Carol Ouko-Misiko: Group Risk and Compliance Manager, Britam
Group Risk and Compliance Manager
How did you get started in risk?
Like many risk managers, my path towards an Enterprise Risk Management career has been circuitous. I started out as a management trainee in a niche bank in Kenya and after the formal training program ended, I spent the next three years gaining practical experience in Internal Audit, Trade Finance and Foreign Exchange trading, Credit Risk and Operations.
In 2005, I was fortunate enough to be one of two Kenyans selected from a worldwide pool of applicants, to attend a risk management training program organized by the Swedish International Development Cooperation Agency. The aim of the program was to deepen risk management capacity in Africa and it is through this program that my love for Enterprise Risk Management was born.
Six months after this training, I was appointed to set up the risk management function and the rest, as they say, is history.
What’s a typical day like as a Group Risk and Compliance Manager?
It’s always different, which is one thing that I love. Sometimes it involves being an advisor to a team launching a new product initiative, evaluating strategic opportunities, working with a response team to review key control failures or test current plans, or partnering with the various heads of business units to find creative solutions to challenges they are facing.
I am also constantly building relationships with my internal stakeholders, taking time to listen to their concerns, bridging information gaps to make sure we are aligned on what the largest risk exposure are and how best to mitigate them.
The last few years in East and Southern Africa, there have been major shifts in regulations in the Financial Services sector. So many times, I have to take time out to keep abreast of regulatory developments.
What do you enjoy most about your job?
There’s a lot of ambiguity and anxiety in risk and part of my role is to demystify complex concepts and and make sense of things for others. I enjoy taking time out to understand the business, governance, assurance and control systems and how human behavior introduces unpredictability to it all. And most all, I enjoy dealing with people and developing the processes and management systems to shed light on risks and mitigate them.
What are the challenges?
Over the last 10 years, there have been major regulatory changes which have been aimed at strengthening the financial services sector and aligning them to global practice. A direct result has been a greater emphasis on Corporate Governance and Risk Management.
So the risk management function has been the greatest beneficiary from this in Kenya. However, one of my key challenges now is making risk management an inevitable, inconspicuous part of organizational life, and not a quarterly event carried out to fulfil an obligation to the Board Risk Committee or the regulator.
It is when risk management is embedded seamlessly into the organizational way of life i.e. its culture and its people, that the true value and benefit can be realized.
In what way are your IRM qualifications relevant? / Has being linked to the IRM helped?
One year into my career as a risk manager, I discovered the Institute of Risk Management and I enrolled for the International Certificate Program. To date, I consider this to be one of the best investments I have ever made in my career. I have since enrolled on the Diploma program.
The IRM programs provide literature on the theory and practice of risk management which has helped me understand the deep philosophical underpinnings of risk management — how to spread risk and diversify portfolios, how to deal with uncertainty so it doesn’t cause unacceptable loss, how risk management relates to good corporate governance. It is exposure to this type of sophisticated thinking that helped me to get ahead in my career and to make significant contributions in my role.
My certification with IRM gave me credibility with my peers and other stakeholders and gives me the confidence to tackle the broad range of risk issue which continually land on my desk.
What would you say to others thinking about joining IRM as a member?
If you are currently in a risk management role or considering making this your career, I would strongly recommend you to consider joining the IRM. Whether you are drawn to quantitative risks or you are in qualitative risk disciplines like Business Continuity, Health and Safety or IT Security, you will still need to have a good understanding of how those products affect the business and business behavior.
The Graduate Certificate or Graduate Diploma level programs offered by IRM cover the theory and principles of risk management more comprehensively and it’s this level of knowledge that will give you the foundations to tackle any risk problem with confidence.
In addition the IRM has a vibrant community of Risk Managers that are engaging and supportive and there is access to resource information such as: case studies, articles, white papers and books written by experts in respective risk management fields of specialization.
Learn and speak the language of the business.
Understanding the business and being responsive to its needs is key to your success as a risk manager. You need to know its products, services, its assets and revenue streams.
Get your qualifications, it gives you credibility and helps you earn your seat at the table.
You need credibility to be a good risk manager. That means being willing to make practical judgments — balancing the ‘rules’ and strict compliance requirements with the need to make realistic decisions at the end of the day. The IRM qualification gives you a relevant and sound foundations for making those judgments.
Plug into a professional network.
Joining a group allows you to have a sense of security and trust. From this, you are able to support and help one another in reaching your professional goals. The IRM sponsors numerous events throughout the year that allow you to connect with your peers. You can share ideas, ask for advice, volunteer to be a speaker or become a member of a committee.