By Maggie Chan
The current risk and compliance environment — an era of regulatory reset and rapidly evolving technology — is the best time to rethink the roles of risk and compliance in a bank of any size.
Risk and compliance can help the bank achieve strategic objectives and efficiencies, but they must move beyond their traditionally reactive roles and become proactive partners that help shape business strategy and support growth, according to Ryan Rasske, ABA’s SVP of risk and customer markets who moderated a panel session on the topic at the 2026 ABA Risk and Compliance Conference.
Compliance: Serve as a guardrail and a green light
Compliance in today’s banking environment is a shared responsibility that’s integrated into business lines, presenting compliance officers with incredible opportunities to serve as strategic growth partners.
As bank leaders look for efficiencies and ways to cut costs, compliance can show its function is a value-add to the bank just as much as it is a guardrail.
Compliance now has access to so much data — data that can be used to inform business strategies and help green-light new areas of revenue growth.
“We can add real insight into what we’re doing well, what we’re not doing well,” comments Lisa Grigg, chief compliance officer at U.S. Bank. With compliance data, we “can be a real strategic player as we’re thinking about what to do next.”
The data is not just for identifying weaknesses, Rasske says, but for showing where opportunities exist. With the data, compliance can be the one to say: “We can help you get there.”
As an example of compliance data as strategic asset, Renee Huffaker, executive director of enterprise risk and compliance at Arvest Bank, says officers can evaluate the volume of manual controls in planning for technology upgrades and implementation to improve the operational risk profile and overall efficiency.
“The more we can use data to talk to the business, that’s really their language and how they’re going to get value from us,” she says.
Risk: Quantify and communicate value to facilitate progress
For risk management leaders looking to support the bank’s strategic goals, the key is to become embedded in the decision-making process from ideation to implementation.
To do that, risk leaders must build relationships, credibility and trust at the bank so their input is valued. Risk leaders must also understand the business of the bank to determine the best and earliest point for risk management to factor into a decision, then communicate and prove the value of the decision.
To derive value, translate data into quantifiable benefits, says Nicholas Baxter, EVP and chief risk officer at First National Bank of Omaha. He says risk needs to ask: “Is this worth it?”
Risk is often seen as the brakes of an operation, Rasske explains, but instead it needs to show up at the table for decisions to ask: “How can I help you achieve strategic goals?”
“We have to fill the gaps to get forward progression,” Baxter adds. “We’re not at the table necessarily representing the risk infrastructure. We’re there to call some babies ugly when they are.”
Risk management has the benefit of history, and risk officers must use that to their advantage. “Bring the relevant facts to the table in a way that’s seen as constructive, as moving it forward, and then linking that back to the corporate strategy,” Baxter advises.
Maggie Chan is a senior writer at the ABA Banking Journal.









