The Chief Risk Officer: a study of roles and responsibilities

Abstract

Enterprise risk management is becoming an important component of corporate governance as evidenced by the many firms that have either created the position of a Chief Risk Officer (CRO) or elevated the CRO to the membership of the Top Management Team. However, few studies have explored the roles and responsibilities of the CROs. The aim of this study is to provide some empirical evidence about the roles and responsibilities of CROs based on the Mintzberg’s classical managerial roles model. The study makes use of a dataset obtained from Lexis–Nexis academic to conduct a qualitative content analysis of press releases from 106 US firms that hired a CRO between 2010 and 2014. The results reveal that the key roles and responsibilities of the CROs can be mapped into the three main Mintzberg’s classical managerial roles of interpersonal (leader, liaison), informational (monitor, spokesman), and decisional (entrepreneur, resource allocator) implying that a CRO is a leader, a strategist, and an enabler. The office of the CRO is also gaining pre-eminence and is more diverse as evidenced by the reporting structure and gender representation whereby over 90% of the hired CROs reported to the CEO, chairman, or President, and over 35% of the hired CROs were females, respectively. A study of what CROs do will facilitate the setting of the right expectations about the CROs’ job functions and contribute to an understanding of the value and impact of the CROs to the organizational strategy especially in the areas of risk control, risk management, and risk mitigation.