Chief Risk Officer Survey Results

Brett Riley reports on the results from the first survey of Chief Risk Officers by the Actuaries Institute.

The Risk Management Practice Committee (RMPC) recently invited Chief Risk Officers (CROs) in financial services to complete a short survey about how they manage risk. The results were presented at the Institute’s 2017 ERM Seminar and distributed to participants. This article summarises the results.


The objectives of running the survey were to:

  • Understand practice in each industry, so that CROs can benchmark their approach to their peer group;
  • Compare practice across industries; and
  • Promote the actuarial profession’s risk management expertise to industry.


The top risks identified by the group for the coming year are (in descending order):

  • regulatory or legislative change;
  • increased industry competition / lower profitability;
  • cyber risks;
  • an economic slowdown / recession;
  • a failure to meet customer needs or to innovate: and
  • damage to the company’s brand or reputation.

Some other interesting results are as follows:

  • surveys of all staff are the most common tool used to assess risk culture. However, other objective measures are also used, with banks leading the way in this regard;
  • private health insurers tended to show that they have further to go in their risk management journey. This is unsurprising, as PHIs are not currently covered by APRA’s Prudential Standard CPS 220 Risk Management. This relatively strict standard promotes better practice in this area. Based on consultation in early 2017, it is expected that CPS 220 will be applied to PHIs by APRA;
  • key challenges faced by CROs and their departments include embedding risk management in their businesses, using risk management as a strategic enabler, demonstrating the value add of sound risk management and resourcing pressure; and
  • most companies use their risk appetite statement strategically, and not just for compliance purposes. Common applications include to support corporate strategy, reinsurance purchasing and setting investment strategy.

Our profiling questions indicated that responses came from different parts of industry, based on their:

  • size, measured by their total Australian staff; and
  • ownership (i.e. if they were part of an Australian or overseas group).

This is only a small sub-set of the results. The full survey results may be found here.

Structure and Participation

The survey was emailed to CROs of APRA-regulated banks, general insurers, life insurers and private health insurers. One response was permitted per person, with 20 questions asked.

We sent the survey to each company where RMPC could identify the CRO and obtain their email address. The following table shows the proportion of the industry that we contacted, both by the number of regulated companies and adjusted for their size (measured by net assets):


% by Number of Entities

% by Value of Net Assets

Authorised Deposit-Taking Institutions (Banks)



General Insurers



Life Insurers (including Friendly Societies)



Private Health Insurers







This table shows that we were unable to contact the CROs for a number of smaller companies. However, adjusting for company size we were able to contact 85% of all companies.

In total, 43 (15% of 291) survey recipients completed the questionnaire, with broad participation across the industries listed above (particularly insurance). The overall number of responses was disappointing, but perhaps not totally unexpected for the first iteration of this analysis. We expect a stronger response rate in future.

RMPC would like to thank everyone who participated in the 2017 CRO Survey. Any CROs who did not take part this year are encouraged to contribute to the next survey.

CPD: Actuaries Institute Members can claim two CPD points for every hour of reading articles on Actuaries Digital.