A chief risk officer, or CRO, applies business acumen, accounting skills and risk management expertise to review a corporation's internal controls and procedures. He ensures that such controls are functional, adequate and conform to regulatory standards, human resources policies and industry practices. A CRO usually has a master's degree in a finance-related field.
Establish Corporate Risk Management Policies
A chief risk officer sets an organisation's risk management controls and policies, and she ensures they are adequate and effective. A control is a group of instructions that a CRO puts into place to prevent significant operating losses resulting from employee error or carelessness, fraud and technological malfunction. A risk management control is adequate if it provides clear instructions on task performance as well as steps for problem reporting and decision making. A functional control provides appropriate solutions for internal problems. A company's risk management policy handbook covers four types of risk—market, credit, technological and compliance. Market risk emanates from unfavourable price fluctuations on securities markets. Credit risk originates from a business partner's default owing to bankruptcy or temporary financial problems. Information technology (IT) risk arises from breakdowns in computer hardware and software, while compliance risk is the loss resulting from nonconformity to laws and regulations.
Identify and Monitor Risks
A chief risk officer partners with accounting and finance staff members to identify risks implicit in corporate financial reporting mechanisms. He also works in collaboration with internal and external auditors to assess accounting, technology and operational controls to ensure they are adequate. A corporation's operating procedures in accounting and financial reporting systems are critical. Absent functional policies, a firm may be unable to report complete and fair financial reports that conform to generally accepted accounting principles (GAAP) and international financial reporting standards (IFRS). Fair means accurate in accounting parlance. Financial risks affect four accounting summaries—balance sheet (also known as statement of financial position), statement of profit and loss (P&L, or statement of income), statement of cash flows and statement of retained earnings (also called statement of equity).
Coordinate Risk Reporting Activities
A CRO oversees corporate risk reporting activities and ensures they are correct and consistent. A company's risk data includes four types of reports—operational, financial, internal audit and external audit. An operational risk report is also referred to as a "risk and control self-assessment," or RCSA, summary. In an RCSA, department heads and segment managers provide a list of business unit controls and related risks. They rate risks as "high," "medium" and "low" based on loss expectation. A financial risk report instructs a company's top leadership on risk exposures, or losses, that a firm may incur in its securities markets transactions and lending activities. Internal and external audit risk reports relate to operational and financial reporting risks.
- 20 of the funniest online reviews ever
- 14 Biggest lies people tell in online dating sites
- Hilarious things Google thinks you're trying to search for