At a general level, 68% of respondents said that risk managers now benefited from a much higher or increased status since 2008. Marsh says much of this higher profile is probably due to an increased proximity to the executive committee and to an enhanced role during the economic crisis.
Prior to the economic crisis, there would have been little consistency in how financial institutions go about their risk management arrangements, the report says: “More than five years ago a decentralised, piecemeal approach was the norm, with the role of chief risk officer pretty much unheard of.
“Our 2011 results show that since 2009, there has been a significant swing towards a more centralised model for risk management, with 30 per cent of survey respondents describing their risk management structure as managed by a central team, compared to only 17 per cent in 2009.”
The trend is set to continue over the next 18 months, with 16 per cent expecting to experience more centralisation (only 10 per cent expected to be more devolved).
The result of this centralisation, Marsh believes, has been the chief risk officer becoming a permanent and influential fixture on most boards, heading up a global risk function and wielding real authority to veto deals.
The survey findings showed that the 2008 crisis prompted 79% of risk managers surveyed to review their approach to liquidity risk, with credit risk at 77%; market risk was named by 72% and operational risk some way behind at 56%.
When asked to identify their top priority risks over the next 18 months the picture is similar with 69% of respondents identifying credit risk, and 56% listing liquidity.
In what it describes as a resounding vote of new found confidence in their organisations’ risk management, 34% of survey respondents say there has been an increased appetite for risk over the last three years at board level, which compares to only 18% who felt the same in 2009.
In a possible counterpoint to that trend, an overwhelming majority (70%) feel that regulation has, however, changed their behaviour towards their clients. In some ways this could be because of the increased constraints in place, with 25% saying that their selection criteria has changed or heightened and 18% saying charges have increased.
Only 14% cite the interest of customers as a changing behaviour with 11% mentioning transparency.
Looking at the impact of regulation over the last two years, there’s a sense of shutting the stable door after the horse has bolted. A large consensus of risk managers (61%) feel that the impact of new regulation has done little, or nothing at all to reduce their operational risk exposure.
The report concludes that as risk management becomes more mature, further improvements from risk managers can be expected. It says that “the financial crisis placed pressure on risk managers to be more proactive, share knowledge and network with peers in order to deliver explicit value to their organisations and offer more measurable benefits”.
To achieve this, risk managers at institutions of all stripes said they are actively seeking benchmarks and new ideas- lessons learnt from other organisations were cited by 82% of risk managers.
I suspect that the flow of ideas was from insurance firms to banks and would include concepts such as “total cost of risk”, for example. Banks probably also learned a lot from insurers about risk culture and the importance of human input into risk taking as well computer models.
The big question is, how long will the risk management zeal last in banks? Let’s see how many institutions continue to hold their CROs close when the economic up turn happens.