The CRO cannot be expected to do what only the CEO can do

Here’s an excellent op-ed piece in US Banker about the role of the chief risk officer and the CEO. This may be the best thing I’ve read in months.

Setting the tone for this article is Warren Buffet who recently wrote in the BRK shareholder’s letter:  “I believe that a CEO must not delegate risk control. It’s simply too important. … If Berkshire ever gets in trouble, it will be my fault. It will not be because of misjudgments made by a risk committee or chief risk officer.”

The author writes:

1) CEO is directly responsible for thoroughly understanding and signing off on all significant risks embedded in the bank’s business strategy

2) CEO is directly responsible for protecting the bank’s franchise against excessive or inappropriate risks that could derail the business strategy or damage the bank’s reputation and access to capital.

3) CEO is directly responsible for creating a strong risk culture across the entire bank

Read this article then read it again.  Print it out and nail it to the front door of your bank too.

2 thoughts on “The CRO cannot be expected to do what only the CEO can do

Leave a Reply

Your email address will not be published. Required fields are marked *