Geopolitical issues and related sanctions have substantially increased the risks to financial institutions. In addition to other key risks, how can internal audit and risk leaders address such emerging issues, while ensuring risk awareness is an integral part of the business culture? This interview with Ralph Dicht, Head of Group Internal Audit, looks at some of the key challenges facing internal audit teams and how to overcome them. Ralph also shares key approaches learned in his journey from external to internal audit.
“You cannot underestimate the importance of communications with key stakeholders”
Corina Ruchti: There are many paths to internal audit and risk management. What path has your journey taken?
Ralph Dicht: It’s been a journey from external to internal audit and from consulting in KPMG, one of the “Big Four” consultancy firms, to the client side. This experience gained over 20 years influences how I approach my current role. As a Certified Public Accountant (CPA) in an external audit firm, I had no plans to go into internal audit. My initial consideration however was mainly based on the internal audit reports I had to read. These provided good organisational insights but limited insights about the function itself. The more experience and understanding I gained about the role of internal audit working with internal audit teams, the more I realised that internal audit work is much more interesting and proactive than it appears on paper.
“No one ever tells you your programme is complete”
How has this journey influenced your approach to risk management? What are the key lessons learned?
I try to take the best aspects of both external and internal audit and combine them with my own experienced-based opinions and those of my team. In this regard, it has been an advantage to work at one of the “Big Four” firms and especially in the US, as you are exposed to a range of industries, organisations and regulators.
In essence, the experience has influenced my approach in several ways. The first concerns the communications approach to proposing improvements and dealing with key stakeholders. For example, when proposing a change, I always focus on the intended business risk reduction aspects while keeping benefits and cost in mind. You cannot underestimate the importance of communications with key stakeholders. It helps to eliminate potential friction and minimise the likelihood of escalations which are neither effective nor efficient. This is one of the main reasons why I have requested the internal audit team to work three days a week from the office and to put stakeholders’ interest first. Some of the most important conversations take place over a coffee or conversation in a collaboration space or similar settings.
Secondly, professional networking is extremely important for exchanging practice ideas to help provide optimal solutions. This is specially the case with emerging issues.
Corina Ruchti
Director, Internal Audit Banking, PwC Switzerland
Tel.: +41 58 792 46 76
What role does professional networking play in the success of Internal Audit & Risk?
It’s essential. There’s almost a new challenge arising every day. That’s why networking amongst experts is important to get the outside-in view. At the Institute of Internal Auditors, we have exchange groups that provide tips on emerging themes and topics. For example, the war in Ukraine and related sanctions have created enormous challenges, not only regarding sanctioned parties but also in the service offering and product area. Based on this exchange, we can update or enhance our internal risk assessment and related audit programmes. Also, no one ever tells you that your programme is complete. Continuous adaptation and improvement are par for the course.
“There’s almost a new challenge arising every day. That’s why networking amongst experts is important.”
What are your main risks?
Our main macro-level risks are Technology, Cyber Risk, Data and Digitalisation. This is followed by Financial Crime & Anti-Money Laundering. Third is Conduct and Culture followed by Governance, Supervision & Controls. Other key macro risks include geopolitical uncertainties, Environment, Social & Governance (ESG), People & Talent Management, Legal & Reputational Risk, Regulatory Developments and Reporting.
How do you manage your team to ensure the risk culture is lived?
Through a combination of articulating and demonstrating a set of core values in practice as well as via performance management. We have three key principles by which we aim to work. These are: the need to be humble and value the views of the people with whom we deal; the need to be smart in dealing with our key stakeholders as well as having the hunger to go the extra mile to change things for the better.
We assess the risk and control awareness as part of our work and have a separate grading scale to do so. For example, if a function adheres to the defined global minimum standards, we will generally rate them as “adequate” and if not they “need improvement”. To be “good” or even “strong” would require demonstrated pro-activity – taking preventative actions rather than just detecting issues. The ambition of our auditees is certainly beyond “adequate”, to be “good” or even “strong” on risk management.
Julius Baer is the leading Swiss wealth management group and a premium brand in this global sector, with a focus on servicing and advising sophisticated private clients. In all we do, we are inspired by our purpose: creating value beyond wealth. At the end of June 2022, assets under management amounted to CHF 428 billion. Bank Julius Baer & Co. Ltd., the renowned Swiss private bank with origins dating back to 1890, is the principal operating company of Julius Baer Group Ltd., whose shares are listed on the SIX Swiss Exchange (ticker symbol: BAER) and are included in the Swiss Leader Index (SLI), comprising the 30 largest and most liquid Swiss stocks.
Julius Baer is present in over 25 countries and around 60 locations. Headquartered in Zurich, we have offices in key locations including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, São Paulo, Shanghai, Singapore, Tel Aviv and Tokyo. Our client-centric approach, our objective advice based on the Julius Baer open product platform, our solid financial base and our entrepreneurial management culture make us the international reference in wealth management.
For more information visit our website at www.juliusbaer.com
How important is culture to the success of internal audit and risk management and the company in general?
It’s one of our largest risks. We have smart people who know the rules and technical aspects of the business. The culture is harder to manage or transform, for example, around the risk appetite. At Julius Baer, we have significantly increased the resources in risk management and compliance and were able to resolve legacy matters. The key challenge is to ensure that we live the values and do not allow complacency. Included in the many management actions put in place are value and risk behaviour assessments as part of scorecards and performance measures as well as aligning the compensation models to support profitable growth. Another important cultural challenge involves ensuring that our group standards are met consistently around the globe.
“Don’t aim to retire in the role”
Finally, what advice would you give to someone starting out in the risk management function?
Don’t aim to retire in the role. Internal Audit functions are a good career starting point because they provide you a base from which to understand the business. From there, you can move into other areas to gain experience. It also gives you the perspective about how colleagues in other parts of the business view internal audit. At a later stage you might decide to move back into internal audit with this additional experience. Either case can provide you with a fulfilling career.
Ralph is Head of Group Internal Audit and the Chief Audit Executive at Julius Baer.
Prior to joining Julius Baer, he was a Partner at KPMG Switzerland, covering local and global financial institutions, investment companies as well as broker-dealers. As an audit specialist, he focused on areas related to regulatory audits and investigations on behalf of the Swiss Financial Market Supervisory Authority covering domestic and international laws and regulations. His Swiss-based experience was complemented with two years in the US with KPMG covering clients across the financial services and asset management sectors.
A Certified Public Accountant, Ralph also holds a bachelor’s degree in Business Administration from Kempten University of Applied Sciences.
In this interview we cover some of the cutting edge thinking and practices transforming finance industry from the leading digital financial services provider, Sygnum Bank, the world’s first regulated digital asset bank.
In this interview, Marco Aspesi explains how risk management bolsters strategic decisions in a volatile environment, helping to protect and grow the business.
In this interview with Stephanie Bregy, we cover the critical role that compliance and risk functions play in strategic business transformation.
PwC's Global Risk Survey reflects the views of 3,500+ risk and business executives from various industries around the world.
Partner, Leader Financial Services Risk Consulting & Internal Audit, PwC Switzerland
Tel: +41 58 792 46 28
Corina Ruchti
Director, Financial Services Risk Consulting & Internal Audit, PwC Switzerland
Tel: +41 58 792 46 76
Partner, Risk Consulting, Risk Consulting Leader TIS (Trade, Industry, Services) and Internal Audit, PwC Switzerland
Tel: +41 79 816 27 00
