Thematic Review of Risk Management Maturity – Summary of Key Findings

Thematic Review of Risk Management Maturity – Summary of Key Findings

Earlier this year, the Central Bank of Ireland (CBI) conducted a Thematic Review of Risk Management Maturity in Credit Unions. While the CBI acknowledges the progress that credit unions have made in terms of risk management maturity, it has highlighted some key areas for improvement. Below, we’ve briefly summarised these findings.

On December 9th @ 10.30am we are holding a one-hour webinar that will focus on the key findings in more detail, and on how you can implement the CBI’s published recommendations. Registration for this webinar is free and registration is available here. Please feel free to share the invitation with your colleagues.

“Good governance and robust risk management are necessary and critical business enablers for credit unions in protecting members’ funds, addressing current challenges and leveraging available opportunities”

Patrick Casey, Registrar of Credit Unions, 2021

Board Ownership and Oversight

  • Little evidence of ownership of risk management by the Board (communicating actions, decisions, and feedback on reports).
  • Little evidence in many cases of robust discussion taking place at Board meetings on risk-related issues.
  • Little evidence of engagement between the Board and the RMO on decisions taken to mitigate risks.
  • Limited face-to-face interaction between the Board and the RMO (infrequent attendance at Board meetings).
  • Large dependency on a small number of Board members to address the issues raised by the RMO relating to risk.
  • Over reliance on sub-committees (e.g. Audit & Risk Committee)
  • Lack of evidence of regular reviews of the risk management framework (by the BoD)
  • Lack of evidence of involvement of the RMO in the development and maintenance of the strategic plan

 

Risk Management Function – Structure and Framework

  • Disconnect between 1LoD and 2LoD – little or no engagement between the front-line staff and the RMO.
  • Risk-related work done by 2LoD in a ‘silo’ – typically RMO, CEO and the management team.
  • No formal process for front-line staff (first line of defence) to report existing or potential risks.
  • Issues with independence of the RMF – RMO not reporting directly to the Board on a regular basis.
  • CEO requesting substantive changes to reports before being submitted to sub-committees / Board.
  • RMO being involved in ‘operational’ / first line of defence work.
  • Inconsistencies in the application of policies, procedures and other documentation relating to risk management.
  • Issues with the practically of risk registers – too many risks, duplication and not reflecting the risk profile of the credit union.

 

Risk Management Reporting

  • Fewer risk reports submitted than expected as per the credit union’s own policy
  • Work to do regarding the quality of risk reporting – lacking in detail, not tailored sufficiently for the CU and not discussing areas that have been previously flagged in regulatory engagements.

 

Training & Culture

  • Lack of evidence of training being planned for.
  • No evidence of training being provided in relation to the CU’s own risk management framework.
  • Lack of clarity around how policy updates are communicated to all in the credit union

 

Click here for more information on how the CalQRisk solution can help your credit union with its risk management obligations.

Recent News

Thematic Review of Risk Management Maturity – Summary of Key Findings

Thematic Review of Risk Management Maturity – Summary of Key Findings Earlier this year, the Central Bank of ...
Read More

Business Post – Improving the Odds

We were delighted to be featured in the Business Post recently. In the article, our CTO discussed the ...
Read More

Federation of Irish Sport announce three-year partnership CalQRisk

The Federation of Irish Sport is delighted to announce GRC software provider CalQRisk as its latest partner. The ...
Read More

CalQRisk shortlisted in CIR Risk Management Awards

We're delighted to announce that the CalQRisk solution has been shortlisted for the 'Risk Management Product of the ...
Read More

10 Things You Need To Do If You Are Outsourcing an Activity

There is a growing trend towards organisations relying on outsourced service providers (OSPs) to deliver (often key) elements ...
Read More

Oaklee Housing implement CalQRisk

Oaklee Housing, one of Ireland’s most ambitious providers of customer-focused housing and support services have partnered with CalQRisk ...
Read More

The Five Pillars of Operational Resilience

The Five Pillars of Operational Resilience The Basel Committee (on Banking supervision) defines operational resilience as “the ability ...
Read More

The Charitable Purpose – the Touchstone for the Organisation

The Charitable Purpose – the Touchstone for the Organisation Many corporate mission statements are simply clever PR, designed ...
Read More

Webinar – Fundamentals of Anti-Money Laundering for Credit Unions

Webinar - Fundamentals of Anti-Money Laundering for Credit Unions We have teamed up with ID-Pal and Corrib Point to organise a CPD ...
Read More

10 Things you should know about Operational Resilience

10 Things you should know about Operational Resilience   Operational Resilience is the ability of an organisation to ...
Read More