wide capital, liquidity and profit and loss optimization through budgeting and forecasting.
- Manage staff to meet the finance department’s tactical demands.
The CFO has traditionally been the face of investor relations, whereas the CRO has been described as a behind-the-scenes “chief worrier”, brought out when things go wrong.
These roles must remain separate – risk staff must ensure that the finance function is performing its duties correctly and in compliance – but by more closely aligning CFO and CRO strategies, financial Institutions will further improve the relationship between the two, ensuring both these key roles collaborate effectively.
The CFO’s and CRO’s teams are alike in purpose, but often different in culture and processes. Risk, is arguably more science minded, with a penchant for experimentation, and finance is more process focused with an innate need for precision and structure. Both are vital to the operation of the bank, and both have key inputs into the process to address the changes being brought by IFRS 9.
More interconnected data and information sharing between risk and finance will allow finance departments to use regulatory data in key processes like budgeting and stress testing.
Raising risk awareness through analytical insights
Are the banks acting wisely to implement the right analytics and marrying them correctly to existing systems?
“This really depends a lot on the way banks will adopt technology and will use it to make that change,” according to Martim Rocha, Director of Risk Business Consulting, SAS and Global Solution Leader for IFRS 9 and Stress Testing. "Because what we are talking about here – risk and finance – really boils to the fact that you must have the information and to have the data in the banks really being shared across the business. And it’s not just risk and finance alone. At the end of the day, you also need marketing and you need sales. You need everyone involved sitting around the same table. The point is that there are also banks that have been through a long journey, having faced acquisitions, mergers, etcetera, and that now must deal with a large number of legacy systems. They are facing many challenges to bring those systems together.”
Once analytical CROs and risk-aware CFOs understand the types of analysis that can be performed and the speed in which they can be executed and summarized, they will quickly realize that this becomes a critical financial and capital planning capability that can also be used to make better capital allocation and business decisions.
It’s also important that the finance and risk functions cooperate in understanding model risk, exerting greater control over model libraries and tightening modeling budgets and audit processes.
To gain a better understanding of the risks presented by a given model, risk and finance must work more closely in the model development and deployment life cycle. In doing so, the two functions should push to reduce model sprawl and put a structure on the multiplication of models, leaving fewer dark corners from which model risks may emerge.
Making finance more risk aware will prevent risk analytics data being compartmentalized within risk, where it would be invisible to the finance department. More interconnected data and information sharing between risk and finance will allow finance departments to use regulatory data in key processes like budgeting and stress testing.
The need for good/appropriate models (and a risk platform capable of executing scenarios in a timely manner)
An integrated approach enables monitoring and orchestrating the of the entire IFRS 9 process and more. The key differentiator of an integrated approach is that the risk and finance teams can perform sensitivity analysis (for example, due to different scenarios, type of expected credit loss models and business assumption or rules) promptly to see the effect on the balance sheet and income statement.
Traditionally, the risk and finance groups within a bank operate separately with limited interaction. The challenge of the new IFRS 9 and CECL regulations introduced requires the two groups to collaborate more closely. Following the operating model, risk and finance traditionally use separate and dedicated IT applications, but to efficiently manage the IFRS 9 and CECL processes both functions should share the same IT environment.
Moreover, these two groups can work together easily to see how different business assumptions might affect a bank’s financials and create the best strategy for the bank. The bottom line is that the analytical CRO will pursue, in cooperation with the risk-aware CFO, a growing collaboration that will have a positive impact on the business of a firm.
Recommended reading
- Model risk management: Vital to regulatory and business sustainabilitySloppy model risk management can lead to failure to gain regulatory approval for capital plans, financial loss, damage to a bank's reputation and loss of shareholder value. Learn how to improve model risk management by establishing controls and guidelines to measure and address model risk at every stage of the life cycle.
- Understanding capital requirementsCredit risk classification systems have been in use for a long time, and with the advent of Basel II, those systems became the basis for banks’ capital adequacy calculations. What is needed going forward is an efficient and honest dialogue between regulators and investors on capitalization.
- Retail cyber risk toleranceManage your data assets just as you would any of your physical assets by putting security plans in place for any and all contingencies.
Ready to subscribe to Insights now?