Select Page

Follow me for updates

Follow me to get a notification when I publish valuable articles and posts like this.

I share Thought Leadership on Enterprise Risk Management, Digital Transformation and my own Entrepreneurial journey.

Show your support with a like, comment and SHARE!

When you share, please tag me in the description so I can send you a thank you!


What is the role of the Chief Risk Officer (CRO) in developing and monitoring delivery of the Business Plan?

Short-term Key Performance Indicators (KPIs) operationalise the Board’s strategic intent and set out clear deliverables for the year. Given the relative near-term nature of the deliverables, the Board’s tolerance to deviation from Plan will be somewhat limited.

Whilst many would agree there are specific elements of the plan that would require the early involvement of the Risk Function, such as due diligence of M&A targets, the formation of strategic partnerships or CAPEX investment, what is the role of the Risk Function in setting, monitoring and reviewing the plan? Furthermore, by ensuring deviation is kept within tolerance, what bottom-line impact can this have for a firm?


In the first instance it is important to understand we are referring to ‘planning’ not business strategy. The two concepts are completely separate. Monitoring delivery against agreed KPIs, is quite different to strategy formation. Equally planning is not innovation, even though this may be a new area of focus for CROs.

Many firm’s have instigated Quarterly Business Reviews (QBRs). This provides an opportunity for C-Suite Executives, who together with the Board have set the Business Strategy, to review progress against KPIs at defined intervals throughout the year. This discipline not only provides a periodic reflection point and an opportunity to hold management to account for delivery, but may also help demonstrate to Credit Rating Agencies a concrete linkage between Enterprise Risk Management and Business Planning.

Strategic narratives

What value can the CRO bring to the table, other than providing an independent opinion on the risk of deviation from plan and the effectiveness of proposed mitigation?

Perhaps this is the wrong question to ask? There are many firms who have set out to transform complicated business plans comprising of bullet points, lists and spreadsheets into a strategic narrative. This approach tells everyone involved not only what the goals are and how to achieve them, but also inspires deep thought and commitment.

Firms are comprised of complex, multidimensional forms. How then can CROs influence business planning in a way that captures not only the imagination, but also the excitement of many people within the firm?

In a article published in Harvard Business Review in 1998 ‘Strategic Stories: How 3M Is Rewriting Business Planning‘ the authors set out a number of challenges to the traditional approach to business planning:

  • Bullets are too generic and could apply to any business – they fail to set out specifics of how the firm will win in its particular market

CROs can help management turn empty phrases into a story about market analysis, positioning and strategic action. Who are the firms target customers, what are their wants and needs/likes and dislikes? How do they behave and what are their preferences?

  • Bullets leave critical relationships unspecified – they only communicate logical relationships (sequence, priority or membership)

CROs can help management describe the risks (threats and opportunities) of critical relationships and how they may impact one another. By incorporating the outputs from Horizon Scanning, this can lead to a more in-depth discussion on the whole picture, including how internal and external changes in the environment may impact relationshipsand business performance

  • Bullets leave out critical assumptions about how the business works – the complex but unexplained vision of the company, the market and the customer is left unexplained

CROs can help tie objectives together and help management explain implicit business assumptions that may impact on financial, customer, internal processes and learning and growth opportunities.

Final Comment

The role that CROs can play in the business planning process is a new and potentially exciting area. By adopting a logical approach, management can incorporate strategic narratives into plans, make assumptions explicit and help authors explain their thought process.

  1. Set the stage ~ what is the current situation? What are the industry’s Key Success Factors? How do we compare with competitors resources and capabilities?
  2. Define the conflict ~ what challenges does the company face? Business model innovation, emerging technologies, new entrants, placement of structured programs, high costs of acquisition?
  3. Resolution ~ how can the firm overcome obstacles and win? A clear, concise argument that is specific to the situation and sets out a road to success

By setting out narratives in this way, flaws in thinking may become more evident and practical solutions discovered.

Reciproco provides knowledge integration across risk, solvency and strategy, including digital transformation, leading complex and unique projects in regulated sectors. Helping senior executives and management teams focus on strategic challenges to create a competitive advantage.

Darren Munday is the founder and Managing Director of Reciproco. An experienced executive with over 20 years’ global experience with multinational companies, including Chief Risk Officer reporting to the Board.

Darren is an Honorary Visiting Fellow of the Digital Leadership Research Centre, Cass Business School where he also holds an Executive MBA.  Darren is a Certified Fellow of the Institute of Risk Management (CFIRM) and Chartered Insurance Risk Manager (ACII) of the Chartered Insurance Institute.

All rights reserved. Unauthorised use and/or duplication of this material without express written authorisation from Darren Munday is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Darren Munday with appropriate and specific direction to the original author and content.