While the boards of directors of mutual funds are not responsible for managing risk, they still have a key role to play in overseeing investment and operational risks, according to a white paper just released by the Investment Company Institute and Independent Board of Directors.

The ICI, the Washington, D.C. trade group representing U.S. mutual funds, and IBD said that the board's role in risk oversight must be disclosed in a mutual fund's registration statement and they outlined five best practices for fund boards in addressing risk management. They are as follows:

1. Assign Risk to Committee. It is not common practice for a board to have a committee whose core mandate is to risk oversight. However, in some cases boards may decide to assign the task to an existing committee, such as an audit committee. They can then ask the committee members to contribute their insights.

2. Ask for Routine Information. Regardless of whether the report is quarterly or annual, boards may want to receive risk reports which explain the investment fund adviser's procedures to identify, control and monitor risks affecting the funds it manages and demonstrate their effectiveness. Those reports might include an educational component about risk management, with definitions of key terms, as well as information necessary to put the report's information in context. Boards should ask that investment risk reports provide summary attribution and risk exposure data while operational risk reports provide information on the risks that have the greatest financial impact on the fund and its shareholders. Boards should also receive summary reports of any stress tests or scenario analyses including the methodologies followed.

3. Ask for Immediate Analysis of Important Events. Boards could decide to be notified as possible as soon as a significant event occurs or may want to receive a report after the issue has been addressed. Boards could also want to be notified when the "probability" of a high risk event occurs such as a major hurricane reaching some of the investment fund's offices.

4. Plan Educational Sessions. Boards could schedule special sessions on risk management to focus on the adviser's risk management program generally, or on discrete topics, such as counterparty risk or business continuity. By focusing on a specific risk area, boards are able to explore in greater depth the potential internal or external events that could trigger a loss or adverse consequence. the controls in place to manage those events or their associated risks, and the effectiveness of those controls.

5. Talk to Risk Manager. Although the chief compliance officer is required to meet with a board's independent directors, there is no legal requirement that a risk manager do so. However, boards may want to do so and view the session as an opportunity to engage in a candid discussion about risk matters.

6. Evaluate Board Governance Practices. Boards may want to periodically reevalute their risk oversight practices, such as report formats and frequency, and consider whether any adjustments are needed. In evaluating their practices boards may want to include risk oversight in their annual analysis of board effectiveness; seek feedback on their approach from consultants, auditors or board counsel; and participate in continuing education opportunities on risk management.

-- This article first appeared on Securities Technology Monitor.