Climbing the Risk Career Ladder



It should come as no surprise that on graduating university, the simplest and most common route into a career in risk comes from entering one of the Big Four consultancy firms. Getting your start with the likes of PwC, KPMG, Deloitte or EY as an internal auditor or external auditor will give you a good grounding in risk and controls, as well as giving you a good overview of that space.

However, the Big Four is not the only way in. Risk management is not an area you can just walk into, you must furnish yourself with adequate experience first. So, an entry-level front-line operations role in your choice of industry will give you a great perspective on risk incidents, both managing and mitigating them. Banking and the insurance industry are great options, as they share many of the same objectives as risk management.

Speaking to Risk and Control Professional, Krish Lalwani, he got his start as a treasury operations analyst with NAB which enabled him to build a skillset that was transferable to a career in risk management. It brought him into contact with numerous incidents and gave him excellent insight into risk, knowledge of controls, experience dealing with financial losses and managing risk incidents.

It is possible, Krish says, to take your knowledge of a particular product be it treasury, lending, technologies, personal banking and so on and your understanding of the business and apply those things to becoming a Risk Manager in a related space. To really be great working in risk you should make yourself as well-rounded as possible. Hiring managers want candidates that can demonstrate good business acumen, strategic thinking, and the ability to work effectively with people across all departments and disciplines within an organisation. The more areas of business you are knowledgeable in the more job mobility you give yourself.

Experience is undeniably the key to ascending the risk career ladder. “Don’t be afraid to get your hands dirty,” says Krish, “and by that I’m talking in terms of accountability and responsibility. Because that is how you’ll get more experience which is all transferable. The more you see, the more you’ll be able to handle.”

In terms of progression, you’d likely move from your job in either internal or external audit, insurance, or banking etc. into an analyst role. As a Risk Analyst you wouldn’t be able to handle the business by yourself, you’d work alongside a Risk Manager or consultant gleaning their experience. Once you are capable, you can move up to an operational Risk Consultant role and from there to Risk Manager. From there you’d be aiming for General Risk Manager and ultimately, Chief Risk Officer (CRO).

Be assertive. Don’t be afraid to confront and challenge people. “You have to manage the relationships,” says Krish, “but you must have the courage to get up and challenge the business in a nice way.” At the end of the day, they want to hear the truth that will help keep their business protected and drive it forward.

Finally, don’t discount the importance of soft skills. Nurturing your relationships within the business and with key stakeholders will open doors for you and help you find the jobs in risk that you want.


Back to article list