RISK MANAGEMENT & COMPLIANCE DEPARTMENT

 The Central Bank of Liberia has an enterprise risk management strategy, which is enshrined in the risk management policy of the Bank. The risk management function, about a year ago, was merged with the compliance function in a new department called RISK MANAGEMENT AND COMPLIANCE DEPARTMENT. The objective of this merger is to align the risk management objectives of the bank with an aggressive compliance regime to ensure a proactive approach to managing risk and minimize breach of CBL policies and regulations.

Objectives of CBL’s Risk Management and Compliance Strategy

The CBL faces a range of strategic, financial, operational, reputational, and political risks. Additionally, the Bank is faced with Environmental, Social and Governance (ESG) risks. The objective of the CBL’s ERM program, therefore, is to understand what the risks are, know how much risk is acceptable, and know how to manage its risks to create value for all of the CBL’s stakeholders and ensure the Bank’s strategic objectives are achieved.

Risk Management & Compliance Oversight at the CBL

Effective enterprise risk management requires appropriate oversight across the three lines of defense. Accordingly, the following functions shall have oversight of the ERM process at all lines of defense.

Board of Governors: The Board retains the ultimate responsibility to ensure prudent and proportionate risk management. The Board has delegated the overall oversight responsibility for risk management in the operations of CBL to the BARC.

BARC: The Board Audit and Risk Committee (BARC) is the Board Committee that is responsible for overseeing the management of risks, including compliance risks, at the Bank and:

  • Approve the risk categories and risk appetite for the CBL. This shall be done annually unless triggered by an event.
  • Approve the risk management framework as well as provide oversight of the instituted risk management procedures and systems.
  • Be accountable for collectively advising on, and monitoring the implementation of, the risk management framework priorities. This accountability ranges from monitoring and advising on significant risks to directing remedial courses of action if operational or financial performance is off track.

Executive Governor (EG): Coordinates risk decision-making bank-wide. Additionally, the EG oversees the establishment and maintenance of appropriate risk management systems and controls, and recommends risk policies, risk appetite limits, and tolerances to the BARC for review from time to time, but no less frequently than every two years.

Management: Management ensures the effective implementation of the risk management framework and associated procedures. The CBL management has delegated this function to the Enterprise Risk Management Committee (ERMC), which shall comprise the Deputy Governor for Operations as Chair, and all Directors and Heads including the Director of ERM and Chief Compliance Officer. The Director ERM /Chief Risk Officer shall be the Secretary. The ERMC reports to the Executive Governor and may invite other staff to its meetings as determined necessary.

Director RMD: Works with the framework in recommending risk policies, risk appetite limits, and tolerances to the Executive Management for onward submission to the BARC for review. The Director is responsible for the development and day-to-day implementation of an effective risk framework, including the setting up of the underlying systems and procedures.

Risk Management Approach of the CBL

The CBL adopts a ‘three-line-of-defense’ (3 LOD) model to manage its risks. The 3 LOD model enables management, managers, risk and compliance teams, and internal auditors to work together to increase protection against a wide array of risks.  The model promotes risk ownership and culture and, at the same time, eliminates inefficiencies, gaps, and overlaps that sometimes occur in risk management.

The first line of defense consists of the functions, such as the risk owners, Functional Risk Officers (FROs), and departmental heads, that own and manage the risks. Directors/Heads will have ownership, responsibility, and accountability for directly assessing, controlling, and mitigating risks in their business units.

The second line of defense comprises functions that oversee risk.  They consist of functions such as risk management and compliance functions. Also included here are the senior management of the Bank and the Enterprise Risk Management Committee (ERMC). This line of defense monitors and facilitates the implementation of effective risk management practices and assists the risk owners in reporting adequate risk-related information across the enterprise.