Three Roles That Are Critical to ERM Success: A Case Study

When it comes to risk governance, alignment among the board, regulators, and management isn’t just helpful—it can be transformational. Just ask James Lam, Paul Brandow, and Jim Trotta, who together helped to facilitate E*Trade’s risk management turnaround in the aftermath of the 2008 financial crisis. 

Their experiences—recounted in a recent RMA Journal article—highlight how close coordination among the risk oversight committee (ROC) chair, the CRO, and the lead bank examiner can drive real results. They also offer practical takeaways for today’s banking environment: 

Lead Through Accountability

An effective ERM program starts with visible leadership from the board and ROC chair. In the article, Lam emphasizes the importance of “mutual respect, timely cooperation, and full transparency” with examiners—and of holding management accountable for regulatory remediation. Meanwhile, Trotta, who was E*Trade’s lead examiner for the Fed, built trust with the board and management by setting clear expectations, encouraging transparency, and avoiding “gotcha” moments. Formalizing the independence of CRO Paul Brandow’s office and building strong communication channels also paid off, helping to reduce surprises. 

Build a Risk Culture, Not Just a Risk Function

Brandow and his team worked to embed risk awareness throughout the organization, introducing ERM frameworks to first-line leaders, highlighting risks at offsite leadership events, and incorporating risk management into performance reviews. Their mantra: “Risk is part of everyone’s job.” 

Invest in Independent Risk Assessments

Under regulatory pressure and internal commitments, E*Trade shifted from relying on business-line self-assessments to developing independent, model-driven risk views. Trotta’s supervisory team provided critical feedback that helped E*Trade stay focused and pragmatic. Brandow stressed that it wasn’t about “boiling the ocean” with data—it was about building strong, targeted models and maintaining data integrity. 

Risk Management Should Support Business Strategy

By the later stages of the turnaround, E*Trade wasn’t just mitigating risks—it was using ERM capabilities to inform strategic growth, including investments, acquisitions, and new product launches. Having a CRO at the table helped balance opportunity with caution. 

Make Reporting Work

Early on, ROC materials clocked in at 1,000 pages—a sign of data overload without enough synthesis. Over time, the team created a much clearer, action-oriented CRO report, known internally as the “Lam Report,” that helped directors focus on key risk trends and emerging issues. 

Bottom Line

Strong governance, a proactive risk culture, and real collaboration among the ROC chair, CRO, and examiner helped E*Trade successfully respond to its regulatory orders—and ultimately helped to position it for its $13 billion acquisition by Morgan Stanley. 

In risk management, alignment isn’t just nice to have—it’s the foundation for turning challenges into milestones. 

To find out more about the team that was instrumental in E*Trade’s risk management turnaround, read their RMA Journal article or watch the RMA Risk Readiness webcast “The Triumvirate of Risk: A Case Study in Board, Management, and Regulatory Alignment.”