The ascendency of the CRO – why Consumer Duty is revolutionising the role


Consumer Duty is driving positive change across Financial services; but with that comes challenge. Chief Risk Officers (CROs) and Senior Risk and Compliance Executives have experienced real challenges creating implementation plans, validating definitions of ‘harm’ and ‘good outcomes’, and understanding how to demonstrate both of these to their Board and the Regulator, as well as evidence of appropriate action and compliance.

However, challenges do not come without opportunity and Consumer Duty presents that with the chance to elevate, quite rightly, the profile and responsibility of the CRO across organisations, and the sector more broadly.

From operational to strategic

Consumer Duty brings it all back to the customer, and the outcomes for them will be the key metric on which all financial services businesses will be measured. The FCA even goes so far as to say it will not hesitate to push for fines or, in severe cases, jail time for firms not sticking to the rules. The accountability of Senior Executives and Board members to ensure good consumer outcomes ultimately demands a crucial role for CROs or Risk and Compliance Managers to meet the demands being placed on them.

Those holding senior risk positions must be involved at Board level discussions as soon as possible

A recent survey we conducted of +80 Senior Risk and Compliance executives highlighted a changing and more strategic role required from Chief Risk Officers (CRO) at Board level, triggered by Consumer Duty legislation.  However, there is still not enough emphasis being placed on this yet by all organisations. Our survey found 67% of CROs said very little (<20%) of Board or Executive committee time is spent talking about consumer outcomes.

CROs and risk managers must be allowed to lead and implement data-driven strategies within their organisations. These will not only enable the Board and other Executive committees to get closer to customers and meet their needs and outcomes, as both the business and regulator want. With the right technology systems and approach in place they will be able to drive tangible improvements right at the heart of the business operating model. It will allow greater product and service development and elevate the experience and outcomes of all customers, but especially those in vulnerable situations.

Technology – upfront investment with long term rewards

Risk managers are being squeezed at both ends of the scale, from a regulatory and budgetary perspective, and they need to be meeting the expectations and demands being placed on them if they are to succeed. It is vital that CROs are able to deliver, demonstrate and prove truly positive customer outcomes.

Technology is arguably the differentiator that will enable them to do this and enhance the regulatory and risk functions. It allows for quicker, more refined and targeted assessments and enables problems and risks to be identified and triaged much faster.  This brings a whole new level of empowerment to the risk manager role and gives them the opportunity to maximise their value and effectiveness.

And it seems CROs are primed to step up to the challenge. Our research shows many are considering innovative strategies around implementing technology to monitor customer data (77%) and automating the Quality Assurance (QA) process (70%).  Significantly less are considering hiring more QA staff and customer service representatives (41%).

At a macro-level technology solutions, such as AI and machine learning, are allowing CRO and Risk Managers to drive better outcomes for their business, providing more oversight and information for the business and genuinely raising key issues that can bring better operational and strategic benefits. According to research from Nvidia ninety-one percent of financial services companies are driving critical business outcomes with investments in AI, predominantly in creating much more accurate models. This changes a seemingly-perceived view of risk management as a tick-box exercise to a genuinely strategic function that derives increased value for the business.

Budgetary decision making empowers the risk function and brings bottom line benefits

A lack of budgetary control is inhibiting CROs from scaling the risk function and this must be considered very closely at an operational and strategic level. They are faced with a choice of putting more pressure and workload on existing teams, hiring more staff, or investing in technology to help alleviate mounting pressures on Quality Assurance, Risk, and Customer Service teams.

Our research revealed that 1 in 4 CROs (23%) estimated their compliance costs will increase by over 50% and 2 in 3 (67%) estimated it will increase by up to 50% as a result of Consumer Duty legislation. This makes the emphasis on consumer outcomes as a significant business metric very apparent. It is an issue that must be taken more seriously at Board and executive level than it currently is.

Arguably the risk manager has the potential to derive far greater business value through the use of technology and should have the opportunity and authority to select and assess the systems being used. This is reflected in Nvidia’s research which acknowledges that companies are experiencing significant financial benefit from enabling AI across the enterprise. Over 30 percent of respondents stated that AI increases annual revenues by more than 10 percent, while over a quarter stated that AI is reducing annual costs by more than 10 percent.

Deriving shareholder value through risk mitigation

The explosion of AI-based language models is set to change almost every sector within the next ten years, and financial services is already making great strides in integrating this technology. Particularly in the area of risk mitigation, there is a clear and tangible impact being shown, as it allows organisations to redefine and better identify what risk means.

This is having a ‘trickle up and down’ effect, as risk becomes much more manageable and controllable bringing greater stability and reliability. This creates a stronger business model and ultimately will allow shareholder enterprise value to grow. The ability to manage risk has a direct impact on profit and those controlling that have definite skin in the game. They should be recognised as having so with a far greater profile at a strategic and commercial level – a position that in most organisations they currently do not.

As Consumer Duty gathers pace, the necessity to comply and evidence this will put a substantial spotlight on the CRO and Risk Manager role and its mitigation capabilities. Technology will be fundamental to deliver this and greater budgetary control and strategic input will be required. Those holding senior risk positions must be involved at Board level discussions as soon as possible, if they are not already, to ensure that the best outcomes for the customer, regulator, organisation and shareholder can be recognised. The CRO is in the ascendancy, or certainly should be very soon.


Referenced research:



About Author

Avatar photo

Jamie Hunter is Chief Operating Officer at He spent 13 years in the investment industry and latterly was Head of Business Partnering and Planning for Aberdeen Standard Investments.

Leave A Reply