Chapter 9 - Risk oversight and corporate governance

Question 1

What is the board of directors responsible for?

Answer 1

Day-to-day running of the business

Question 2

what are the directors responsible for?

what does nominee and shadow director mean

Answer 2

Responsible for ensuring the success of the business and its compliance with relevant regulations.

Not formally appointed

Question 3

what is corporate governance? what does it include

Answer 3

mechanism needed to ensure companies continue with best interest of Shareholders

Includes - board, risk committee, audit committee, remuneration committee

Question 4

what are the three lines of defense for managing risk

Answer 4

First line - business managers/staff own their risk
Second - risk and compliance work independently with business to advise/challenge management of risk
Third - audit function

Question 5

what two things are key for good corporate behaviour

Answer 5

Honesty and integrity

Question 6

what is the role of risk managers

Answer 6

Provide communication between two risk-taking groups

Question 7

downwards and upwards communication

Answer 7

Downwards - polices, procedure’s, risk limits
Upwards - preparing risk reports that describe risk

Question 8

what is the boards risk responsibilities?

Answer 8

• provide financial oversight
• determine company approach to risk
• installing risk culture
• monitor exposure
• identify risks
• oversee effectiveness
• ensuring company has risk process.

Question 9

who does the board delegate the management of risk to?

Answer 9

the board delegates the management of risk to a risk committee

Question 10

Risk Committee delegation for small firms and large firms

Answer 10

large firms - obligatory
small firms - chosen to set up a board risk committee

Question 11

Types of risk committees

Answer 11

Larger firms/seniors - have senior or group risk committee overseeing risk management practices

Junior/divisional - focus on specific risks like credit, market, and often report to the senior/group risk committee

investment management - establish risk committees focused on fund-specific risks, while main risk committee oversees firm-wide risks

Question 12

the different risk committee memberships

Answer 12

• Non-executive director (NED)
• Chief Risk Office (CRO)
• Chief financial officer (CFO)
• Chief investment officer (Investment management firms) - CIO
• Risk representative for parent firm
• Other non-executive directors

Question 13

The risk committee functions

Answer 13

• ratify the key policies and procedures
• monitor effectiveness of policies
• translate overall risk appetite to firm

Question 14

what is the risk management committee of the board responsible for

Answer 14

Independently reviewing the identification, measurement, monitoring and controlling of risk types. This includes the adequacy of policy guidelines and systems.

Question 15

what is the main role of the risk committee. what can they do to improve risk focus of firm?

Answer 15

Recommends the firm’s overall amount of risk (appetite/tolerance) to board.

Determines financial risks aligned with the firm’s strategy

They hold strategic risk scenario identification workshops each year ti improve risk focus.

Question 16

what does the regulatory oversight include for large firms and small firms?

Answer 16

Large firms - involves lengthy and in-depth on-site visits looking at important aspects of the way in which the firm is run.

Smaller firms - internal capital and liquidity process means regulator receives reports.

Question 17

main role of the board

Answer 17

the board approves the firms risk appetite annually and delegates risk oversight to risk committee.

Question 18

what does the chief risk officer do? Responsibilities.

Answer 18

• makes decisions, set business-level risk limits, approve risks in excess of limits

Responsible for
- firms risk management strategy, firms risk polices, firms infrastructure.

Question 19

what does the risk committee do regarding business unit risk? what does the CRO do?

Answer 19

Risk committee provides detailed review and approval of each business unit’s risk limits, and delegates monitoring of these limits to CRO

The CRO may order business units, or advise fund managers.

Question 20

what is the operational risk committee

Answer 20

Also known as controls committee.

Made up of both business and risk staff

Role = make sure that business decisions are in line with the firm’s desired risk/reward trade-offs, and that the financial and operational risks are well managed.

Question 21

what is the key to a successful structure?

Answer 21

To ensure that committees exist to cover the risk of each ‘common area’ of the firm’s business.

Question 22

what is essential rule for risk managers?

Answer 22

They should not take risks, or advise risks.

Question 23

How to achieve risk management autonomy

Answer 23

Staff that takes risk should have no input to the performance appraisals, compensation, or promotions, and instead should be fearful of giving ‘bad’ news.

Question 24

what is the role of risk managers?

Answer 24

Facilitate communication between the two risk-taking groups

Question 25

Risk governance: Why does careful planning exist?

Answer 25

because of how a firms existing governance structure will be merged with the acquiring firm's governance structure, and how any gaps and overlaps will be managed.

Question 26

why is succession planning used?

Answer 26

Exists to deal with unplanned changes, such as senior managers leaving

Question 27

Know the main factors determine risk and control culture: Governance and Policies

Answer 27

- ownership and management involvement (Senior managers and certification regime) - staff remuneration policy - staff appraisal policy - risk policy - risk functions independence - calibre of risk personnel - escalation and whistle blowing process - code of conduct

Question 28

Know the main factors determine risk and control culture: Risk appetite / tolerance What is the current implicit risk appetite? what does this include to monitor?

Answer 28

- understanding the firm's current risk profile and trends Monitor the firm's ongoing performance against its desired risk appetite.

Question 29

What does business planning tend to be driven by what should it be driven by/ the outcome

Answer 29

Tends to be driven by earnings goals in a competitive environment IT NEEDS to involve the risk management function from the beginning of the planning process, this means that targets can be tested to see how they fit with firm's appetite, any nay potential downsides.

Question 30

Know the main factors determine risk and control culture: Transparency

Answer 30

2015 BIS updated corporate governance principles for banks. Principle 12 - Adequately transparent to its shareholders, depositors, and other relevant stakeholders and market participants The principle supports public disclosure of: - board structure - organizational structure - basic ownership structure - information of incentive structure - banks code or policy - banks policy on conflicts of interest

Question 31

why is internal transparency important

Answer 31

It ensures that risks can be uncovered and dealt with quickly. The key = good and open communication, and lack of public blame

Question 32

How to avoid mistakes

Answer 32

Maintain a robust, comprehensive database of losses and near misses, which includes cause and costs - and actions to prevent recurrence

Question 33

what is blame culture

Answer 33

Sacking staff during the incident

Question 34

what is silo effect?

Answer 34

Lack of communication, shared vision and knowledge flowing in organization.

Question 35

what is moral hazard how to reduce this how firms manage

Answer 35

The possibility that people will behave different when protected from the effects of risks they take. Reduce this by encouraging a climate of honesty and care Many firms do this by defining a code of conduct