Sponsors (6)
The bill strengthens risk governance at large banks and financial firms—reducing the chance of failures and improving regulatory response—but does so by imposing tight hiring deadlines, potential operational penalties, and added compliance costs that could affect firms' operations and be passed on to customers.
Large banks and large nonbank financial firms (including those with ≥ $50B in consolidated assets) must appoint permanent, qualified chief risk officers and form risk committees, improving enterprise-wide risk oversight and extending protections to firms that previously avoided holding-company rules.
Customers and taxpayers benefit because firms must report risk-management deficiencies and emerging risks to their risk committees and resolve them promptly, reducing the chance of firm failures that could harm customers or require taxpayer intervention.
State and federal regulators will get faster notification (within 24 hours) and a hiring plan within 7 days when a CRO vacancy occurs, improving supervisory awareness and the ability to respond to elevated risks quickly.
Financial institutions face a severe operational penalty: firms that fail to fill a CRO within 60 days risk an asset freeze at their prior asset level, which could constrain operations and amplify harm to customers and markets.
Banks and large nonbank firms will face increased compliance burdens and potential costs because of tight deadlines (24-hour notices and 7-day hiring plans), creating administrative strain—especially for globally operating firms coordinating across jurisdictions.
Smaller banks that become newly subject to the ≥ $50B rule may incur material costs to stand up risk committees and hire qualified CROs, and those costs could be passed on to customers through higher fees or reduced services.
Based on analysis of 2 sections of legislative text.
Requires covered large financial firms to appoint a qualified CRO, creates rapid vacancy-notice and hiring-plan rules, public notice, and a 60-day hiring-related asset freeze for prolonged vacancies.
Introduced March 6, 2025 by Sean Casten · Last progress March 6, 2025
Requires large, complex financial firms to appoint a qualified chief risk officer (CRO) with relevant large‑firm risk experience, establishes CRO duties and reporting lines, and creates strict notification and replacement rules if the CRO position becomes vacant. Firms must notify regulators within 24 hours of a CRO vacancy, submit a hiring plan within seven days, publish a public notice if the vacancy continues, and face a 60‑day hiring‑related asset freeze if they don’t fill the role. Also requires banks that meet a $50 billion consolidated-asset threshold but are not part of a bank holding company to form a risk committee and appoint a CRO. For nonbank financial companies supervised by the Board of Governors, the Board is designated the primary regulator for these CRO requirements.