Assessingthe Chief Risk OfficerAn Introduction to Interviewing the CRO

This guide is ideal for Chairmen, Board Members, Chief Executive Officers, and Chief Human Resource Officers who are hiring and assessing Chief Risk Officers (CROs). It can also be an effective training tool for Chief Risk Officers who are preparing for their own interview process. This paper describes only one step in a 5 step assessment process. The full 5 steps are described in more detail at the end of this document. The initial assessment of a CRO and first step in the process starts with 7 key areas which are:

Assessing theChief Risk Officer

Seniority / Organizational ImpactTechnical ExpertiseCommercial AcumenLeadershipAnalytical ThinkingCommunication StyleVision / Strategy

While many people feel the assessment starts with the candidate who is applying to be a CRO, however it actually starts with the company itself and its CEOs/Boards risk appetite. This should include a clear understanding of the vision, direction and strategy of the business, as a risk to the business can only be defined in so much as it impairs these elements. A risk therefore is an event which inhibits an organization from achieving its objectives.

Generally, a Board consists 5 to 12 executives each characterized by his/her own risk tolerance. The Chief Executive Officer will also have his own personal appetite and together with the Board and all the senior executives, will dictate the tolerance level for the company. The more ambitious the vision the more risk the senior leadership team will be expected to take and the less ambitious the vision the less risk the senior leadership team will be expected to take. Therefore it is pertinent to take into account the vision of the company and its desired risk level when deciding on what type of CRO is appropriate for an organization. Aligning the Board's risk appetite is a science and I

recommend you bring in a specialist to do this. One of the most effective people I have ever seen at this task is Mr. Jan Bladen, Chief Operating Officer of Dubai Financial Services Authority. He systematically tackles this issue (alignment of risk appetite) through the creation of a Board consensus in less than one and a half hours. Of course Jan has been involved in Risk Management for over 20 years and is a guru in his field. While you may not be able to hire a guru to manage this process, I highly recommend ensuring you have someone on the Board with Risk experience. Hiring a Non Executive Director who was a former CRO or Risk professional is a good way to add this expertise to your leadership team at a nominal cost. I will not go into more detail about aligning the team on what is a reasonable risk and what is not in this paper; however I did want to stress how important alignment is to having a successful hiring process for the CRO.

In 1993 GE Capital hired the first CRO in the world, a man by the name of Mr. James Lam. Thus the CRO position is relatively new and as a result it is often loosely defined. Responsibilities can vary from one Chief Risk Officer to the next and we cannot assume that just because someone is currently a CRO that they are capable of performing at the level we require. The first thing one has to do is assess how senior the individual is who is applying for the position. Generally this can be tested by the individual's reporting line, committee seats, board positions, etc. Does the CRO have ultimate authority and accountability for the decision or are tough decisions escalated to a Group CRO in head office? The starting point for the assessment is the reporting lines and understanding exactly where the CRO in question sits in the organization. I have listed some suggested questions below;

page 1

page 2

Seniority / Organizational Impact Sample Questions(Metric Based on Size and Seniority)

Reports to: Direct Reports (What areas report to the CRO, Operational / Credit Admin / Remedial / Wholesale Risk/ etc)

Which Committees are you on?

How does the Governance structure work at your organization?

Describe the approval process and the perspective limits of authority? How does a proposalmove through the system? What does the approval chain look like?

How is the Risk team structured?

How big is the Risk Team?

Can you draw the organizational structure of the Risk team?

What committees are you a part of? (ALCO/EXCO / Risk / Audit)

Which area of Risk is your core strength? (Market / Operational / Wholesale / Retail / Treasury / etc)

What is the future of Operational Risk

What are the three biggest mistakes banks make when assessing Market Risk?

Commercial Acumen

Once the seniority of the CRO is established one must next assess the candidate's commercial acumen. The CRO must be able to recognize blind spots, “see around corners” and understand where the pitfalls in the market are. As markets change or clients’ agendas drift, the CRO must be able to stave off downside exposures early on and help course correct the organization's position. The best CROs have the pulse of the market and are able to stay clear of bubbles before they burst. They must possess a deep understanding of their client's counterparty risk and are able to identify secondary risks in a jiffy. This sometimes means changing strategy mid-stride and can often find them locking horns with business heads.

The CRO should have insight into where the organization will be driving its biggest revenue streams from and should know where the

country's GDP growth is coming from. If your credit portfolio is growing asymmetrically in relation to the market's GDP growth you are heading into a serious problem. A good CRO should know which metrics to look at and be able to discuss market trends in depth.

page 3

The Chief Risk Officer must be viewed as a pillar of expertise in his/her field and must have commanding knowledge of their subject matter. He/she must possess deep specialized knowledge complimented by a wealth of experience. The CRO must understand the local and regional legal idiosyncrasies of each region he/she is responsible for and should be able to discuss the differences off the top of his/her mind. Not understanding these issues can prove disastrous. The CRO should intuitively know which key performance indicators to keep an eye on and which types of reports senior management should be reviewing in order to ensure the organization has the right red flag mechanisms in place to detect negative events at an early stage.

