The latest enterprise risk management news from around the world

Risk management: leadership culture is key

During her final speech as APRA Deputy Chair, Helen Rowell has told delegates at the Governance and Risk Management Forum 2023 that the attitude of boards and senior management is critical to successful risk management.

During the speech Helen Rowell said:

“The critical importance of boards and senior management leading by example in how they learn and grow from setbacks cannot be under-estimated.

“As a regulator for over 20 years, I have had plenty of experience providing feedback to boards. Sometimes, it’s sharing insights and pointing out where they could do better. At other times, it is a much sharper message about significant remediation steps required, or APRA’s plans to impose a penalty, such as licence conditions or a capital overlay.

“Better boards embrace feedback and lean into dealing with issues, see them as an opportunity for reflection, and to take steps to remedy the root causes and make genuine and enduring changes throughout their organisation. Others are more begrudging or half-hearted in their response, and do not nurture a culture that facilitates embedding of better governance and risk management practices throughout their organization. And that approach almost inevitably leads to lessons not genuinely being learned and mistakes of the past being repeated.

“There are a few examples of both good, and not so good, board responses that I could talk to – some of which are in the public domain. The most prominent example of what I would call the more positive approach to change is CBA (Commonwealth Bank), which went through one of the most public processes of criticism, including APRA’s court enforceable undertaking. What led to the successful removal of the capital overlay late last year was APRA being satisfied that the bank had sustainably driven internal change in its risk governance. Crucial to this was the board and senior management not doing it only because APRA required it, but because they saw it as essential to being a successful business.”

Read the full speech.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.