In this episode of the Risk Intel Podcast, we invited Tyler Pihl, VP - Enterprise Risk at Service Credit Union back to the show to share best practices and guidance on crafting risk appetite statements. Tyler provides valuable insights on rewriting and maintaining risk appetite statements, integrating risk management into organizational culture, and shares concrete examples with our audience. Continue reading or watch the full episode below to learn more.
If you missed our last conversation with Tyler Pihl, click here to learn about how to create a proactive risk culture.
Sometimes rewriting risk appetite statements is essential for aligning them with the evolving strategic goals and regulatory environment of an organization. This process requires a thorough reassessment of the current risk landscape and ensuring that the statements reflect the organization's current and future ambitions. It involves detailed workshops and consultations with key stakeholders, including the management team and the board, to gather diverse perspectives and create a cohesive, updated statement for each area of risk.
“When we get through this process, they’re [management team and the board] going to be all in. We’re going to have the board aligned, we’re going to have management aligned, and the CEO ultimately is supportive of that”
Tyler explains how workshops are crucial for understanding the broad spectrum of risks the organization faces and for ensuring that the new risk appetite statement is not only comprehensive, but also practical and actionable. By involving a wide range of stakeholders across the organization, it will ensure that your statements are comprehensive and widely accepted, setting a strong foundation for effective risk management.
Maintaining risk appetite statements is crucial to ensuring they remain relevant and useful over time. This involves regular reviews and updates to reflect changes in the internal and external environment, including shifts in market conditions, regulatory changes, and evolving organizational objectives. Regular reviews ensure that the statements continue to guide decision-making processes effectively and remain aligned with the organization's risk profile.
When Service Credit Union was rewriting their risk appetite statements in 2020, they created three components:
“What’s allowed it to stay the test of time is, they are detailed enough in all three of those sections where you’re not calling out anything specific, but it gives you guide posts to work with it”
Annual reviews help keep the risk appetite statements aligned with the organization's current risk exposure and strategic objectives. These reviews often involve reassessing the effectiveness of the risk management strategies in place and making necessary adjustments to address any gaps or emerging risks. This ongoing process ensures that the risk appetite statements are not static documents, but instead a dynamic tool that evolve with the organization.
Integrating risk management into the organizational culture is vital for ensuring that risk considerations are embedded in daily operations and decision-making processes. This integration fosters a proactive approach to risk management and enhances the organization's resilience. By making risk management an integral part of the culture, employees at all levels are more likely to understand and adhere to the risk appetite, leading to more consistent and informed decision-making across the organization.
“We try to get our culture into our risk appetite statements and say this is how we want to do business. The CEO and the management team have built up a group that believes in doing business that way…it’s really allowed us to stand the test of time"
Embedding risk management into the culture means that risk awareness becomes a natural part of how business is conducted. This cultural integration helps ensure that all employees, from top executives to front-line workers, understand their role in managing risk and are empowered to make decisions that align with the organization's risk appetite. This approach not only improves risk management outcomes but also strengthens overall organizational cohesion and performance.
Tyler helps us understand a little bit more by sharing a few examples of some of their risk appetite statements.
“So when we came out with this, we went through a core conversion, we onboarded a CRM, we changed a lot of the technology we were using as an organization to look ahead and say, you know, this is going to put us in a position for future growth."
These strategic investments are designed to enhance the organization's capabilities and position it for future growth, demonstrating the practical application of risk appetite statements in driving strategic decisions.
This episode provided valuable insights into the continuous improvement of ERM practices. Rewriting and maintaining risk appetite statements, integrating risk management into the organizational culture, and using real-life examples to illustrate these principles help organizations navigate complex risk landscapes. By embedding these practices into their core operations, organizations can achieve a balanced approach to risk that supports strategic growth and regulatory compliance. This episode serves as a comprehensive guide for organizations looking to refine their ERM practices and the importance of seeking a risk expert or partner when crafting new risk appetite statements to meet your strategic goals.