TechnicalExpertise

A key component to any risk agenda is the ability to constantly assess and monitor the organization's exposures and risks. The best CROs will not have to pause and think deeply about which KPIs they would use or which management reports are most important. They should have a clear blue print in their minds about how to create a risk infrastructure.

Commercial AcumenSample Questions

Describe a time you had to align the business with the credit strategy? What was the situation, what did you do and what was the result?

How can you manage business growth while maintaining appropriate risk thresholds?

More banks play the price war, how will you deal with this?

Do you oversee Remedial?

Describe what you look for in a good Risk Manager?

Where do you see the organization growing in the future?

What industries are high growth areas?

page 4

The CRO is often viewed as the nemesis of the front office, but the best CROs are commercially minded individuals with a clear view of how to balance revenue growth while maintaining an acceptable risk appetite. This often requires an individual who is more commercially savvy and tuned into the macro and micro-economic trends than the pedestrian masses. Those CROs operating in the top 10% of their profession will invariably push and pull their organizations in and out of key sectors and sub-niches ahead of receding profit pools. They will intuitively know when it is time to get out of certain relationships or when their policies and procedures should encourage the institution to deepen their

Vision &Strategy

relationships in a specific area. The majority of CROs will not be visionaries and most will not have led a new agenda. Generally this skill has not been cultivated within the lower ranks of the risk department and thus is not a common skill among CROs. However, this will change as the risk profession matures and continues to blossom.

Technical Expertise/Risk CompetencySample Questions

How well do you know the local/regional legal systems?

Describe a time you had to restructure bad loans? What percentage of bad loans or toxic assets were you able to turn around? Were you able to limit the bank's exposure to these toxic assets?

What kind of MIS do you use? Which packages and which KPIs do you include in the dashboard for the MIS? What MIS packages do you provide to Senior Management, to the Committees and the Board?

If you started at the bank tomorrow which KPIs would you use to assess the current credit situation and which success metrics would you use? NPV, ROE, NPL, GPM, IRR, NOP, RWA, LGD, etc?

What is the toughest thing about Risk Management?

Describe a time you were required to reduce the amount of bad loans in a portfolio? What was the situation, what did you do and what was the result?

page 5

As a key member of the senior executive leadership team it is paramount that the CRO is able to communicate effectively. Their ability to handle high pressure situations with finesse and bring conflict to swift closure are quintessential tools of the job. Furthermore as the role is relatively young as compared with other C – Suite positions, it is critical that the CRO is able to mentor and effectively champion the necessary knowledge transfer the organization requires.

CommunicationStyle

Vision & StrategySample Questions

What is your Risk Management philosophy? Are you Conservative or are you more commercially aggressive than you CRO peers?

What asset classes would you encourage? Which industries are you averse to? Which ones would you prefer or encourage?

Can you give me an example of a time you had a vision of how to grow a credit portfolio, what was the situation, what did you do and what were the results?

Have you ever been in a situation where your Credit portfolio was growing asymmetrically to GDP growth, were you able to course correct your strategy in time?

Can you give me an example of a time you came up with an idea that increased revenue or reduced a cost?

How did you manage the financial crisis?

How did you manage the recent Political Crisis in the Middle East?

Were you affected by the Japanese crisis?

What are the current biggest political risks to your business?

page 6

Heading a department which can literally make or break a bank requires leadership. The CRO must have the gravitas and pedigree to command the respect of the team complimented by a commanding knowledge of risk and controls. They are a critical factor in mobilizing people to follow a new direction. The CRO must be effective at making impactful decisions and intuitively know the vision of the organization.

Leadership

Communication StyleSample Questions

Can you give me an example of a time you had trouble seeing eye to eye with a co-worker but were still able to maintain positive relations and deliver results?

Can you give me an example of a time one of your subordinates did not understand your instructions clearly, how did you change your operating style to communicate with them?

How do you take a vision and translate it into operational objectives which can be executed?

Tell me about a time when being more aware of what is going on would have helped to solve a problem?

Tell me about a time when you envisioned a better outcome and energized others to achieve the desired results?

If I were to ask a colleague /subordinate about you, how would they describe you?Describe the last time you lost your temper? What was the situation?

The first couple of questions below are a great way to get an idea about someone's operating style. Your least favorite person is often your anti-thesis, for example if you are very punctual then your co-worker who is notoriously tardy will drive you crazy.

page 7

The best CROs are able to see around corners and mitigate risks before they take place. Their ability to unearth trends and recognize patterns in the market allow them to stay clear of pit falls and avoid downside risks their competitors fall prey to. The CRO must constantly be analyzing and scanning the organization for new risks. They should have insights most others fail to have and have an exceptional ability to trouble shoot critical areas in the organization.

AnalyticalThinking

LeadershipSample Questions

Describe your least favorite person on your team?

Describe your least favorite person in the company?

Describe a time you had to define your Board's risk appetite for them? How did you get the board to become aligned and agree upon a certain risk tolerance?

