Global risk management survey, eighth edition

Setting a higher bar

The global financial crisis has led to dramatic and ongoing changes in risk management among financial institutions around the world. Major regulatory reforms have been enacted with the goal of creating a more stable and transparent financial system.

Executive Summary

Among the most important developments were passage of Dodd-Frank in the United States, the European Market Infrastructure Regulation (EMIR), and issuance of the global Basel III regulatory framework. These and other initiatives are changing the regulatory requirements for financial services players in areas such as systemic risk, regulatory capital, liquidity, derivatives, proprietary trading, and financial activities with individual consumers.

Although the extent of change has been enormous, regulatory developments thus far seem to mark only an intermediate step, rather than the end, of a period of ongoing change: a higher bar continues to be set for risk management across the industry. Almost three years after Dodd-Frank and Basel III were first introduced, many specific rules are still being developed. Additional regulatory initiatives that could have important implications for risk management are also being put forward, such as the proposal to centralize supervision for European banks under the European Central Bank. At the same time, financial institutions continue to enhance their risk management programs by strengthening governance and upgrading their capabilities in such areas as risk management models, stress testing, and risk management information and technology systems.

As a result of these events, risk management continues to experience significant change. To manage the resulting uncertainty, institutions should look for flexibility in adjusting business strategies, business processes, and risk management programs as new regulatory requirements are introduced or new risk issues emerge.

Main findings

  • Board approval of risk policy and risk appetite
    Board of directors reviews and approves the risk management policy and/or enterprise risk management (ERM) framework and the risk appetite statement.
  • Role of the CRO
    The existence of the Chief Risk Officer position has steadily grown over the course of our risk management survey series.
  • Incentive compensation
    There has been extensive discussion about how some incentive compensation plans may inadvertently encourage excessive risk taking.
  • Enterprise risk management
    Sixty-two percent of institutions reported having an ERM program.
  • Eurozone crisis
    Seventy-nine percent of institutions have taken actions in response to the Eurozone crisis.
  • Basel II and III
    Institutions subject to Basel II reported they had made significant progress in implementing these requirements.
  • Solvency II
    For insurance institutions subject to Solvency II, 92 percent said they plan to focus over the next 12 months on Own Risk and Solvency Assessment (ORSA).
  • Stress testing
    Stress testing has become a more commonly used tool to help institutions assess their ability to withstand severe economic and market conditions.
  • Economic capital
    Roughly 80 percent of participating institutions reported calculating economic capital.
  • Impacts of regulatory reform
    More institutions reported an increase in the cost of compliance.
  • Operational risk
    Roughly 60 percent of institutions rated their operational risk methodologies.
  • Risk technology systems and data
    As was true in the 2012 survey, the need for significant improvement in risk management technology and infrastructure was reported by many institutions.
Did you find this useful?