Here at 360factors our aim is to deliver predictive risk and compliance intelligence through modern technologies. We keep in touch with experts in the industry to gain deeper insights about how banks, credit unions and financial services organizations are managing risk right now, what their challenges are, and how those challenges can potentially be solved.

parrish little

Parrish Little (CRO – HomeTrust Bank)

Megan Ward, Vice President of Marketing at 360factors, interviewed Parrish Little, Chief Risk Officer at HomeTrust Bank. Parrish Little is a risk leader with three decades of experience in the audit, quality, and risk management domain. Just as importantly, he is a lifelong Clemson Tigers fan.


As you’re looking to 2021 do you foresee a need for more, less or about the same frequency of risk assessments?


To be effective, an organization should continuously evaluate and evolve their risk management capabilities, including how, where and when risk assessments are performed. I’ll talk through an example of why this is so critical. As we all know, new competition continues to enter the financial services industry, with fintech and big tech firms offering various banking services and products that may be less expensive to manage and easy to use. A priority for us and most any other institution is to ensure we’re able to deliver a positive customer experience while minimizing our cost to deliver, which gets back to the technology risks I talked about earlier (Read part 1 here).

Keeping up with the competition and delivering on customer expectations through the use of technology creates a level of risk that we need to assess to ensure we are not over exposed to risks beyond our risk appetite. As you know, we are in the business of taking risks and must do so to generate revenue. However, we must be cognizant of the risks that could emerge or change as we make changes to our technology and business processes to minimize the possibility of excessive risk to the organization. Risk management can play an important role by understanding the changes and asking the right questions to assess the new environment.

Risk managers should always have a mindset of wanting to help the company be successful. To that end, they have a responsibility to make sure we think through the risks and how best avoid negative impacts or going outside the guardrails.

Metrics can provide an indication of a longer term emerging risk, an indication of a likely risk in the near term, or show results from the recent past. I think you should have a combination of all three. - Parrish little (CRO HomeTrust Bank) Click To Tweet


Along those lines, do you foresee a need for more frequent monitoring of integrated metrics in the coming months?


We increased our monitoring frequency earlier this year for certain metrics, but we continue to evaluate which metrics should have increased or decreased levels of monitoring. Those decisions are based on what we see happening within and outside the company. Pre-pandemic, most metrics showed excellent performance across all risk categories, but we recognized that our monitoring frequency for certain metrics needed to change as we entered a time of significant uncertainty based on changes in the external environment.

When I think about metric frequency and integration, I first ask whether we have the right information to be predictive and if we have early indicators of risk. Assuming you have accurate and reliable data, the metric results help us make more informed business decisions. The alternative is not having an answer, or having the wrong answer, to the question, “what are these metrics telling us?”.

Metrics can provide an indication of a longer term emerging risk, an indication of a likely risk in the near term, or show results from the recent past. I think you should have a combination of all three.

To break this down even further, we consider both internal risks and risks from the external environment. The external environment is not always as much of a focus for risk managers when evaluating risks and the potential impacts. From a strategic standpoint, when you consider the external environment, there are numerous areas of exposure, whether it’s the market, the economy, competition, consumer behaviors, preferences, and more. And so you need to have indicators that are focused on those external factors. Otherwise you are missing a key piece of the puzzle when it comes to having an effective risk management program.

Complimentary Webinar - Driving Partner Growth While Avoiding Risk and Compliance Pitfalls – AMA!

To answer the part of your question about metric integration, I think of several important aspects to be effective: 1) accessibility to accurate and reliable data, 2) the ability to change the frequency at which you may want to monitor, and 3) understanding the metric connect points across all categories of risk. Accurate and reliable data is the foundation; if that piece is not in place, then everything else falls apart. Once you have quality data, you can successfully implement the other two components.

Metric integration is critical to having an effective risk management program. We constantly ask ourselves if we have the right metrics in place. Are there new ones that we need to introduce? Are there some that we need to change or modify in some way to give us a better indication of where risk is occurring?

360factors would like to thank Parrish Little for providing our readership. We have more insights from Parrish and will publish them in our final installment of the series.

Read part 1 here