Risk Management
More than half of US organisations ‘vulnerable to IT failure’
New research underlines cyber risks to central banks following CrowdStrike IT outage
Risk Management Benchmarks 2024 report – tech and turbulence
Data reveals central banks’ risk governance structures and strategies, as well as the top risks in 2024
ISO 31000 and COSO–ERM remain central banks’ leading standards
Central banks from high income countries less likely to use COSO–ERM
Mean risk management salary greater in high income countries
Salaries average $72,738 in rich countries but $33,464 in upper-middle income nations
Most central banks have difficulty hiring skilled cyber security staff
Respondents highlight pay disparity, skills gap and technological advancements as factors
Exit rate of risk management staff averages over 10%
Workers in middle income institutions tend to leave at a higher rate
Operational and financial risk units have largest staff
Upper-middle income institutions have largest average total number of risk employees
Cyber security remains critical concern for risk managers
High income central banks put greater emphasis on market and credit risks
Enterprise-wide risk management widespread among central banks
Few institutions maintain use of department-level and damage limitation approaches
Most central banks lack climate risk units
Just under half of institutions say they have difficulty hiring staff with matching skills
Cyber and fintech risk policies rejigged in a few central banks
Departmental structure varies across jurisdictions
Minority of central banks altered risk functions in past two years
Amendments emanate from factors including technology and climate change
Few central banks lack risk management strategies
Two respondents do not have a risk strategy and slightly more lack a defined risk tolerance
GRC systems remain scarce among central banks
Minority of central banks project adoption this year, others aim to upgrade
Most heads of risk management units report to governor or board
Risk management committees are more likely to exist in central banks than chief risk officers
Risk management units are most often centralised
Operational risks are the most covered area across participating jurisdictions
Bank of England launches system-wide stress-test scenario
Exercise is first-of-its-kind look at macro-prudential impact of shocks to banks and non-banks
US banks question stress-test discrepancies
Bank of America and Citigroup open talks with Fed about differing results
To govern well, manage ‘enterprise’ risk
Effective risk management should be governance-oriented and top-down; not operationally oriented and bottom-up, writes John Mendzela
Risk Management Benchmarks 2023 – presentation
Specialist Victor Mendez-Barreira discusses market volatility, cyber security and progress on climate change