OVERVIEW

SifiBank’s near-death experience wound up having a transformative effect on the way the bank and its subsidiary companies identified, measured, and managed its various risks. It embraced robust risk governance and established a risk culture that permeated the entire organization. Throughout the bank’s hallways were banners stating, “Risk Management Is Everyone’s Responsibility!” Those five words had an empowering effect on management and employees and expectations surrounding that motto were clearly identified in all performance and incentive compensation evaluations.

The CEO and CRO had even bigger plans for risk management. Although the quality of the risk management function had increased significantly after the financial crisis, there appeared to be gaps in the way the bank processed all of the information it was gaining from these capabilities. Specifically, the risk management teams within each business unit still operated in a silo mentality. That is, organizational challenges limited SifiBank’s ability to leverage its risk units beyond its individual business unit risk functions. The risk departments of each operating unit of the bank were largely organized around individual risks, for example, credit, market, and operational risks. While this approach recognizes the need for specialization it limits the bank’s understanding of how risks intersect and their implications on the business. Information flows were coming ...