The Directors and Chief Risk Officers group (“the DCRO”) today issued its guidance to organizations seeking to better govern risk through the identification and recruitment of Qualified Risk Directors to their boards of directors and risk committees of the board.
In the spirit of the Audit Committee Financial Expert, where specific board members are designated as experts in the analysis of financial statements and control processes, the QualifiedRisk Director guidelines were developed by an international group of active board directors and chief risk officers to assist organizations in identifying members of their board with expertise in the governance of risk.
“An understanding of risk and its proper governance is not just about protecting organizations from large, unexpected losses - although that is very valuable,” said David R. Koenig, Chief Executive Officer of The Governance Fund Advisors and Executive Chair of the Qualified Risk Director governance council. “Risk governance is equally about how organizations can pursue the goals they have established, with more success,” he continued. “Qualified Risk Directors make those goals more achievable.”
The Qualified Risk Director guidelines are designed to aid in the identification and recruitment of risk governance experts to boards of directors and their risk committees, where present. They are being distributed to companies around the world and to regulators that have shown an interest in advancing the governance of risk at the board level. According to the guidelines, they are designed for voluntary adoption. However, their inclusion by regulators in ongoing assessments, or in the development of future requirements, will assist in the advancement of risk governance practices across institutions of all kinds.
The Qualified Risk Director guidelines are freely available for download.
About the Directors and Chief Risk Officers group - The DCRO is a voluntary assembly of more than 1,600 board directors, chief risk officers, and other c-level executives whose work involves the governance of risk. Members come from more than 100 countries and represent large and mid-size organizations, both for-profit and non-profit. Visit http://www.thegovernancefund.com/DCRO/ to learn more.
For more information, please contact David R. Koenig by e-mail david(dot)koenig(at)thegovfund(dot)com.
Replies
Tom and Craig, thanks so much for your comments and to Boris for featuring this post.
The feedback that we have received since its release last week has been both overwhelming and positive. We're very encouraged that so many are finding this to be a helpful document and are already sharing it with their boards and networks.
Craig, we didn't mention trading as a specific experience required. However, we do emphasize that experiences need to be relevant to the risks the organization faces. So, a Qualified Risk Director on the board of a fund, prop shop, or CTA, for example, would be much likely to be better at that role if they had the experience you suggest. It's not required - as Tom mentions, there are so many broad risk governance issues that are taken up by the board - but it might be a key differentiator where trading or market exposure are fundamental risks of the entity.
Business risk management is so much bigger than any single type of risk. It is much more than financial loss on any type of transaction. Suppliers, customers and clients, regulators, facilities, processes, employees (the list goes on) all bring risks to the enterprise. Any of these risks can seriously impede progress toward goals.
Craig Marderstein said:
This document is useful. However, I would note that nowhere in the document does it mention the value of trading experience. After all, risk is not something that can ever fully be understood through someone else's experiences. A risk manager can never be exceptionally qualified if they have never themselves traded, taken risk, and experienced winning and losing first hand.
The third paragraph is significant. Too often, especially in the financial service world, risk management is limited to only regulatory risk and credit risk. Every enterprise needs this definition of risks for a valuable risk management program.