House Bill Would Require Large Banks to Have Chief Risk Officers



Treliant’s Risk Management Solutions practice comprises former senior financial services risk executives and regulators who combine their extensive experience, qualifications, and know-how to assist financial institutions in meeting the expectations of key stakeholders such as boards of directors, investors, customers, and regulators.

We provide financial institutions consulting support on a broad spectrum of risk management and governance issues, including the secondment of senior risk and compliance officers. Our experts have staffed these functions when they held C-level positions and they can draw on Treliant’s deep pool of resources to help select the best individuals for a temporary placement that meets a client’s specific requirements.

Treliant also has deep expertise in enterprise risk management, credit risk, capital and liquidity risk, interest rate and other financial risks, operational risk, stress testing, model risk management, climate scenario analysis, ESG policy and procedure development, loan workouts, and advice on enterprise-wide and portfolio risk-mitigation strategies. This expertise is available to assist these senior officers whether they are temporary placements or long-term employees.


As part of the legislative reaction to the failure of several banks, especially Silicon Valley Bank, a bill has been introduced that would mandate larger banks to have a chief risk officer (CRO). The legislation, titled the “Chief Risk Officer Enforcement and Accountability Act”, would require banks with more than $50 billion in assets to retain a Chief Risk Officer, notify regulators within 24 hours if the position becomes vacant, and then within 7 days after the vacancy occurs to submit a plan to fill the position. This bill is a response to the fact that Silicon Valley Bank did not have a CRO for eight months following the resignation of Laura Izurieta in April 2022, and the role remained vacant until late December of the same year. The regulators blame the lack of effective risk oversight for the Bank’s failure due to its concentration in technology-related businesses and reliance on large, uninsured deposits for funding.

The bill is intended to codify within the Dodd-Frank Act the Fed’s requirement that large financial institutions have a well-qualified CRO and effective enterprise-wide risk oversight. The author of the legislation, Rep. Sean Casten (D-Ill.), added penalties in the event the CRO role is still vacant after 60 days. The first is that the institution would be required to notify the public that the role has been vacant for more than 60 days. The second penalty is that the total assets of the company may not exceed the total assets on the date the vacancy occurred until the role is filled, effectively capping growth during the vacancy period.

The bill also targets nonbank financial institutions. It designates the Federal Reserve Board of Governors as the primary financial regulatory agency for nonbank financial institutions, which corresponds with recent initiatives proposed by Treasury Secretary Yellen in her role as chair of the Financial Stability Oversight Council.

We don’t know whether this will become law, but this issue is getting the attention of regulators and legislators. Banks should focus on ensuring they have contingency plans if this, and other risk and compliance roles, become vacant. This should include succession planning and temporary placements.

Additional Source: House bill would require large banks to have chief risk officers | Banking Dive