By S. Scott MacDonald, Ph.D. , Southwestern Graduate School of Banking

Many, if not most, banks have personnel assigned to the role of chief credit risk officer, compliance officer, CRA officer and BSA officer just to name a few. But few community banks have appointed personnel to the role of chief risk management officer (CRMO). With the changing business model of many banks today, such as increased concentrations of real estate and more borrowed funds, regulators are insisting on improvements in our risk management systems and methods. 

So, what is the role of the CRMO? Although it is easy to provide a general description - that person who coordinates the identification, assessment, control and monitoring of the various risk assumed by the origination - it is more difficult to apply in practice. It might be easier to identify who this person is not. The CRMO is not your senior lender, the bank’s loan review officer, the CFO or your controller, the chair of your ALCO, or your compliance officer. So you ask, “Does that mean I have to hire another person?” The answer is maybe, or maybe not! Any of the people mentioned could also serve as your CRMO, but as bank size increases, their responsibly as CRMO might require differentiating each of the mentioned roles. A silo approach to risk management does not provide senior management or the board with an aggregate assessment of risk. The job of the CRMO goes beyond the management of individual risk and requires someone who will coordinate the total risk management efforts of the organization. 

The CRMO’s primary responsibilities are to provide the leadership needed to convey the organizations risk culture as well as establishing an integrated methodology to address risk across the origination. The CRMO would coordinate the establishment of policy and procedures, risk metrics, risk reports and improvements in risk readiness through communication, training and risk based performance incentive systems. The CRMO, in effect, becomes the portal of communication between all divisions of the organization, senior management and the board of directors.

So you ask, “Where do we get this unbelievable person?” Upon entering the market to find and hire someone, you will find there are very few. This is because ERM is a relatively new concept to community banking and the skill sets are obviously broad-based. I recommend the average community bank build or develop their own CRMO over time. Identify a bright individual who has interest in all areas of the bank. Then send him or her to every educational program you can find such as a graduate school of banking, a graduate lending school, an asset liability management school, a compliance school, and on and on. Give him or her the authority to meet with and coordinate the identification and assessment of risks across the organization. Have the CRMO work with the officers in various divisions to objectively identify the various risks across the organization. He or she should provide a point of contact and communication throughout the bank by staying current on the latest issues affecting both internal and external risks to the bank. Finally, the CRMO should report to the board of directors on a regular basis and provide a monthly or quarterly assessment of the risks of the origination in a concise, dashboard type, approach. 

I know, you ask, “One person does all of that?” Remember, their job is not to do all of “that”, it is to coordinate with the people you already have in place. As a community banker, you might be thinking that it sounds like overkill. Depending on the size of your organization, it might be today, but as we grow, our need for someone in this position will also grow. Look five years down the road and ask yourself, “Where will we get that person then?”

<back to December 2006 Directors Digest>