The Institute of Risk Management (IRM) talks to Nicola Crawford, FIRM, Managing Director, i-Risk Europe on what working in enterprise risk is like and what advice they would share with people looking for a career in the industry.
How did you get your job?
I got my current role as a Director in risk and regulatory change in banking as I have gained both hands on enterprise risk management (ERM) expertise and managing change during my career that does not just come from financial services. I have been able to transfer risk management skills gained in other industries such as healthcare, energy and utilities, public sector and manufacturing into financial services as most of the concepts and processes are fundamentally the same but the context is different as are the risk types.
Most of the industries I have worked in tend to be heavily regulated so that has helped me develop the ability to deal with a changing regulatory environment. Working in both the energy and financial services sector has allowed me to hone my quantitative risk management skills whilst Healthcare and public sector has enhanced my qualitative skill along with strong stakeholder management. Balance is the key.
What’s a typical day like as an Enterprise Risk & Regulatory Change professional?
First of all communication is a key element of this type of role so there is heavy email traffic between direct reports, cross functional teams and key stakeholders both internally and externally. Reviewing and responding to emails to ensure that everyone is on the same page around key changes, who is impacted and changes not only to risk management processes as a result but the organisation’s risk profile. As most banks are international our teams are distributed globally so a lot of communication takes place remotely via Lync or VC.
I would typically spend around 60% of my day in meetings via appropriate technology. Given the volume of work planning and monitoring expected outcomes is critical to successful delivery of required changes – this also takes up ongoing activities on a day to day basis so the risk associated with change are minimised where necessary and maximised where acceptable.
What do you enjoy most about your job?
Keeping up with the latest trends in enterprise risk management and technological developments that enables better risk intelligence and regulatory compliance.
What are the challenges?
Relationship management and the breadth of people that I deal with, culturally, geographically, and from a competency perspective. Ensuring we are all speaking the same language from a risk perspective and change requirements.
In what way are your IRM qualifications relevant?
The IRM qualifications are a solid platform which give the broad background of risk and have helped to develop my transferrable skills.
How has your role developed and what are your career ambitions?
I came from a banking back office and then strategic planning background which means I have seen what happens when ERM is not embedded in organisations key processes. Understanding other organisational functions is an important element of being able to help organisations learn how ERM fits into the rest of the organisation and where the key changes need to occur to make this happen.
- Try to get experience in other organisation functions that relate easy to risk management such as strategic and business planning, internal audit, finance and organisational re-design/development.
- Balance quantitative skills with qualitative.
- Communication and context are the two key levers for successful risk management (in my opinion) so understand and develop skills in both and learn how to leverage as changes in either can affect the other.