What Does A Chief Risk Officer Do?
The Chief Risk Officer (CRO) is the executive responsible for determining and mitigating significant competitive, regulatory and technological threats to a business’ base and income. In a society where cyber threats, competition between companies and new compliance requirements are growing on an exponential basis, this is a challenging position to say the least.
Strict standards for those in the compliance and archiving department
Due to the Sarbanes-Oxley Act of 2002, there are also strict standards set for all in the compliance department as well as in the archiving department. The United States Congress passed this legislation to protect shareholders and consumers from fraudulent acts and accounting errors of public companies as well as to improve the accuracy of corporate disclosures. The United States Securities and Exchange Commission (SEC) administers the Act which sets deadlines for compliance and implementation of their guidelines. The Act specifies which records need to be kept and for how long. This can create a bit of an IT headache while trying to maintain compliance with the growing use of encryption. Encryption protects the clients, but can also make it too difficult for the auditors to do their job. Maintaining readability of the records and protection for clients at the same time is a requirement of the SEC.
What role does the CRO play?
Not only must the CRO be aware of everything occurring in their company on a daily basis, but they must also be current on all of the requirements from the SEC due to legislation being approved by the Dodd-Frank Act. The Dodd-Frank Act, which became legislation in July of 2010, aims to prevent another significant financial crisis by creating new financial regulatory processes that enforce transparency and accountability while implementing rules for consumer protection. This act created more stringent requirements for banks and the breakdown of companies if they are deemed “too big to fail.” The SEC has adopted 65 of the provisions that the Dodd-Frank Act has put forth and is discussing others to determine if they should be put into force.
The Dodd-Frank Act
One of the provisions of the Dodd-Frank Act created the Financial Stability Oversight Council (FSOC) to address persistent issues affecting the financial industry and prevent another recession. Banks are now required to have “funeral plans” for swift and orderly shutdown in the event that the company goes under. By keeping the banking system under a closer watch, the Act seeks to eliminate the need for future taxpayer-funded bailouts.
For more information about the CRO’s role, please refer to our White Paper, 2016 Risk Practices Survey.