Skip to content

The ‘five Cs’ approach to managing risk

Torry Berntsen Executive Vice-Chairman, CIB Europe, Americas, the Middle East & Africa

19 Apr 2023

Home > News > Corporate & investment banking > Corporate strategy > The ‘five Cs’ approach to managing risk
A simple framework could help senior financial services leaders embed organisational resilience and proactively navigate the evolving risk landscape.

Although every year brings challenge and change, the past few years seem to have brought more than their fair share of crises, both natural and man-made. In recent weeks, we have seen the failures of Silicon Valley Bank (the second largest bank failure in US history), Silvergate Bank and Signature Bank.

Equally, we have seen the process set in motion for Credit Suisse to be acquired by UBS, all while the recovery from Covid-19 is still fresh in the mind and human tragedies continue to unfold in places such as Ukraine, Turkey and Syria.

On this basis, CEOs around the globe are look­ing at how the risk environment is evolving, and how well prepared their teams and organisations are. Navigating this landscape successfully is not guaranteed. However, with a clear focus on a few key principles – the ‘five Cs’ – the path ahead is more straightforward.

An evolving risk environment

Since the global financial crisis of 2007–8, in gen­eral terms, banks’ approach to risk – including from a capital, credit and compliance perspective – has become far more rigorous. The benefits of this approach were illustrated through the sector’s resilience during the Covid-19 pandemic and the market volatility that we have experienced over the past year. However, as we have seen recently, not everyone gets this right.

Banks therefore cannot be complacent and leaders need to be constantly aware that the risk environment continues to evolve, and things can change quickly. Geopolitical risk is an obvious area of change and a focus for CEOs globally.

For a bank like Standard Chartered, which operates in many of the world’s most dynamic countries, this risk gains an additional dimension, both to ensure the safety and wellbeing of our staff, and to meet the often rapidly changing needs of our clients in these markets.

Cyber risk and financial crime are areas where we spend a great deal of time and attention as a bank, particularly given our international foot­print and the diversity of markets in which we operate. Likewise, the need to comply with regu­lations around the world can be challenging for an international bank where regulations may contradict or diverge.

There are also industry changes taking place, such as the growth of shadow banking and the non-regulated banking sectors, as well as crypto­currency, which still hold some areas of concern, particularly across consumer protection and financial conduct. Banks also have a major role to play in tackling climate risk, an issue that is of pri­mary importance to the markets in which we oper­ate, and which are vulnerable to the effects of climate change.

An inward-looking approach to risk

While these macro and global issues are familiar and widely discussed, many companies face con­siderable internal challenges that are less fre­quently acknowledged. For example, like many industries, we’ve seen workforce attrition in the banking sector over the past couple of years, as well as moves across banks.

Workforce mobility can, of course, be positive, by injecting new ideas and perspectives. On the other hand, we need to think about how we can ensure continuity of experience for clients and con­sistent levels of expertise and service offering. Maintaining and building culture and identity as an organisation also becomes more challenging in the context of changing personnel.

The ‘five Cs’ of managing risk

Banks need to remain vigilant to changing risk dynamics. This applies not only in the boardroom, but a risk-aware culture needs to extend across the organisation as a whole, both upwards and down­wards. I encourage my team to adopt a ‘five Cs’ approach to doing this:

1. Communication

Throughout my career, I have found the most worthwhile and productive relationships, including with regulators, supervisors, colleagues and part­ners, are those characterised by regular, proactive communication centred on honesty. By ensuring a culture based on open communi­cation when times are good, difficulties are easier to overcome at times when trust and transparency may be tested. As the saying goes, a problem shared is a problem halved.

2. Collaboration

Senior executives are faced with a myriad of risks which can seem overwhelming. Many are dealt with using the standard ‘risk register’ approach and through operational processes, and hence do not always require a great deal of senior leaders’ time. But some of the risks I’ve mentioned so far: cyber, financial crime, climate, prudential, as well as risks around disintermediation and digital dis­ruption, require a strategic approach to policy, pri­ority, and investment – spanning multiple departments and experts. Collaboration is there­fore key. While we can make progress in addressing these risks, we will not ‘solve’ them; likewise, they will continuously evolve, so as a bank, and a wider industry, we need to remain vigilant and look not just for ‘quick fixes’, but focus on longer-term and systemic approaches to risk, utilising all relevant resources.

3. Continuous education

I have mentioned the importance of a risk-ori­ented culture, which may sound obvious, but many of the people now in, or moving into, posi­tions of responsibility may not have directly expe­rienced high inflation or interest rates during their professional lifetimes. The evolution of new risks, such as from the environmental, social and governance and digital agendas, also means that upskilling our people is important to mitigate their impact. As such, we cannot forget the importance of continuous educa­tion and sharing of experiences across teams, organisations, and the wider industry. I’m not advocating that everyone should look in the rear-view mirror in order to make decisions; however, as Winston Churchill succinctly put it: “Those that fail to learn from history are doomed to repeat it.”

4. Coordination

Regulatory compliance is a necessary priority for senior leaders in international financial services organisations, both to ensure that the company retains the necessary permissions to do business in each country, and as part of our belief in and com­mitment to a well-managed robust industry.

This can be more difficult when regulations in each country appear to diverge, or where regula­tions may have unintended consequences. Coordi­nation between industry and regulators, and coordination between regulators, is essential to ensuring that new regulations achieve the desired behaviours and outcomes, and do not create unwarranted or unintentional compliance burdens for companies operating internationally.

5. Creating value

Finally, it is easy for senior executives at banks and other financial services providers to spend signifi­cant time, effort and attention on managing exist­ing risks, such that they forget the business itself and the potential impact of systemic risks on the horizon. Banks need to deliver value for clients, shareholders, and community stakeholders. I’m not advocating growth at all costs. However, not investing in creating value is at least a big a risk as the issues I mentioned earlier. Equally, we need to grow our people and foster talent – this involves making commitments to build more inclusive teams that live and breathe our organisational cul­ture. Furthermore, we need to develop long-term trusted client and regulatory relationships, and deliver the solutions that help our clients to grow and flourish.

Bringing it all together

The future of regulated financial service compa­nies in general is bright. Banks continue to provide essential services to society. To manage risks effec­tively, and build more robust, agile and resilient organisations, senior leaders should not dampen their ambitions; rather, they should be thinking about how they can achieve these ambitions in a way that brings their entire organisations and their regulators with them – aligning on purpose, culture and talent.

By doing this, banks and financial services pro­viders will find themselves in a stronger position to understand, prioritise and mitigate their risks, and take opportunities as they arise.

The original article was first published by The Banker here, this version is re-produced with the publisher’s permission.