Business Risk Services

Chief Control Officer

Sheila Duignan Sheila Duignan

A Chief Control Officer (CCO) is increasingly viewed by banks as an effective medium to enhance accountability and reinforce control capabilities in the first line of defence. The oversight and supervision of non-financial risk are considered crucial in countering conduct and operational risks, yet the effectiveness of a CCO function is predicated upon the implementation of a control framework across a complex infrastructure of business lines, control functions and multiple jurisdictions.

Reduced risk of non-financial control breaches
A dedicated CCO, accountable for cross-functional supervision of non-financial risks (both operational and conduct-related) within the First Line of Defence (1LOD), can be a highly effective means to reduce operational breaches, thus enhancing broader risk culture and mitigating the risk of regulatory intervention.

Enhanced control governance
A well-defined governance structure, with exhaustive accountabilities and responsibilities is a key component of an effective control function. CCOs are held accountable for the effectiveness of the controls framework within the business they operate.

Cost-effective control framework
The simplification and delineation of responsibilities following the evolution of a disjointed controls framework, has delivered notable efficiencies for financial institutions. Optimising the CCO operating model reduces duplication, streamlines control design and monitoring and simplifies reporting models.

Improved responsiveness
A standardised CCO function has allowed many financial institutions to pro-actively design, manage and execute their control frameworks to meet the reporting expectations of senior management and regulators. Additionally, an optimised CCO function can enable greater responsiveness to the rapidly evolving market, operational and conduct risk environment.

Operating model alignment
The mandate of the CCO will vary according to the complexity, operating model and jurisdictional footprint of the organisation. Nevertheless, the CCO should support the business head risk owner and the COO to pro-actively manage and maintain a ‘risk-aware’ culture, mitigating conduct and operational risks by driving the controls
agenda across the organisation

Drive clarity and collaboration
Enhancing collaboration of CCOs across business is essential, it can be achieved by introducing unified MI and systems that encourage and drive best practice. The alignment of responsibilities will ensure that CCOs have a clear cross-functional and multi-jurisdictional mandate which will drive consistency between CCOs and other control functions.

Utilise technology to evolve
Digital and technology developments play a central role in the evolution of control functions. It is imperative that CCOs consider the use of enhanced data analytics, technology solutions and, in many cases, third-party associations, to empower the function through enhanced or automated supervision, management and controls testing to mitigate non-financial risk.

Read the full issue
Download PDF [ 862 kb ]