This of course should sit in the context of what I covered last week on thematic enforcement work in 2013. Aside from his comments around board diversity, namely that the CBoI's 'fit and proper' activity to date is "...broadening the gene pool of corporate life" (eeeewwwww!), emphasis was given to three particular areas:
Risk Appetite Statements
- CBoI expects "... [a] high quality risk appetite statement that is well understood and implemented throughout the firm in practice"
- "...clear articulation of the acceptable level of risk...at different confidence levels, is an important discipline and an essential compliment to a well-articulated business strategy"
- That, due to disappointments in the past, Risk Appetite statements are "...certainly an area of increasing interest on [the regulator's] part, and where we are debating the best approach for encouraging improvements"
System of Governance and Risk Culture
- Boards should "...provide broad, challenging scrutiny of your firm's culture regarding regulatory compliance and internal challenge"
- Ensure that there are "...appropriately resourced and well-qualified risk management and compliance functions"
- "Think more fundamentally and strategically about the culture in the institution that you oversee"
- Expect directors to take a "...hard nosed view on Board composition, with a view to improving performance"
- Endeavour to attain the "...right gender diversity...and international experience"
With Risk Appetite and Risk Culture both having featured on the IRM's hitlist recently, the practitioners over there will have some assistance to hand from an industry body, however there should be some other useful stuff available in the tag cloud at the bottom of this page on appetite, culture and diversity if you are struggling for inspiration.