The pivotal role that an organisation’s chief risk officer (CRO) plays was underscored when it came to light that Silicon Valley Bank (SVB) had been without one for nine months before its collapse. While not everyone agrees that this was the main contributor to SVB’s downfall, clearly not having someone in such a key position meant the difficult questions that should have been asked weren’t asked.
Recent events have also shone a spotlight on the job’s growing complexity and rapidly expanding remit. While the CRO’s traditional focus was mainly on financial risks, such as credit, liquidity and market risk, they are now expected to have detailed insights into various non-financial risks, including cyber, culture, talent, geopolitical, climate change, reputation, digitisation, regulation … the list goes on, with almost all increasing in urgency.