Resetting risk oversight expectations of bank boards
Information flow challenges
It seems bank boards are never far from the spotlight. Over the last decade, regulators, external stakeholders, and firms' management have expected boards of directors at banks to do more. Not only have directors' responsibilities expanded in scope and become more complex, but board members are being drawn "into the weeds" on risk management.
November 15, 2017
A blog post by Val Srinivas, Banking & Securities research leader, Deloitte Services LP.
The regulatory recalibration happening now, especially in the United States, is also reshaping expectations of bank boards. This is particularly evident from the recent proposal on board effectiveness by the Federal Reserve, with a view to "refocus … supervisory expectations for the largest [banks'] boards of directors."1 The fed's proposal aims to better distinguish the role of bank boards from that of management.
The fed's proposal describes effective boards as those that: (1) set clear, aligned, and consistent direction regarding the firm’s strategy and risk tolerance; (2) actively manage information flow and board discussions; (3) hold senior management accountable; (4) support the independence and stature of independent risk management and internal audit; and (5) maintain a capable board composition and governance structure.
These topics have been the focus of the research the Deloitte Center for Financial Services has been doing since 2009, when we published our first report on bank board risk governance based on the analysis of risk committee charters of the largest banks. We have now published four such studies—the latest of which was released recently and is entitled What's next for bank board risk governance: Recalibrating to tackle new risk oversight expectations.
The timing of our latest research coincided with the fed’s proposal in August. As a result, we were able to look at the results of risk committee charter analysis through the lens of the five attributes listed above.
One of our main findings is that since late 2014, when we published our last report, many banks have improved their compliance documentation related to the Federal Reserve's enhanced prudential standards, the Office of the Comptroller of the Currency's heightened standards, and the Basel Committee for Banking Supervision's (BCBS) guidelines on bank corporate governance.
Despite such progress, our study of risk committee charters shows that there is more to be done.
What's next for bank board risk governance?
Read the report
Managing information flow
One such area is how boards manage information flow, resources, capabilities, and committee discussions (one of the attributes highlighted in the fed's proposal). The fed acknowledges that bank boards "face significant information flow challenges," and that "they are inherently disadvantaged given their dependence on senior management for the quality and availability of information."
Managing information flow at the board level is critical for so many reasons, not least of which is the ability to effectively question risk exposure across the enterprise. Such information obviously goes beyond quantitative metrics and includes a fair amount of qualitative reporting of the strategic choices facing the institution and business performance.
Another challenge is the quantity of information that is typically channeled to board members, which one can only assume has increased exponentially given the demands placed on board members. In our risk committee charter analysis, we found that almost all institutions in the sample have access to additional internal and external resources, which no doubt only add to the amount of information consumed by board members.
Obviously, the ability to effectively manage information flow, resources, capabilities, and committee discussions applies to all committees, not just risk committees. In this regard, coordinating information flow among different board committees could also play a role in the board’s ability to meet its mandate. Our research found that documenting coordination between the risk and audit committees of the board has become relatively more common compared to previous years. However, coordination between the risk and compensation committees (as also stipulated within the BCBS's corporate governance principles) is noted in only a few charters.
Our full report has many more details covering various aspects of board risk governance. We welcome your views on any of the topics we cover in the report.
Managing information flow at the board level is critical for so many reasons, not least of which is the ability to effectively question risk exposure across the enterprise.
QuickLook is a weekly blog from the Deloitte Center for Financial Services about technology, innovation, growth, regulation, and other challenges facing the industry. The views expressed in this blog are those of the blogger and not official statements by Deloitte or any of its affiliates or member firms.
Do not delete! This box/component contains css that is needed on this page. This message will not be visible when page is activated.