<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">
Risk Management

Board Reporting: FAQ for Financial Institutions

January 28, 2021 | Posted by Paul Viancourt, MS, CRCM, CAMS, CFE, CIA
Clock Image
6 Minute Read

There’s no shortage of board reports at financial institutions. The board needs insights into risk and operations to help determine the institution’s strategic direction and risk tolerance.

What goes into a good report and what does it look like? Here are answers to some of the most common questions banks, credit unions, and other financial services companies have about board reporting.

Q: What is the board looking for in reports?

Directors spend on average 70% of their time reviewing documents (quarterly reports, audit reviews, budgets, compliance) instead of strategy, according to McKinsey & Company. The less time they need to invest in reading and understanding a report, the better.

january webinar examiners 2021

The board is best served with short, visual reports that tell them:

  • What’s going right?
  • What’s going wrong?
  • What do you want the board to do?

The goal is to help the board become better decision makers, not to justify your existence. Going overboard on information for the sake of looking important isn’t helpful.

Q: What type of information should go into reports?

Board reporting is all about metrics. Whether reporting on risk, compliance, audit results, or anything else, the metrics included in board reports should be forward-looking, specific to your institution, and provide industry benchmarks.

When reporting on compliance, the board doesn’t want to know the ins and outs of how a new regulation was identified and implemented. It wants to know if the risk has increased in a specific area of compliance, any upcoming regulations that will significantly impact the institution, and lessons learned from enforcement actions at other institutions.

When reporting on audit, the board doesn’t need to know how many audits were conducted or details on every ineffective control. It wants to know about key findings. For example, if a control is ineffective but the risk is mitigated by other controls or it’s a control over a low risk. If it were a major control in a high-risk area, then the board will care about an ineffective internal control. The board cares about remediation, including how long it will take to fix a major problem.

When reporting on enterprise risk management (ERM), the board doesn’t need a description of every new control implemented. It wants to know about any significant increase in institution-wide risk or risk in any functional area (department, product, service, etc.).

The board report is not a laundry list. Focus on the most important findings and challenges.

Q: How should risk reports be formatted?

Information should be presented in a way that makes it easy to understand key points.

The most important information should be on the first page. Unlike an essay for school where evidence comes first and then there’s a conclusion, lead with the conclusion (key points) and other key pieces of information. There’s a chance the board won’t read to the end of the report so make sure what they need to know is front and center.

Board reports should present information visually using elements like graphs, charts, and heat maps. Consider the two examples below. Example B’s concise, color-coded chart is much easier to quickly interpret than the long narrative in Example A. No one wants to read a novel.

Example A                                                     

board reporting example a 0128

Example B

board reporting example b 0128

Related: What Does the Board Really Want from You?

Q: Should your financial institution have a standardized format for board reports?

A standardized format for board reporting saves the board time. The board knows exactly where to look for the most important information and where to find other items of interest. Rather than thinking about finding the data, it lets them focus on what the data means for their strategic plans.

It also helps ensure that every department and business line is thinking about reporting in the same way—making it easier to understand the relationship between the data in the different reports.

Standardized formats for board reporting also saves report authors’ time. They don’t need to reinvent the wheel with each report. No time is wasted deciding on the best format for presenting information. Those decisions and expectations are already laid out.

Q: When should I deliver my board report?

Board reports and presentation materials should be shared several days before a meeting so that the board has a chance to review and prepare. It also demonstrates that you’re organized. Many institutions have a board portal that makes it easy to upload and find reports.

Board members shouldn’t be seeing a report for the first time during a meeting.

Q: What’s the fastest way to create board reports?

Board reporting is a huge task. Not only must all the work to generate the data be completed, the data must then be organized and evaluated. It then needs to be displayed attractively with graphics.

Many financial institutions have found success with board reporting using automated solutions to generate board reports. These automated solutions are typically part of a broader software package that helps oversee department processes from start to finish. They serve as a centralized point to collect, monitor, and analyze data within a function. They then leverage the data to build reports—which can be customized to the needs of the institution. Common examples include compliance management, risk management, audit and findings management, vendor management, and lending compliance, among other areas. They take hours and hours of work and complete it in just a few minutes.

Is your institution struggling with board reporting? Is it taking up time that no one has? Find out how Ncontracts can help you replace manual processes with automation that not only saves time, but also provides consistent, effective board reporting.

Learn more

Paul Viancourt, MS, CRCM, CAMS, CFE, CIA

Paul Viancourt, MS, CRCM, CAMS, CFE, CIA

Paul Viancourt, VP Solutions Architect, focuses on assisting financial institutions in quantifying their risk profile and mitigating the associated risks. He has 20 years of banking experience, with diverse specialties including regulatory compliance, BSA, fraud, audit, enterprise risk management, and information security.