An article in Risk Magazine, reporting on the Federation of European Risk Management Associations (FERMA) conference in Maastricht, highlights some key concerns surrounding the position of Chief Risk Officer (CRO). In his speech, Mark Harman (CEO EMEA, Crawford and Company) stated that the CRO's responsibilities should be made very clear to all senior managers within an organisation, so that there is an awareness of what risk management can and cannot do. Interestingly, the article emphasises two messages that seem to conflict with one another. On the one hand, Mr. Harman stresses the importance of delineating the responsibilities of the CRO:

"You don't have to do it all, but decide what it is you are doing and make sure it's clear what you are doing and what you are not doing."

On the other hand, the article stresses the importance of going beyond one's own business silo in order to identify interdisciplinary risks:

 "The job of a risk officer is to be interested in the business, not just their bit of the business. There is loads of information a risk officer can get hold of … you [can] spot things others have missed because you will ask the questions others haven't thought to ask."

I'm in firm agreement with the second camp here, given that regulatory reforms have forced banks to consider their risk exposures holistically. But if risk managers are staking out their territory and marking off what they will and will not do, it will be difficult to ingrain a culture of thinking beyond boundaries to consider firm-wide risks.

Ben.