Episode 20: Program Risk Assessments: Regulatory Requirements & Their Strategic Value
Podcast

Episode 20: Program Risk Assessments: Regulatory Requirements & Their Strategic Value

September 18, 2023

In the latest episode of the SRA Risk Intel podcast, host Ed Vincent was joined by Beth Nilles, Director of Watchtower Implementations and Mike Jones, Chief Compliance Officer to shed light on the vital topic of program risk assessments in the banking sector. With decades of combined experience in the industry, their insights provide a comprehensive understanding of this crucial component of risk management. Let's dive into the key takeaways from this informative discussion.

Understanding Program Risk Assessments

Beth Nilles introduces the concept of Program Risk Assessments, highlighting their distinction from traditional risk and control self-assessments (RCSA), which focus on individual risks and associated controls. However, Program Risk Assessments take a holistic approach and offer a bird's-eye view of how well a bank is managing risks across various areas, including IT, information security, and compliance.

Regulatory Significance and Exams

Mike Jones shared his views and expertise of the current regulatory landscape and why Program Risk Assessments matter to regulators. When regulators conduct examinations, they often request the Program Risk Assessments from the bank to see how they are managing risk strategically. These assessments serve as a litmus tests of a bank's understanding of its operations and risk management practices. Failure to provide thorough assessments can result in regulatory findings and even enforcement actions.

Both Mike and Beth underscore the consequences of failing to meet regulatory obligations of performing the required annual Program Risk Assessments. This includes making a poor impression with regulators, facing regulatory findings, and having to develop remediation plans. In the worst-case scenario, unidentified systematic risks could lead to lawsuits, monetary losses, enforcement actions, and penalties.

Strategic Value

Beyond regulatory compliance, Beth and Mike stress the strategic value of Program Risk Assessments. These types of assessments help banks identify potential weaknesses and allocate resources strategically to address critical risks across the bank. In an environment of limited resources, having a clear understanding of where risks lie is essential for effective risk management. That said, the maturity of a bank's risk assessment program can vary based on the size of a financial institution. Larger banks are expected to have a more strategic and comprehensive approach to risk assessment, while smaller institutions may focus more on regulatory compliance.

The Importance of Follow-through

Identifying risks is only the first step; banks must take action to address them. Program Risk Assessments should be part of an ongoing risk management process, with identified risks actively managed and mitigated.

A Strategic Imperative

In conclusion, this podcast episode emphasizes that Program Risk Assessments are not just a regulatory requirement, but also a valuable tools for proactive risk management and resource allocation. Banks, regardless of their size, should take a proactive approach to these assessments to enhance their risk management practices, avoid regulatory issues, and make informed decisions.

For a more in-depth understanding of Program Risk Assessments and their significance, we encourage you to listen to the full podcast episode on the SRA Risk Intel Podcast. Stay tuned for Part 2 of this conversation, where the hosts will delve into best practices of how banks address Program Risk Assessments and their future outlook in the industry.

RMA RIsk Maturity Framework

Powered by SRA Watchtower

Take the self-assessment today to
measure your institutions risk maturity.
SCHEDULE a demo
risk maturity framework

EXPERIENCE. WISDOM. KNOWHOW.

Book an

SRA CONSULTING

discovery session

SCHEDULE NOW
enterprise risk management for credit unions
Three ways to tap into the people, technology and insights of SRA Watchtower.
We're focused exclusively on the serving the financial & Insurance industries.

DISCOVERY 
SESSION

Discovery Session
Schedule a 30 minute discovery call with an SRA Watchtower risk expert to understand your challenges or opportunities ahead to see how Watchtower's holistic risk intelligence platform can support your goals.
SCHEDULE NOW

WATCHTOWER
DEMO

watchtower demo
Look inside Watchtower, the holistic risk intelligence platform to learn how it helps executives navigate risk and drive growth.
BOOK TODAY

Risk Intel
Podcast

Risk Intel Podcast
Listen and learn from SRA Watchtower risk enthusiasts, customers, and experts across the financial industry through our weekly risk focused podcast.
REGISTER

RMA RIsk Maturity Framework

Powered by SRA Watchtower

Take the self-assessment today to
measure your institutions risk maturity.
SCHEDULE a demo
risk maturity framework