The Great Debate

What do risk officers worry about?

JPMorgan’s astonishing $2 billion-plus quarterly loss due to trading in credit default swaps from its London office spotlights the crucial role of the chief risk officer (CRO). What exactly are risk officers supposed to do? Is the CRO someone who fills out reports, becomes a fall guy for misplaced strategy or, as a key executive, makes management aware of the risks and has input to decisions made by the senior management team?

Taking on the role of a CRO is not for the faint of heart – even the title grants you a certain degree of unpopularity. You’re the bearer of potential bad news when it comes to strategic decision making. It is your job to provide your boss and peers with possible outcomes of scenarios they often don’t want to hear about. Yet, you are the first to be thrown under the bus when a risk suddenly surfaces and your company has no mitigation plan in place. You can’t say “I told you so,” so you roll up your sleeves and quietly prepare for the next event. Of course, every risk a company faces cannot be predicted and proactively avoided. As recent worldwide financial, economic and societal events have illustrated, it has become critical to employ a process driven by foresight.

To understand how to develop and implement a risk management strategy, we must first learn which emerging risks CROs are most concerned with today. According to a recent survey co-sponsored by the Joint Risk Management Section of the Society of Actuaries, Canadian Institute of Actuaries and the Casualty Actuarial Society, the top two risks reported were financial volatility and failed and failing states. Risk managers also cited cyber-security and the overall interconnectedness of infrastructure, followed by the threat of a Chinese economic hard landing, an oil price shock and regional instability.

From a broader perspective, the survey explains which emerging risk categories most distress risk managers. The economic category leads the pack (56 percent of managers named this as the biggest concern), followed by geopolitical (22 percent), technological (8 percent), societal (5 percent) and environmental (4 percent) risks.

The survey also polled risk managers on the role of strategic planning and incorporating the potential effects of evolving emerging risks into the decision-making process. This revealed that recent events such as the Japanese devastation, Middle East political unrest and European sovereign debt crisis have had great influence on the concerns of risk managers about future risks. The year 2011 marked the largest economic impact of physical disasters in history, which included flooding, monsoons, fires, earthquakes, volcanic eruptions and tornados.

Why did the SEC fail to spot the Madoff case?

mark_williams– Mark T. Williams, a finance professor at the Boston University School of Management, is a risk-management expert and former Federal Reserve Bank examiner. The views expressed are his own. –

With Congress now probing the Bernard Madoff case, some claim the SEC missed the risk because of under staffing. Even if that’s an issue, one SEC enforcement officer using basic risk-management skills, asking probing questions, searching for clear answers, and exercising timely follow up could have helped in detecting this fraud before it grew to such a staggering size.

The central flaw at the SEC is that its current oversight approach is not sufficiently risk focused. Moreover, any changes in approach have tended to be in response to a specific event instead of incorporating an overall risk-based approach across all areas under their regulatory purview.