Enhancing Your Risk Program: Insight's From RMA's GCOR Panel

Risk management is a critical aspect of any financial institution's operations, and the need for robust risk frameworks has become increasingly evident in recent times. To shed light on this topic, a panel discussion featuring industry experts Kevin Slane, CRO of Sandy Spring Bank, Robby Harmon, CRO of TriStar Bank, and Michael Glotz, CEO and Cofounder of SRA Consulting was featured at this year's virtual 2023 GCOR Conference, hosted by The Risk Management Association (RMA). The panel of risk experts delved into the challenges, strategies, and best practices involved in building and executing effective risk frameworks. This blog post provides a summary of the insightful conversation and key takeaways for those who might not have been able to attend.

Articulating the Need for Staff and a Roadmap:

One recurring theme throughout the discussion was the importance of having the right staff and organizational structure in the risk function. Chief Risk Officers often struggle to justify their staffing needs, but articulating the value and demonstrating the necessity is crucial. Additionally, having a clear roadmap and long-term plan is vital for the success of risk frameworks. Robby acknowledged the need to develop a three-year plan, which would help guide their risk management efforts more effectively.

Building and Executing the Plan:

Both Kevin and Robby emphasized the significance of building comprehensive plans and executing them to close the identified gaps in risk management. Kevin's institution had categorized their plan into three areas: ERM, compliance, and IT, with dedicated personnel overseeing each area's progress. By breaking down the plan, they were able to report to their risk committee and provide regular updates to the board. They stressed that many aspects of risk management are about maturing existing processes, formalizing procedures, and enhancing reporting, rather than implementing entirely new systems.

Regulator Feedback and Best Practices:

The discussion touched upon the regulatory landscape and how best practices come into play. Michael highlighted the collaboration between the Risk Management Association (RMA) and regulatory guidance to develop the RMA Risk Maturity Framework, powered by SRA Watchtower. This industry-wide tool incorporates feedback from Chief Risk Officers and covers both regulatory guidance and common-sense elements. Regulators have expressed appreciation for the framework, as it allows them to assess multiple areas in a consolidated manner. Moreover, Michael emphasized the importance of benchmarking risk frameworks against peer banks, providing valuable insights for boards and management teams.

Resource Allocation and Risk Focus:

Managing resources and obtaining buy-in from internal stakeholders were significant challenges discussed by Kevin and Robby. While Kevin's institution involved a wide range of individuals from different departments, Robby's smaller-tier bank relied on strategic risk management and close collaboration with the CEO and other key decision-makers. Both emphasized the need for continuous education and awareness of risk throughout the organization. Furthermore, they acknowledged that different-sized banks face different risk priorities. Currently, liquidity and interest rate risk are top concerns for banks, with regulators paying increased attention to these areas.

Striving for Maturity and Future Considerations:

When discussing risk maturity, Michael explained how size and complexity impact the level of maturity expected from banks. While smaller banks may focus on establishing a basic risk program, larger banks face more stringent regulatory expectations. Michael also highlighted the evolving nature of risk frameworks and their continual improvement through feedback and benchmarking. Robby also emphasized the importance of considering third-party vendor risk, given the reliance of smaller banks on external providers.

Conclusion:

The panel discussion shed light on the challenges and best practices associated with risk frameworks in the banking industry. It underscored the need for clear roadmaps, effective communication with stakeholders, and a comprehensive understanding of regulatory expectations. By aligning your risk management efforts through cutting edge tools like the Risk Maturity Framework and engaging in benchmarking exercises, banks can enhance their risk maturity and ensure better management of risks. The insights shared by Kevin, Robby, and Michael serve as valuable guidance for banks looking to strengthen their risk management practices in an ever-evolving landscape.