The chief risk officer (CRO) or chief risk management officer (CRMO) of a corporation is the executive accountable for enabling the efficient and effective governance of significant risks, and related opportunities, to a business and its various segments. Risks are commonly categorized as strategic, reputational, operational, financial, or compliance-related. CRO's are accountable to the Executive Committee and The Board for enabling the business to balance risk and reward. In more complex organizations, they are generally responsible for coordinating the organization's Enterprise Risk Management (ERM) approach.
The position became more common after the Basel Accord, the Sarbanes-Oxley Act, the Turnbull Report
A main priority for the CRO is to ensure that the organisation is in full compliance with applicable regulations (chief compliance officer). They may also deal with topics regarding insurance, internal auditing, corporate investigations, fraud, and information security. CRO's typically have post-graduate education and 20+ years of business experience, with actuarial, accounting, economics, and legal backgrounds common.
Famous quotes containing the words chief, risk and/or officer:
“He is no more than the chief officer of the people, appointed by the laws, and circumscribed with definite powers, to assist in working the great machine of government erected for their use, and consequently subject to their superintendence.”
—Thomas Jefferson (1743–1826)
“It’s a funny thing, the less people have to live for, the less nerve they have to risk losing—nothing.”
—Zora Neale Hurston (1891–1960)
“That’s all right, sir. A commanding officer doesn’t need brains, just a good, loud voice.”
—Cyril Hume, and Fred McLeod Wilcox. Dr. Morbius (Walter Pidgeon)