A proactive risk culture creates a safe environment to openly acknowledge risk, proactively challenge decisions, and encourage discussion and learning from risk failures and solutions. Clearly defining the expected control of risk functions across the organization helps to shape the strategy, policies, and values about risk clearly and consistently.
“The volatility and resulting change we’re seeing in the banking sector will force many banks to reprioritize which projects are now mission-critical,” said Irene Hendrick, Senior Vice President of Revenue at RGP. “This heightened risk environment underscores the importance of building strong lines of defense, and a major part of that is ensuring you have communicated the strategy, policies, and values surrounding risk.”
To establish a proactive risk culture, organizations must display active participation in developing a clear understanding of their current behaviors and perceptions, the impact risks have on their business, and how those risks interconnect.
Conduct Regular Risk Assessments
In its Auditing Liquidity Risk Management for Banks practice guide, the Institute of Internal Auditors (IIA) recommends that senior management should continuously review liquidity developments and report to the board on a regular basis. Routine, anonymous risk assessments make it possible for organizations to recalibrate perceptions they might otherwise overlook and avoid subjective or flawed assumptions that propagate biased behaviors. Transparent, unbiased insights are vital for making changes to corporate values, risk management processes, criteria for risk-thresholds, and risk awareness. This provides leaders and front-line managers with vital information about unhealthy risk behaviors and their potential impacts.
Use Data-Driven Processes
Timely and transparent collection of data enables better risk management decision-making. Organizations should use data-driven methodologies to help identify and mitigate biases by breaking down risk indicators, including:
- Change management of risk perceptions, behaviors, and resolution
- Proactiveness to report risk issues
- Stakeholder responsiveness to risk identification
- Risk ownership
- Ability and willingness to remediate risk issues
- Accountability for performance of risk management
Routine Stress Testing
Robust stress testing and contingency planning are integral to an effective liquidity risk management strategy. The IIA recommends that a range of liquidity stress test scenarios should be analyzed regularly, including bank-specific scenarios, market-wide scenarios, and a combination of both. These scenarios should also be reviewed by internal auditors to determine whether the assumptions are appropriate and ensure they represent a sufficient variety of risk events.
Read more about RGP’s approach to risk and compliance.