Sponsored by ?

This article was paid for by a contributing third party.More Information.

What does a grown-up risk function look like?

Content provided by IBM

Banks and other financial firms have had more than 15 years to study the precepts of enterprise risk management (ERM), learn them and apply them. Still, many risk functions appear to be relatively immature

THE PANEL

  • Neil Dodgson, global head customer solutions group, IBM Risk Analytics
  • Peyman Mestchian, managing partner, Chartis Research
  • Jeff Simmons, head of enterprise risk, Bank of Tokyo-Mitsubishi UFJ
  • Moderator: Joel Clark, consulting editor, Risk.net

Banks and other financial firms have had more than 15 years to study the precepts of enterprise risk management (ERM), learn them and apply them. Still, many risk functions appear to be relatively immature – focusing on key compliance requirements, fragmented into silos, with no common data model or risk language, and relying heavily on the abilities of their key individuals. 

A more mature function might be one in which real economic risks and risk-based performance – rather than regulation – are addressed, with sophisticated early warning systems, ownership across businesses and at all levels of the firm, and playing a part in both tactical and strategic decision-making. 

Many firms will have characteristics from both of those lists, and will concede they have room for improvement. But agreeing on the goal – and the means to get there – is often lacking.

In this IBM-sponsored videocast, a panel of industry experts give their take on ERM maturity, including Peyman Mestchian, managing partner, Chartis, who unveils findings from a new ERM maturity model study (the final research paper in Chartis' The Risk Enabled Enterprise® research programme) in which Chartis has identified four levels of maturity, linking capability to value creation. 

The panel addresses the following issues:

  • Is ERM mature as a discipline?
  • What marks out mature – and immature – risk functions?
  • What part is played by process, by culture, by data?
  • What part is played by organisational structure, people and culture?
  • Is regulation undermining the risk manager?

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here