The number of large institutions with chief risk officers has increased from 65% to 81% since the last survey was conducted in 2002. Three quarters of CROs in financial services firms report to their chief executive or the board of directors, says Deloitte, in accordance with a 25% increase in board-level oversight of risk management over the last two years.

Despite the increasing emphasis on containing risk, the research indicates that enterprise risk management (ERM) continues to be an elusive goal for many institutions. In fact, less than one-quarter of survey participants say they are able to integrate risk across any of the major dimensions of risk type, business unit, or geography.

While 38% of respondents claim to have the right organisational structure in place to cope with the demands of global risk management, only 15-16% report progress in integrating methodology, data, and systems.

While information technology is considered to be the key enabler of risk management architecture, respondents report a host of continuing challenges in developing adequate risk systems. More than half (52%) cite a lack of integration among systems as a major concern and 42% cite it as a minor concern. Lack of flexibility and scalability as well as performance issues are also noted as key challenges.

In the emerging operational risk discipline, lack of functionality was deemed a key problem.

Improving regulatory related systems capabilities and implementing operational risk management and advanced credit risk systems were the three highest priority items cited by respondents in the systems development and technology area.