Chief Risk Officer (CRO) challenges in risk management

This session focused on two main areas: the evolving risk universe and challenges this presents to firms and risk functions, and related to this, a deep dive into the management of AI risks.

Chief Risk Officer challenges

Our risk management experts drew on their experience and what they are currently observing in the industry to outline some of the key challenges that Chief Risk Officers (CROs) are facing and also highlight how CROs are looking to overcome these challenges.

The challenging landscape is characterised by:

• The increase in breadth and complexity of the risk universe.
• The rapid technological advancements that are being observed in the industry.

The complexity of the rapidly changing regulatory environment is evidenced by the wealth of regulatory change which has been observed in the last year, including the finalisation of Basel 3.1 rules, the 2025 deadlines for operational resilience frameworks, the publication of SS3/19 regarding climate risk expectations and the ongoing demands of consumer duty. These examples represent a small proportion of what firms must comprehend and prepare for, which can overwhelm risk functions if they are insufficiently equipped.  

Whilst trying to keep pace with this quickly evolving risk landscape, firms are also attempting to continue their transformation and automation journeys meaning firms must manage competing priorities and ensure their risk function is capable of handling their exposures from not just a tactical perspective but also a strategic perspective.

What should firms do?

There are a few further things to consider when evaluating the current challenges in this complex risk landscape:

• Boards will likely lack detailed knowledge about some of the evolving and emerging risks. It is imperative that CROs engage effectively with the Board, be a bridge between the technical experts and the Board in educating and assessing how decisions and activities fit in with the strategy and risk appetite of the organisation.
• Focus efforts on material risk areas, particularly the evolving and emerging risks – sometimes organisations tend to shy away from areas they are less familiar with and focus disproportionately more on areas of strength (e.g. credit risk). 
• The risk function needs to be clear on the changes required to existing frameworks, approaches and culture to adapt to the new risks. This will include investment in training, upskilling, new skill sets, and tools and empowering 1^st line to manage risk effectively.

CROs will need to constantly evolve to adapt to the dynamic and challenging risk landscape and implement an agile risk framework that identifies, measures, monitors and controls for risks. Firms must ensure this risk culture is sufficiently embedded into all risk management procedures and that the risk function contains the necessary skills and expertise to navigate this complex environment. CROs are pivotal in ensuring there is effective collaboration and discussion with the Board and transparent reporting.

Conclusion

The dynamic landscape of risks, especially those linked to technological advancements, poses significant challenges for Risk Functions. Firms need to adopt agile and proactive strategies to navigate these changes and uncertainties. This necessitates new perspectives on risk, along with the development of new skills and expertise to effectively identify and manage these risks.

Get in touch with our Financial services team

If you would like to speak with a member of our Financial Services team, please contact us using the button below.

Contact us today