How do you get all divisions to use a standardized risk measurement system?

Describe a time you had to re-align the Risk strategy to the company's vision?

Can you give me an example of a time you were able to step into a tough situation, give the team direction and deliver positive results?

What is the toughest thing about management?

What is the purpose of leadership?

How would you define a good leader?

What is the key to getting people to execute the organizations strategy?

What is the biggest reason why strategies do not get executed?

As a leader within an organization you must often build support for goals and projects from people who do not report to you and over whom you have no authority. Tell me about a situation in which you demonstrated that you can build the needed support?

How do you take a vision from agreement, acceptance, internalization, commitment to results?

How would you rate your own leadership skill on a scale of 1 – 10? What's missing?

page 8

This paper provides a brief snapshot into the initial interview of a CRO. Generally a full assessment consists of 5 key areas:

AssessmentSheet Summary

Analytical ThinkingSample Questions

Tell me about a time when you developed a new approach or offered a new idea that led to the success of a project?

Tell me about a time when your initial assessment of a problem was deemed incorrect? How did you figure this out and how did you react?

Can you give me an example of a time you declined a proposal which your peers wanted you to approve? What was the situation and over time how did the company perform?

Can you give me an example of a time you were able to make predictions about how the market was going to perform?

Can you describe a time when you were able to unearth a fraudulent proposal, what was the situation, how did you figure it out, and what was the result?

Technical/Competency Based InterviewMotivational / Subconscious Drivers InterviewCase StudyPsychometric TestReferences

As you can see this is a very thorough process and requires a professional approach. Many of the questions described in this paper provide a deep insight into the candidates thinking style,

approach and personality. For example asking “what is the toughest thing about management” actually tells you what the candidate's biggest management weakness is. Of course if you ask the candidate what is your biggest weakness they may be reluctant to tell you what it is. However if they say the toughest thing about management is aligning the team or dealing with conflict, or letting people go; you are actually gaining significant insight into their weaknesses.

Also key in the assessment is not so much what the candidate is saying but how they are saying it. 80% of our communication is non-verbal and the assessment professional must have a keen eye for the subconscious clues the candidates

Describe a time when you applied your expertise to unearth a trend or pattern in the market place others failed to recognize?

page 9

an opportunity one should never miss. In closing it is difficult to summarize the initial assessment of a C-Suite executive but I hope I have added some structure around the first step in a methodical and regimented selection process. Should you require some advice or guidance regarding your own CRO selection process, Stanton Chase International would be delighted to help. Please feel free to contact me directly at my address below.

give us. Finally the biggest opportunity to assess the candidate is after the interview is over, simply walk the candidate to their car. Often once the candidate is out of the building they let their guard down and start acting more naturally. The effect of having finished the interview and having physically left the building gives them the feeling that the interview is over. They often begin to speak more casually with you and will give you great insights into their life, personality and personal goals. This is great information and

Sincerely,

Shane PhillipsMENA Regional Practice LeaderFinancial & Professional Servicess.phillips@stantonchase.com

page 10

Industrial, Financial, Consumer & Retail, Technology, Logistics and Transport, Healthcare & Pharma, and Professional Services. Since its incorporation, our presence in the Middle East has grown 6 times by gross revenue, and we have opened two additional offices in Abu Dhabi and Doha. Stanton Chase is a member of the Association of Executive Search Consultants (AESC) and we strictly adhere to its ethics and code of conduct. Since 1959, the AESC represents retained executive consulting firms worldwide by establishing professional and ethical standards for its members and providing information to the profession, the media, and the public.

Stanton Chase International (www.stantonchase.com) is a specialized global executive search consultancy firm of first choice to multinational companies, offering executive search services globally, with regional knowledge and local insight. Today, it operates with truly integrated resources of over 70 offices in 45 countries. In recent surveys, Stanton Chase continues to be ranked among the top 10 international executive search firms by size, stature and reputation.

Stanton Chase in the UAE was founded in 2006, in order to assist organizations in identifying and attracting outstanding individuals for senior management roles and boards across the Middle East region. The office is specialized in Senior Executive level appointments in the sectors of

AboutStanton Chase International

DUBAI, UNITED ARAB EMIRATESTel: + (971) 4 3693529

Fax: + (971) 4 3604480 Address: Office S06, Block 17,

Dubai Knowledge Village, P.O Box 500195

ABU DHABI, UNITED ARAB EMIRATESAddress: Bldg.B, Al Mamoura 15th Str.,

P.O Box 46400

DOHA, QATARAddress: L14, Commercialbank Plaza,

P.O.Box: 67678

Shane PhillipsMENA Regional Practice LeaderFinancial & Professional Servicess.phillips@stantonchase.comTel: (+971) 4 3693529Fax: (+971) 4 3604480Direct: (+971) 4 3693539Mob/Cell: (+971) 50 9407537

Visit us on “Risk Middle East” on LinkedIn

www.executivenewswire.com

http://www.linkedin.com/groups?about=&gid=3970497

www.stantonchase.com