Risk Culture is defined as institution's norms and attitudes related to risk awareness, risk taking, and risk management. In PwC's globally recognised methodology, the Risk Culture is described by 6 Focus Areas. Within each Focus Area there are attributes formulated on the level of individual risk categories or processes. There are separate attributes for attitudes and norms (technical aspects of risk management).
The initiative is unique in covering all types of risks (credit, market, operational, liquidity) and related processes (stress testing, capital management).
By performing the initiative, a collection of improvement opportunities and recommendations are formulated towards reaching regulatory compliance and leading market practice. The initiative delivers targeted projects designed to implement the recommendations. It usually defines the risk management agenda for the next 1-3 years, supporting the strategic goals of the institution.
Overview of PwC Risk Culture initiative phases
Key Questions
- What is the current culture?
- What are the improvement opportunities and recommendations for Risk Culture improvement?
Key Activities
- Assess the Current State
- Deep Dive into technical aspects
Detailed description of Phase 1
Two layers (attitudes-focused and norms-focused) define the extent to which a deep dive into the technical aspects of managing risks is performed during the assessment. The Risk Culture Assessment report aggregates information gained during each step. The report provides (i) maturity levels for each Risk Culture attribute, (ii) improvement opportunities identified, and (iii) mitigation actions formulated as recommendations (see Examples).
Risk Culture Survey
- An online survey for all employees using PwC dedicated web tool
- Results are benchmarked to the PwC Global Risk Culture Survey done in 2018 amongst financial institutions.
Desktop Research
- Study of key internal documents of the institution related to risk management in a broader term (Risk Appetite Statement, policies, procedures)
Targeted Interviews
- Interview with the key Risk Culture stakeholders across the institution covering all 3 Lines of Defense representatives.
Example Questions
➤
Focus Groups
- The initial assessment is presented and discussed with Risk Culture stakeholders. The discussion includes commenting on regulatory background and market practise. The purpose is to transfer the knowledge and create buy-in amongst future project owners.
Our tools
Risk Culture Survey Tool
- On-line tool used to collect anonymously responses from survey participants
- Easy and quick overview of survey results
- Segmentation of responses per divisions, departments
- Universal www link for all respondents (or tailor-made link)
Risk Maturity Tool
- Focus on implementation of the 3 Lines of Defense model
- Addresses approx. 30 attributes of the Risk Culture
- Based on the regulatory requirements
Risk Governance Tool
- Focus on the 2nd Line of Defense
- Addresses 31 attributes of the Risk Culture
- 3 areas of assessment:
- Risk environment
- Approval process
- Control and Oversight
Risk Global Tool
- Based on observed supervisory expectations and requirements of leading central banks
- Organized per risk areas (credit risk, market risk, liquidity risk,…)
- Deep dive into technical aspects of the institution’s risk management
