Banks seek new blood to fill evolving CRO role

Transformation InnovationFinancial ServicesLegal, Risk, and ComplianceExecutive Search
Article Icon News Article
7月 02, 2018
2 read
Transformation InnovationFinancial ServicesLegal, Risk, and ComplianceExecutive Search

American Banker

The American Banker article, “Banks seek new blood to fill evolving CRO role," quoted Russell Reynolds Associates Consultant William McKinnon about the evolution of the Chief Risk Officer. The article is excerpted below. 

Chief risk officers are more valuable to CEOs than they have ever been, usually taking a seat at the table when senior executives and boards are contemplating new investments or entry into new business lines or markets. Assessing credit risk is still very much part of the job, but CROs these days also need to be tech savvy, comfortable with strategic planning and unafraid to challenge management. 

This growing list of demands could explain why CRO turnover is on the rise. 


Internal and external candidates have their own unique merits. An internal candidate already knows the organization so there’s less risk that he or she will have difficulty acclimating to the company culture, said Will McKinnon, a consultant in Russell Reynolds’ legal and risk practices. 

On the other hand, external candidates offer a different kind of advantage. 

“You’re bringing in best practices from another organization, which can only make your risk management practices and methodologies better,” McKinnon said. He said that banks often see their strongest, second-tier talent poached by the competition. Fifth Third Bancorp, for example, hired its current CRO, Frank Forrest, from Bank of America , where he had worked for 10 years in a variety of risk management roles. Citizens Financial Group’s CRO, Malcolm Griggs, is a former high-ranking risk executive at Citigroup. 


McKinnon said there’s a greater emphasis on a chief risk officer’s IT savvy. That means having both the ability to use information technology as a risk management tool and to assess risks, like cyber risk, associated with IT systems. 

“The role has become increasingly complex. It spans not just financial risk, but IT risk, business risk, and more. And to add to the complexity, the risk threats and analysis are increasingly global,” he said. 

McKinnon also said that he sees the chief risk officer role more frequently carved out as its own independent function that reports directly to the CEO, whereas previously, the chief risk officer might have reported to the CFO. 

To read the full article, click here.