On 4 December 2019, the Risk Coalition—an association of not-for-profit professional bodies and membership organisations committed to raising the standards of risk management in the UK—published its final principlesbased guidance for board risk committees and risk functions in the UK financial services sector. The guidance—contained in a document entitled “Raising the Bar”—comprises eight principles for risk committees and nine principles for risk functions. The Risk Coalition notes that many of these principles are wellestablished and that the guidance is intended to emphasise the key role, seniority and independence of the chief risk officer (“CRO”) within the corporate function. The guidance is not prescriptive but does provide detailed practical guidance on the implementation of the good practice principles. It also assumes that firms will adopt a “Three Lines of Defence” approach to their risk management function under which risk will be managed, in the first instance, by management, and in the second by the robust, independent oversight and challenge of management’s risk-taking activities (headed by the CRO) and thirdly by the work of the internal audit function. The guidance is intended to be used on an “apply or explain” basis, with firms encouraged to disclose publicly the extent of their application of the guidance.
The Risk Coalition’s Guidance can be found here.