RBI prescribes rules for chief risk officers in banks
As a step to bring uniformity in risk management across banks, Reserve Bank of India has prescribed rules for chief risk officer (CRO) stating that he shall directly report to chief executive officer, managing director, and board panel.
The CRO will not have any reporting relationship with business verticals, nor will he be given any business targets.
The CRO should not be given the responsibility of positions like chief executive officer, chief operating officer, chief financial officer, chief of internal audit function, RBI said in communication to banks’ chief executives.
Rules say banks shall lay down a board-approved policy clearly defining the role and responsibilities of the CRO. The official will be a senior person with the necessary and adequate professional qualification/experience in areas of risk management.
The CRO shall have direct reporting lines to the managing director and chief executive officer. In case the CRO reports to the managing director and chief executive officer, the risk management committee of the board shall meet the CRO on a one-to-one basis. Such a meeting should be held without the presence of the managing director and chief executive officer, at least on a quarterly basis.