With Basel III and the Solvency II regulation, and after the last banking crisis,financial institutions are due to set up a more and more sophisticated risk management structure, and to continuously assess and report risks as markets risks, credit risks, operational risks and other risks. But every large company has to keep up with ongoing regulatory change and scrutiny (from Sarbanes-Oxley to anti-money laundering) and meet demands for strong governance and enhanced transparency. They must be ready for dealing with a new variety of risks, with the fast-growing use of alternative investment vehicles, such as credit derivatives, private equity or energy products. That’s why roughly three-quarters of institutions now treat it at a board level, while almost 85% of them have a Chief Risk Officer (CRO). That’s also why our consultants have developed an expertise in that field.
The need for more risk management is not only due to the supervisory control, but also to the increased need for a risk adjusted capital allocation throughout the whole organization.
Over the past few years, internal audit missions have dramatically changed. The traditional controls-focused approach has seen its value diminish, while a risk-centric mindset has developed. New challenges are facing the internal audit professionals: adapt their process to risk assessment and planning, coordinate with other risk management groups, improve the assessments frequency (quarterly or more frequent updates), etc. Whereas Chief Auditing Officers are playing a key role in restoring confidence in financial reporting, Boards are becoming more interested in financial and non-financial risks. That’s why we have developed an expertise in internal audit, both for large companies and financial institutions.