Managing risk from the front line

PriceWaterhouseCoopers | Risk in review, 6th Annual Study April 2017*

The heart of the matter: Front-line leadership, collaborative success
It’s been almost a decade since the 2008 global financial crisis and its aftermath forced companies into a defensive risk management posture, pulling responsibilities back from the business units to the second line of defence as they fought to weather the storm.

But faced with the new challenges of today’s complex business risk environment, companies are seeing the tide shifting once again. Today a collaborative approach to risk management with risk accountability sitting squarely in the first line of defence can be the key to greater organisational resiliency and growth. That means an engaged first line that makes risk decisions in alignment with strategy. It means a proactive second line that influences decision making through effective challenge and timely consultation and collaboration. And it means a diligent, independent third line focused on its core missions of protecting the organisation and delivering value.

A risk management ecosystem led from the front line, that fosters collaboration and shared accountability across all three lines of defence, positions a company to effectively meet the challenges of today’s risk landscape. To get there, a company should:

  • Set a strong organisational tone focused on risk culture that starts with the board and CEO and permeates the entire organisation.
  • Align risk management with strategy at the point of decision making so the first line anticipates business risks when setting tactical priorities.
  • Recalibrate the risk management programme across the three lines of defence with the first line owning business risk decision making, the second line monitoring the first, and the third line providing objective oversight.
  • Implement a clearly defined risk appetite framework across the organisation.
  • Develop risk reporting that enables executive management and the board to effectively execute their risk oversight responsibilities.

Read more

* republished article