Football fans may be familiar with the phrase ‘prawn sandwich brigade’. It was coined after then-Manchester United captain Roy Keane ranted about a perceived lack of support from his team’s home crowd during a game against Ukraine’s Dynamo Kiev in 2000.
“Some [fans] come here and you have to wonder, do they understand the game of football?” Keane said. “They have a few drinks and probably the prawn sandwiches, and they don’t realise what’s going on out on the pitch. I don’t think some of the people who come to Old Trafford can spell football, never mind understand it.”
Apparently, similar failings afflicted board-level risk committees within the banking industry, until recently.
In the words of Stephen Creese, Citi’s head of op risk for Europe, the Middle East and Africa, boards have “gone from turning up once a quarter for a prawn sandwich to being down in the weeds of what you do”.
Creese, who was speaking at OpRisk Europe in June, suggested regulations that target directors personally, rather than the institution they serve, have brought about this change in mindset. He cited the UK’s Senior Managers & Certification regime, under which the head of a bank’s risk committee is now a designated, regulator-set function, as a prime example. All non-executive directors who sit on bank boards are also subjected to greater scrutiny; they can expect an interview with the bank’s regulator that will probe their understanding of a firm’s business model, the markets it operates in, and the attendant risks it faces before they can take their seat.
Boards have gone from turning up once a quarter for a prawn sandwich to being down in the weeds of what you doStephen Creese, Citi
“It’s very noticeable now that a lot of boards, depending on their regulatory regime, are very sensitive to the liability they face. The level of detail and challenge we now get, I’ve never experienced in the last 20 years, even in the aftermath of the crisis. They don’t just want comprehensive data, but a crystallised view on where you are on your risk appetite spectrum – to the point that, often if I get thrown a question on reporting or control issues and corrective actions to those issues, you’ve got to provide reassurance that we’re OK to open the doors in the morning,” he said.
In the US, meanwhile, the Federal Reserve also now insists at least one member of a bank’s risk committee must have bona fide risk management experience at a large financial institution.
These rules have not produced much change in the composition of board-level risk committees. Over the past month, Risk.net ran the rule over committees at 15 large global banks – repeating an exercise we first conducted in 2012. Only four of the banks boasted a former chief risk officer on their risk committees – the same number as six years ago.
But conversations with risk managers suggest the headline numbers belie a dramatic shift in attitudes among committee members to the job they’re asked to do – as Citi’s Creese claimed. Several current and former CROs Risk.net spoke to in the course of its research claim the level of effective challenge they receive from their board is unrecognisable from the level exercised two decades ago, during the pre-crisis boom years.
That is a good thing, of course, but the right attitude will only take you so far. Some still argue banks are not stocking their risk committees with enough former practitioners. To adapt Roy Keane’s litmus test, risk committee members may be supporting the team more passionately, but do they genuinely understand what’s happening on the pitch?