Season 2 | Ep. 6: Unlocking RCSA: Tools, Techniques, and Regulatory Collaboration

Season 2 | Ep. 6: Unlocking RCSA: Tools, Techniques, and Regulatory Collaboration

February 6, 2024

In the dynamic landscape of financial risk management, the latest episode of the Risk Intel Podcast unveils a treasure trove of strategic insights. Host Edward Vincent welcomes back industry veteran Doug Cargnel to the show, boasting nearly 30 years of operational risk management and audit experience, the conversation centers around the crucial components of Risk and Control Self-Assessment (RCSA). This episode and blog below highlights the key tools, practical tips, and regulatory collaboration strategies discussed in the podcast.

This episode is Part 3/3. For Part 1, Boost Your Risk IQ: Understanding RCSAs with Doug Cargnel, click here. For Part 2, From Concept to Reality: Enacting RCSA in Financial Institution, click here.

Tool Selection for RCSA: Simplicity is Key

The podcast emphasizes the practicality of commencing RCSA processes with familiar tools such as Excel and Word. Doug Cargnel advocates a phased approach, allowing organizations to crawl, walk, and then run in their risk management journey. This strategic simplicity ensures a smoother transition, enabling a more profound understanding of how the organization wishes to document RCSAs.

Instead of jumping into the complex, heavy configuration, personalization, even customization, start with a crawl. The main template to “crawl” would be capture the risks, assess the exposure of those risks, identify the controls, and have a place to assess the effectiveness of those controls. The RCSAs need to be structured and documented, then that can be used as a basis for how your longer-term solution will be framed.

“That crawl, walk, run approach in this space is a best practice… Many organizations in the industry have said how they implement risk technology, only to learn it doesn’t align to the way the organization thinks about risks and controls at all” – Doug Cargnel, RCSA Risk Advisor, SRA Consulting

Integration with Enterprise Risk Management (ERM): A Holistic Approach

A pivotal aspect of the discussion revolves around integrating RCSA with Enterprise Risk Management. The podcast asserts that RCSA serves as the heart of the ERM framework. Syncing those Key Risk Indicators (KRIs) to monitor and track over time is crucial. Doug Cargnel's insights stress the importance of establishing a strong foundation, allowing organizations to build upon RCSA, creating a robust risk management ecosystem.

Navigating Regulatory Collaboration: Insights and Best Practices

Regulatory collaboration emerges as a critical theme. The podcast sheds light on the art of effectively communicating with regulators during RCSA implementation. Doug advises professionals to treat regulators as partners, sharing organizational objectives, tools, and methodologies. Setting realistic expectations and providing a transparent view of the RCSA journey is crucial for maintaining a positive regulatory relationship.

It's important to explain the tools and methodology you’re going to use and what your desired outcome is. Regulators could have a broad view of RCSA and, since one size does not fit all, could have come from a bank they’re examining who handled RCSAs differently and expect the same. As long as you’re explaining your desired outcome, the regulators won’t come in and examine you to a different expectation.

Takeaways for Financial Professionals

In summary, financial professionals seeking to enhance their risk management strategies can draw valuable insights from this podcast. The episode emphasizes the strategic use of familiar tools, gradual integration with ERM, and collaborative engagement with regulators. By adopting a phased approach and leveraging practical tips, organizations can fortify their risk management frameworks and navigate the intricate landscape of financial risk successfully.

RMA RIsk Maturity Framework

Powered by SRA Watchtower

Take the self-assessment today to
measure your institutions risk maturity.


Book an


discovery session

Three ways to tap into the people, technology and insights of SRA.
We're focused exclusively on the serving the financial & Insurance industries.


Schedule a 30 minute consult with an SRA Risk Management Practitioner to understand your challenges, opportunities and potential paths to success.


Look inside the SRA Watchtower platform and understand how it helps executives navigate risk and drive growth.


Learn how SRA practitioners and their clients are tackling the most important and pressing issues facing the BFSI industry today.


SRA Newsroom

RMA RIsk Maturity Framework

Powered by SRA Watchtower

Take the self-assessment today to
measure your institutions risk maturity.