Defining roles and responsibilities and continuing education help ensure appropriate coverage.
While the news surrounding the failings and futures of Silicon Valley Bank and Signature Bank remains in the headlines, we are learning a great deal about the role that rising interest rates, cryptocurrency and governance played in each organization’s demise.
The federal government reacted quickly to minimize panic that might have destabilized the entire banking industry, and National Credit Union Association Chairman Todd Harper was quick to assuage the fears of our nation’s credit union members, saying “No one has ever lost a single penny of insured share deposits within the credit union system.”
And while there is much debate about who or what is ultimately at fault, there are important lessons to be learned from these examples about the risk management responsibilities inherent within your own credit union’s system of governance.
The International Organization for Standardization defines risk as “the effect of uncertainty on an objective”—a direct correlation to a credit union’s strategic plan. A secondary definition of risk is simply, “managing uncertainty.” This perspective brings front and center the human dynamics at play in measuring and managing risk.
And while enterprise risk management can be clearly defined by the Committee of Sponsoring Organizations of the Treadway Commission, each individual credit union must have its own understanding of risk, or more specifically, its appetite for organizational risk. Ensure that your board, in constructive partnership with your CEO and senior management, has defined an explicit risk tolerance statement that indicates the level of risk your credit union is willing to take.
Who’s Responsible for Risk Management?
Remember that risk management is not the responsibility of just one entity within your credit union; it should not solely fall upon the shoulders of your internal auditor or your supervisory or audit committee. It is a function of your board, CEO, internal auditor, senior management, and the supervisory or audit committee working in constructive partnership.
The board approves the credit union’s risk profile and oversees its ERM program. However, the risk profile itself is developed by the credit union’s board, CEO and senior management during the strategic planning process. Address risks in your strategic planning process by scanning your credit union’s internal and external risks.
Does your credit union have a charter for its board-level risk management committee and a job description for its members? Like all best practices, this one is essential. Clearly defining roles and responsibilities around risk management ensures appropriate coverage and a system of checks and balances that won’t leave the credit union unnecessarily exposed. Additionally, a job description will ensure you have the right talent with a collective finger on the pulse of what is happening in our world that will impact the credit union and present opportunities for growth and failure alike. Uncertainty about whether your credit union has the right people in the right seats may indicate a need for a director’s skills assessment that can recommend further education and training.
Look to Committees and Director Development
Allen DeLeon, CPA, founding partner of DeLeon & Stang, and adjunct consultant with Quantum Governance, advises boards to ask whether their management-level asset/liability committees and board-level finance committees are meeting regularly and having robust conversations about liquidity and asset/liability management.
“Make sure that both members of the board (through your finance committee) and senior management (through ALCO or ALM committees) are knowledgeable and experienced and that you are monitoring your rates during this time while the banking sector is under some level of instability,” he says.
Lastly, once you have the best and brightest serving your credit union, ensure that you have continuing education requirements and resources at the ready to help your ERM committee stay on top of the shifting sands of cybersecurity, cryptocurrency, regulatory changes and interest rate hikes.
To help you in your risk management efforts, download Quantum Governance’s free model ERM Policy, which is part of our library of policies, charters, procedures and job descriptions.
Gisele Manole is chief marketing officer and senior consultant with Quantum Governance, L3C. Quantum Governance provides credit unions, corporations, nonprofits, associations and governmental entities with strategic, cost-effective governance, ethics and management consulting, facilitation and evaluation. With more than 50% of Quantum Governance’s clients representing credit unions, the organization fields more engagements in the credit union community than in any other. Quantum Governance is a CUES strategic partner in the field of governance and is home to more strategic governance experience than any other practice in the country. The firm is a unique L3C organization that integrates the best elements of both the for- and non-profit communities into one practice. It is a low-profit, limited-liability service organization dedicated to the public good and one of the very first such legal hybrid organizations in the United States.