CRO Academy

Course Overview The purpose of this course is offer Chief Risk Officers, Directors of Risk and Heads of Risk at large companies and financial institutions an overview of best-practice in relation to their roles within their companies. Participants will learn how to develop the entire risk structure within an organization and how to restructure an existing one. This includes their learning how to guide their boards in the creation of an effective board risk committee equipped with a risk charter and appropriate functions. This also includes participants learning how to define their own roles and the roles of their subordinates in relation to the board, the CEO and other executive functions. Participants will learn how to design and staff their risk functions with the right people, possessing the right skills—even learning how to deal with consultants, temporary and interim staff as well as expatriate executives. The course then takes participants on the journey through understanding what CROs need to know, how they should interact with the executive committee (EXCO) and CEO on a regular basis, what compliance initiatives they should understand, what tools and techniques they will need to grasp and what initiatives they will need to undertake to be effective and superlative in their roles. Key course highlights include: Step-by-step guidance for participants in how to design, develop, establish and implement an entire, enterprise-wide risk function from the board-level down to detailed operations Learning how to guide and instruct the board in the formation or restructuring of the risk committee Learning how to work with and advise the CEO and Executive Committees (EXCO) Learning how to develop the personnel and management structure of a risk function, from hiring, tooling and training to the equipping of risk analysts with the appropriate systems Learning what new tools and applications are necessary for the CRO to understand within modern, enterprise risk management frameworks, such as predictive analytics, market intelligence, IT risk, reputation/social media risk management & environmental risk management Understanding systems and software selection, including how to deal with outside vendors and how to make the “buy or build” decision Discovering which duties are “risk-related” and which are not: in particular, distinguishing between risk management and credit functions and operations functions Understanding Internal Capital Adequacy Assessment Process (ICAAP) development as a major initiative Learning the essentials of overseeing validation and testing of risk models Understanding the essentials of stress testing Learning the key elements involved in risk reporting Who Should Attend This course has been carefully designed for the benefits of: Existing and aspiring CROs Heads of Risk Management Risk Directors
Day 1 Registration commences at 8:30 on day one Programme runs from 9:00 - 5:00 daily The role of the CRO Course overview Background objectives - Preparation of new Chief Risk Officers (CROs) - Guiding experienced CROs with expanded roles - Assisting experienced CROs in addressing modern risk challenges, including: - Basel III/Solvency II, Dodd-Frank, Sarbanes-Oxley compliance - COSO and CAS ERM initiatives - New threats to business - Reputation and social media threat - Environmental compliance issue - Increased, global fragility Fundamentals - What is risk management? - What is enterprise risk management (ERM)? - Risk-related initiatives that impact CRO roles and duties - Basel III - Dodd-Frank - Sarbanes-Oxley The CRO’s role - Typical duties - Risk assurance - Credit review - Operational exposure review - Market risk exposure and limit setting - Compliance duties - Support of executive functions - Support of the board - Transformed and modern duties - Predictive analytics - Market intelligence - Reputation risk management - Enterprise risk management (ERM) - New Structure - An executive versus senior management role - The modern CRO and the Board - The modern CRO and the CEO - The modern CRO and the Executive Team - The CRO as a strategic role - The CRO reporting structure - Basel III guidelines - COSO guidelines - The CRO versus Head of Internal Audit: similarities, differences - The CRO versus the CFO: similarities, differences - The CRO versus Head of Credit; similarities, differences - The CRO versus Head of Compliance; similarities, differences - Pro-active versus re-active risk management - Traditional, siloed risk management or Enterprise Risk Management (ERM) - Strategic Risk Management and risk-based strategy - Relationship with other executives and EXCO Day 2 Building a Risk Function and Related Structures The Board-Level Structure - Developing the Board Risk Committee - Who should be on the committee? - How should the committee work? - Acting as secretary to the Committee - Duties and exceptions - Creating a charter - Powers, voting powers and structure - Enlisting input from other directors - Responsibilities of executives to the Board Committee - Creating a board-level meeting agenda - Summaries and market dynamics - Connecting risk exposure to what director’s need to know - Guiding risk profile, risk appetite and risk tolerance-setting - Establishing an effective structure for board-level oversight The executive-level structure - The CRO and the EXCO - Membership but not voting rights - Supporting Risk due diligence of strategic initiatives - Mapping out strategies - Strategic analysis - The practical matters of the team to support EXCO (“EXCO Analysts”) - How should the team members be selected? - How do they relate to the CRO and to their other executive bosses? - Working independently with other executive-team members - Interacting with other team members - Being supportive and not a policeman - Gaining trust Day 3 The CRO’s Risk Function Teams: For each of these we cover 1) The team duties, 2) Who should staff the team, 3) Skills required and 4) How the CRO can manage them - The Predictive Analytics (scoring, modeling, business analytics, etc.) Team - The Enterprise Risk Management team - The Operational risk management team - The Operational Enforcement team - The Credit risk management team - The Market risk management team - The Asset/Liability Management team - The Business Continuity Management team - The Information Security team - The IT Risk team - The Market Intelligence team - Subsidiary/Branch function teams - Parallel structures for the above components - Whom to hire, objectives and the skills required General Managers (to head component functions) - Skills and dispositions required Addressing Challenges - Getting the right skill sets if the teams don’t have them - Training/education content - Essentials in relation to: - Basel III advanced requirements (e.g., risk modeling) - COSO (e.g., analytics, market intelligence) - Motivating and forming the teams - Bringing in outsiders, expats and pinch-hitters to the team Day 4 Tools that the CRO will need Supporting tools and systems - Knowledge - Quantitative risk management and Predictive Analytics - FRM, PRM other certifications? - Tail loss model - Market Risk Value at Risk (VaR) and tail loss - Operational risk VaR and tail loss - Credit risk modeling - Risk Components - Probability of Default (PD) - Loss Given Default (LGD) - Exposure at Default (EAD) - Credit Portfolio Modeling and CreditVaR - Enterprise-wide exposure modeling - Business continuity planning - What is BCP? - General approaches - Other risks - IT Risk - Information security - Basel III approaches - Capital adequacy determination - Loan and exposure limit-setting and structuring - COSO and CAS approaches - Compliance philosophy - Interaction with regulatory authorities - Environmental and social awareness Technical systems and platforms (cost-effectiveness and suitability) - SAS - SPSS - R Day 5 Techniques Validation and testing of models - Validation and testing of market risk models - Validation of operational risk models - Validation of credit risk models - PD calibration (summary) - LGD calibration (summary) - EAD Calibration (summary) - Stress Testing - Stress Testing of market risk models - Stress Testing of operational risk models - Stress Testing of credit risk models Reports Reporting on capital adequacy Internal Capital Adequacy Assessment Process (ICAAP) Credit Committee reports Board Committee reporting Audit committee reporting Other issues and concluding remarks