In a recent episode of the SRA Risk Intel Podcast, guest Michael Glotz, CEO and Co-founder of SRA, joins host Ed Vincent to explore the significance of enterprise risk management (ERM) for banks approaching key asset thresholds. Glotz sheds light on the regulatory aspects and essential considerations risk officers need to be aware of at the $1 billion ($1B) and $10 billion ($10B) dollar marks.
When a bank approaches a billion dollars in assets, it becomes a significant threshold from a regulatory examination perspective. While there is no magical point at the $1B mark that triggers specific infrastructure requirements, regulators closely scrutinize banks crossing this threshold to ensure they have the necessary basic infrastructure in place.
As a bank exceeds the $10B mark, the regulatory landscape changes significantly. Banks face additional regulations and must establish more formal infrastructure. Specialized regional bank examiners conduct more frequent and detailed exams, diving into specific areas such as enterprise risk management, capital management, data management, and more.
At the $1B asset mark, banks are advised to have a Chief Risk Officer (CRO) in place, reporting to the CEO or Chief Operating Officer. The CRO's role is to assess risk independently and separate it from the business's operations. Additionally, having a dedicated Chief Risk Officer separate from any audit overseer roles is highly recommended, along with more formalized risk assessments to align with increasing regulatory expectations.
It's important to differentiate between the risk maturity framework and risk assessments. The risk maturity framework evaluates the effectiveness of the risk management structure and identifies areas for improvement. On the other hand, risk assessments focus on evaluating the risk levels within each department and the overall bank, highlighting potential vulnerabilities.
To prepare for the regulatory exams, banks should conduct a comprehensive gap assessment or risk maturity assessment, ensuring compliance with specific regulatory guidelines. Glotz also recommends developing a three-year roadmap for enhancing risk management and control, benchmarking against other organizations, and acquiring the necessary systems and staff are crucial steps.
As banks approach key asset thresholds, such as a $1B and $10B, implementing effective enterprise risk management practices becomes vital. Regulatory examinations intensify, requiring banks to have proper infrastructure, including a Chief Risk Officer, Chief Audit Executive, and robust risk management systems. By understanding the dos and don'ts at these milestones, banks can proactively address regulatory expectations and strengthen their risk management practices.
Listen or watch the full recording below.