Chief risk officer (CRO) job description
/The chief risk officer is responsible for mitigating those business risks that can impact a firm’s profitability. This person also deals with enterprise risk management issues, reducing those risks that can shut down operations. A chief risk officer has to work through department managers to adjust policies and procedures for risk reduction purposes.
The precise nature of the job can vary considerably, depending on the nature of the industry in which the job is located and the size of the organization. For example, a CRO position in the banking industry will require an extensive knowledge of banking activities and regulations, which would be unnecessary if the position were located in a manufacturing entity.
Related AccountingTools Courses
Business Insurance Fundamentals
Basic Functions of the Chief Risk Officer
The chief risk officer position is accountable for the risk management operations of the company, to include the integration of risk concepts into strategic planning, and risk identification and mitigation activities. Principal accountabilities are:
Create an integrated risk framework. The CRO creates a risk framework for the organization. This involves coordination with all department managers throughout the organization.
Assess risk. The CRO oversees the risk assessment process across all key business process flows, and with its business partners.
Quantify risk limits. The CRO identifies the probability of risk occurrences and the range of their monetary values.
Develop risk mitigation plans. In concert with the department managers, the CRO develops risk mitigation or avoidance plans for all identified risks.
Advise on directing capital to projects based on risk. The CRO advises on how capital should be invested in various projects, based on their underlying risk profiles.
Assist functional managers in obtaining risk mitigation funding. In cases where substantial funding is required for risk mitigation activities, the CRO participates in the funding presentations.
Monitor risk mitigation activities. The CRO oversees that status of risk mitigation projects, and reports these findings to the senior management team, along with recommendations for changes.
Report on risk. The CRO routinely issues risk reports and makes presentations to the senior management team regarding risk issues.
Communicate to key stakeholders. The CRO discusses risk issues with all key stakeholders, including governments, lenders, investors, and local communities.
The CRO may be assigned a number of additional tasks besides the main ones already noted. They include:
Oversee insurance. Decide upon the types and specifics of the various insurance policies that the organization should buy. This includes being the contact person for the insurance providers.
Recommend insurance alternatives. Recommend any alternative insurance features that are not currently being used, or suggest using insurance products that are entirely new to the company.
Manage claims. Supervise the filing of insurance claims, monitor their progress with insurers, and verify that payments have been received.
Conduct due diligence. Investigate the risks inherent in a target company that may be acquired, as well as the state of its risk management practices.
Desired Qualifications
The candidate chief risk officer should have a master's degree in business administration, or equivalent business experience and 10+ years of progressively responsible experience for a major company or division of a large corporation. Should have experience in partnering with an executive team, and have a high level of written and oral communication skills, as well as a strong knowledge of processes.
Working Conditions
Will work in an office environment. Extensive travel to company subsidiaries will be necessary.