UK FSA Official Urges Board Risk Committees as Part of Sound Corporate Governance

A senior official of the Financial Services Authority urged firms to set up a board-level risk committee to ensure that risk management receives the high priority it is entitled to as part of effective corporate governance. In the same vein, Sally Dewar, Managing Director for Risk, told the City Corporate Governance seminar that firms should appoint a Chief Risk Officer.

The FSA official emphasized that the board risk committee should support the firm’s oversight of risk and risk strategy. The FSA agrees with the Walker Report that risk issues demand depth of attention and for many firms that will necessitate a dedicated forum. However, the Director conceded that a separate board risk committee will not be for all firms since in some firms the job of identifying risk matters can still be accommodated adequately in board agendas.

The FSA envisions the Chief Risk Officer as being a senior executive with primary accountability to the board on the quality of enterprise-wide risk management, which aligns the firm’s risk appetite and strategies, enhances the rigor of its risk-response decisions, and manages multiple and cross-enterprise risks.

The Risk Officer will be the key link between the board and the business, said Ms. Dewar, and the FSA expects that a core skill of this officer will be the ability to translate what is at times highly technical and often detailed day-to-day reporting of risk into high-level information for the board to understand and interpret at a strategic level. The FSA also expects that these measures will mean that firms will give proper consideration to risk issues at the highest level in their businesses.

The Director praised the Walker Review for highlighting the fact that risk management issues demand depth of attention and for many firms that will necessitate a dedicated forum. The report was the result of an independent review of corporate governance in the UK banking and financial services industries led by Sir David Walker.

A core principle of the Walker Report centers on risk management and delinking excessive risk taking from compensation, including the creation of a board risk committee with real powers and a duty to provide meaningful information about risk in the company’s annual report.
Recognizing that the financial crisis involved a massive failure of risk management, the Walker Report recommended the creation of an independent board risk committee with oversight of the company’s risk exposures and future risk strategy, including strategy for capital and liquidity management, and the embedding throughout the company of a supportive culture in relation to the management of risk.

In preparing advice to the board on its overall risk appetite, tolerance and strategy, the risk committee should take into account the current and prospective financial environment, drawing on financial stability assessments such by central banks, and banking and securities regulators. The board risk committee should, like the audit committee, be composed of a majority of independent directors and be chaired by an independent director.The risk assessment process used by the committee should be qualitative and also involve quantitative metrics to serve as a way of tracking risk management performance in implementation of the agreed strategy.

The approach to some form of calibration of risk appetite might include one or a combination of preferred risk asset ratios; value at risk; target agency ratings, and a system of risk or exposure limits including metrics for the range of tolerance. In addition, the report said that board-level risk governance should be supported by a chief risk officer, who would participate in the risk management and oversight process at the highest level, covering all risks across the organization, on an enterprise-wide basis, with total independence from individual business units.

The CRO should report to the board risk committee, with explicit and direct access to the chair of the committee.In exercise of the enterprise-wide role, the CRO would provide risk assessments totally independently from the executives in individual business units, and with due regard to materiality. The CRO would assess the risk of proposed new products and the pricing of risk in a particular transaction against the risk tolerance determined by the risk committee and board, and should have veto power where necessary.

On a continuing basis, the CRO will ensure that risk originators in individual business units are fully aware of and aligned with the board’s appetite for risk.

FSA Director Dewar also said that the FSA supports the Walker Review’s recommendations to increase shareholder engagement in corporate governance and welcomes the Financial Reporting Council’s adoption of the Stewardship Code.

The Walker Report called on fund managers and institutional investors to adopt a code of best practices on a comply or explain basis. The Code was developed by the Institutional Shareholders’ Committee. Fund managers will be asked to confirm their commitment to the Code or, alternatively, to explain their investment approach in clear terms if they are unwilling to assume such a commitment.

The Code for Institutional Investors embodies the principle that some form of governance or engagement activity may offer a means of increasing absolute returns by addressing issues in the company in a timely and influential manner and thus improving long-run performance. The report envisions engagement by fund managers as monitoring investee companies, meeting their senior management, and having a policy on voting and voting disclosure.

.