How to Write a Risk Committee Charter (Step-by-Step)

Follow these steps to draft a risk committee charter.

1. Define Objectives and Scope

Start with a mission statement or statement of purpose explaining the reasoning behind the committee’s formation. This sets the tone for the committee’s actions and how they connect to the organization’s overall goals. 

This section should also specify the areas of risk under the committee’s purview, including financial risks, operational risks, compliance risks, and safety risks. List any collaborating committees, such as the safety committee or audit committee.

2. Outline Responsibilities and Authority

The most productive organizations delineate unique duties for each committee and team, and the committee charter should reflect that. The document should define the primary responsibilities in monitoring and managing risks, as well as the expected outcomes of their work. Doing so sets realistic expectations for committee members and other stakeholders by offering a written standard that defines high performance.  

It also helps the company’s output stay in line with its determined risk appetite.

Examples of risk committee governance include:

• Creating risk reports
• Assessing risk management strategies
• Contributing to the development of board policies
• Ensuring compliance with various regulators

The charter also features information on the committee’s level of autonomy to make significant decisions without seeking approval from the board of directors. 

3. Determine Committee Structure and Membership

Describe the overall structure of the committee, including the number of members and the qualifications and experience required. Define the roles within the committee, such as chairperson, secretary, and at-large members. 

This section should also detail the appointment process for committee members and set term limits. Putting this information in the charter gives every stakeholder a solid understanding of the group hierarchy, which can streamline workflow processes. 

4. Establish Meeting Procedures and Reporting Mechanisms

Outline how often committee meetings will take place and how meeting agendas will be set and distributed. Other elements of internal governance should also be noted, such as attendance requirements, meeting locations (in-person, online, or a mix of the two), how meeting minutes are recorded, and the level of access given to administrative assistants. 

The charter should also specify which communication channels the risk committee will use to report to the board or other stakeholders, and how often those reports will be sent. This ensures important information is sent to the right people at the right time. It is typically the job of the chief risk officer to report to the board after each meeting.  

5. Review and Approval

Last, but not least, the risk committee charter should outline how the charter will be reviewed and updated. This could be annually or as needed to reflect changes in the organization or regulations. 

Once a draft is complete, send it to the board for final approval before implementation.