ABSTRACT
The concept of compliance risk emerged as a major concern for firms, and many responded by centralizing their risk-related programs. Thus was born the position of Chief Risk Officer (CRO), whose role is relatively simple: provide leadership for ERM, ensure compliance and coordinate risk reporting. The position of CRO was first established in early 1990s, with Industry folk lore attributing the term to James Lam who was appointed by GE Capital in 1993 to manage credit, market and liquidity risks and put 'Chief Risk Officer' on his business cards. The CRO's role emerges tighter regulation and reporting requirements in a time of growing sophistication of risk management. Demonstration of its worth comes in: communication of risk performance, including a measure of total organization risks and analysis of previously unappreciated risks; training so that risk awareness becomes a core managerial competency; implementing innovative risk solutions, including use of risk as an investment criterion; and demonstrating value to stakeholders from risk management.
