|
Aug 09
2010
|
JUST BECAUSE YOU DON'T HAVE TO HAVE A RISK COMMITTEE DOESN'T MEAN IT'S NOT A GOOD IDEAPosted by Jeff Gerrish in Jeff Gerrish on Community Banking   |
|
Don't just drive the bank with the rear-view mirror
In connection with Commandment No. 1, I advocate the formation of a Risk Committee, or, alternatively, the housing of the risk assessment and oversight function in the Audit Committee of the Board of Directors. The Audit Committee currently addresses financial risks.
The response I have received to my suggestion of a Risk Committee in a community bank from a number of community bankers is that (a) the regulators do not require it; (b) the Dodd-Frank Bill will not require the bank to do that because it is less than $10 billion and not publicly traded; (c) our other State regulator does not require us to do it, so why should we bother to set up a committee, especially one dealing with risk?
My response is, because for too long, we, as community bankers, have been driving our community banks forward by looking in the rearview mirror.
Think about what the board reviews at board meetings. What is on the typical board agenda? Last month's financials, year-to-date financials, past-due loans, concentrations of credit already on the books of the bank, sales in the investment portfolio, purchases. In other words, all issues reviewed have already occurred. The typical community bank board meeting deals with where the bank has been, not where it is going.
At the very least, if the bank does not establish a Risk Committee, the board should at least allocate some of the board's time to looking forward strategically for the bank. This allocation of board time could likely be accomplished by moving away from a standard board agenda for typical items and consolidating those into a "consent agenda."
I mean really, do you need the Chief Financial Officer reading every line of the financial statements to board members during the monthly meeting?
Or, don't you think you could have read that ahead of time and ask questions, if you have them, to shorten that portion of the meeting?
Other reports could be handled in similar fashion.
So, if the bank is not going to establish a Risk Committee, then let's at least allocate some time for strategy. But let's go back to the Risk Committee.
One objection to the Risk Committee is that most community banks do not want to set up additional committees; they are expensive, cumbersome, and the like. After all, what is a Risk Committee going to do anyway? Answer: How about identify risk areas, set risk parameters, monitor risk, mitigate risk, and provide accountability through reports from management with respect to risk and the like.
I get pushback from community bankers on that, such as, "Didn't all the large banks have risk committees?" Answer: Yes, they did. "It didn't do too well for them, did it Jeff?" Answer: Not really, but that is not a reason that we should not go forward and try and take the good portions of risk assessment and leave out the parts that did not work. This is analogous to why, if we are not a public company, should we adopt any of the Sarbanes-Oxley corporate governance matters? Answer: Because best practices that are not expensive make sense.
Tailoring the Risk Committee concept for your bank will be an individual decision.
Should the risk function be housed in the Audit Committee?
Should there be a separate committee?
Does the bank need somebody who understands risk, with the financial background or otherwise to chair the committee?
I say, tailor the Risk Committee for what works for your bank. Just like any other material committee, it should have a charter so the members know what it is supposed to do, and hopefully does do.
In any event, either establish a separate Risk Committee or house the risk function in the Audit Committee where the financial risk is already addressed.
It is a best practice for community banks.
* * *
Recently a client asked me whether a community bank should have a Risk Committee. The question arose because Commandment No. 1 on Gerrish's new 10 Commandments for Bank Directors in 2010 is "Pay Attention to Everything (Especially Risk)."
In connection with Commandment No. 1, I advocate the formation of a Risk Committee, or, alternatively, the housing of the risk assessment and oversight function in the Audit Committee of the Board of Directors. The Audit Committee currently addresses financial risks.
The response I have received to my suggestion of a Risk Committee in a community bank from a number of community bankers is that (a) the regulators do not require it; (b) the Dodd-Frank Bill will not require the bank to do that because it is less than $10 billion and not publicly traded; (c) our other State regulator does not require us to do it, so why should we bother to set up a committee, especially one dealing with risk?
My response is, because for too long, we, as community bankers, have been driving our community banks forward by looking in the rearview mirror.
Think about what the board reviews at board meetings. What is on the typical board agenda? Last month's financials, year-to-date financials, past-due loans, concentrations of credit already on the books of the bank, sales in the investment portfolio, purchases. In other words, all issues reviewed have already occurred. The typical community bank board meeting deals with where the bank has been, not where it is going.
At the very least, if the bank does not establish a Risk Committee, the board should at least allocate some of the board's time to looking forward strategically for the bank. This allocation of board time could likely be accomplished by moving away from a standard board agenda for typical items and consolidating those into a "consent agenda."
I mean really, do you need the Chief Financial Officer reading every line of the financial statements to board members during the monthly meeting?
Or, don't you think you could have read that ahead of time and ask questions, if you have them, to shorten that portion of the meeting?
Other reports could be handled in similar fashion.
So, if the bank is not going to establish a Risk Committee, then let's at least allocate some time for strategy. But let's go back to the Risk Committee.
One objection to the Risk Committee is that most community banks do not want to set up additional committees; they are expensive, cumbersome, and the like. After all, what is a Risk Committee going to do anyway? Answer: How about identify risk areas, set risk parameters, monitor risk, mitigate risk, and provide accountability through reports from management with respect to risk and the like.
I get pushback from community bankers on that, such as, "Didn't all the large banks have risk committees?" Answer: Yes, they did. "It didn't do too well for them, did it Jeff?" Answer: Not really, but that is not a reason that we should not go forward and try and take the good portions of risk assessment and leave out the parts that did not work. This is analogous to why, if we are not a public company, should we adopt any of the Sarbanes-Oxley corporate governance matters? Answer: Because best practices that are not expensive make sense.
Tailoring the Risk Committee concept for your bank will be an individual decision.
Should the risk function be housed in the Audit Committee?
Should there be a separate committee?
Does the bank need somebody who understands risk, with the financial background or otherwise to chair the committee?
I say, tailor the Risk Committee for what works for your bank. Just like any other material committee, it should have a charter so the members know what it is supposed to do, and hopefully does do.
In any event, either establish a separate Risk Committee or house the risk function in the Audit Committee where the financial risk is already addressed.
It is a best practice for community banks.
About the Author
-
-
- Jeff Gerrish is chairman of the board of Gerrish McCreary Smith Consultants, LLC, and a member of the Memphis-based law firm of Gerrish McCreary Smith, PC, Attorneys. He is a frequent contributor to ABA Banking Journal and ABA Bank Directors Briefing, and frequently speaks at ABA events and telephone briefings.
-
Gerrish formerly served as Regional Counsel for the Memphis Regional Office of the FDIC, with responsibility for all legal matters, including cease-and-desist and other enforcement actions. Before coming to Memphis, Gerrish was with the FDIC Liquidation Division in Washington, D.C. where he had nationwide responsibility for litigation against directors of failed banks.
Gerrish can be reached at jgerrish@gerrish.com, and the firm’s website, www.gerrish.com. - You can get word about these columns the week they are posted by subscribing to ABA Banking Journal Report e-letter. It's free and takes only a minute to sign up for Click here
TrackBack URI for this entry
Subscribe to this comment's feed
