The Great Recession is not known for inspiring great things, but it did spur the creation of the Dodd-Frank bill, which, among many things, created the Financial Stability Oversight Council and the Federal Insurance Office. And the near-collapse of the U.S. economy did wonders for the discipline of risk management.
As a result, according to a new survey from Marsh and the Risk and Insurance Management Society (RIMS), executives in the C-suite are expecting much more from the risk managers at their company.
Below are a few of the key findings from the report:
- An overwhelming majority of respondents said that senior management’s expectations of their organizations’ risk management departments have grown over the past three years. Senior management’s list of desired changes from risk managers includes integrating risk management deeper with operations, executing daily risk management activities more efficiently, providing improved analysis and quantification, and leading enterprise risk management (ERM) activities.
- The most common focus area for 2011 is strengthening strategic risk management, which was cited by more than half of survey respondents. For the second year, this area came out on top, although barriers to doing so remain.
- The top barrier cited to senior leadership understanding of the risk landscape was silos within the organization. This is the same answer given in prior years, and is something that organizations should begin to confront if they have not already done so. One way to tear down the silos is to create or strengthen cross-functional risk committees.
- As the role of chief risk officer (CRO) continues to develop, we are beginning to see some differences in how they view and prioritize the issues. For example, CROs were much more likely than other risk managers to categorize senior management’s change in expectations a “very significant.” CROs said strengthening ERM capabilities and integrating ERM into strategic planning were focus areas for 2011.
- Economic conditions ranked as the number one risk among respondents, and was also the risk that they were least comfortable with their organizations’ ability to manage. In other areas, such as business disruption, risk managers and the C-suite are not as aligned in their views of how prepared their companies are to manage the risk.
- Nearly 60% of companies said their use of data and analytics has changed over the past three years. This is likely a reflection of leadership’s desire for there to be more transparency and quantification around risk decisions, particularly the economic implications. Despite the stated changes, however, there appears to be a need for companies to better use the available tools and analytics.
And let’s take a look at the areas in which senior management’s expectations of the risk management department have grown: