Risk Advisory for Companies That Are Serious About Growing

Risk systems built to work in practice. Not just on paper.

I work with business owners, CEOs and leadership teams to build risk systems that reflect how their company actually operates. Practical, proportionate, and built to hold up when something goes wrong.

Schedule a Consultation Is this you?

15+

Years in Risk
Management

Years as
practising CRO

MetLife
Allianz
PwC · KPMG

Track record

Elina Moshkovich

CRO · Risk Advisor
Fractional CRO

Former CRO · Allianz · MetLife

View LinkedIn Profile

Risk University channel: senior international risk practitioners (5+ years experience)

Good risk management for a 50-person company looks nothing like it does for a 5,000-person one. The frameworks are the same. Everything else is different.

Elina Moshkovich, Risk University

01.Why Clients Engage

The conversation usually starts here.

You don’t need to be a large company to need real risk management. You need to be a company where losing control would cost you something.

Start with a 30-min Call

Something went wrong and it cost money.A client lost, a key person gone, a contract that fell through. The warning signs were visible for weeks. Nobody raised them.

An investor or board member asked about your risk management.You gave a confident answer. Later you weren’t sure it was entirely true.

iii

You want to build a risk system that actually works.Not a folder of policies that describe a company you don’t recognise. Something real, proportionate, and yours.

Due diligence or a regulatory review is coming.You know governance will be on the agenda. You want to walk in with a clean answer, not improvise one.

The company grew faster than the structure did.What worked at 20 people isn’t working at 80. Decisions fall through gaps. Nobody is sure who owns what.

You have policies filed and approved. You also have incidents.The connection between the two is not obvious, and that’s the problem.

Elina Moshkovich

CRO · Risk Advisor · Fractional CRO

Former CRO · Allianz · MetLife

02.About

Fifteen years building risk systems where failure was not an option.

Over fifteen years in enterprise risk management across consulting, financial services, and capital-intensive industries. Advisory experience at PwC and KPMG, including the mining sector. More than eight years as Chief Risk Officer, first at MetLife Russia and subsequently at Allianz Russia, leading enterprise-wide risk strategy, capital adequacy oversight, regulatory engagement, and board-level governance transformation.

Led risk management functions through consecutive systemic shocks, including the COVID-19 crisis and the subsequent period of significant regulatory and geopolitical disruption. Through periods of high volatility, the teams I led maintained capital resilience, regulatory stability, and operational continuity. We redesigned risk monitoring frameworks and strengthened executive decision support under uncertainty.

At MetLife Russia I also led the Anti-Fraud function, building a comprehensive fraud risk governance framework that integrated detection analytics, investigation protocols, regulatory alignment, and executive reporting within a highly regulated insurance environment. Led automation initiatives that put risk analytics directly into executive reporting, so leadership saw risk data alongside business decisions instead of in a separate review.

Cross-border experience includes harmonising risk frameworks across EMEA jurisdictions and aligning diverse regulatory requirements into coherent governance architecture. Speaker at international conferences and industry forums, contributor to cross-border podcasts and executive roundtables on board-level risk oversight and executive decision-making under uncertainty.

Today I advise boards and leadership teams on risk management and governance architecture. The focus is on embedding risk into strategic decision-making, strengthening governance design, and analysing how cognitive biases, incentive structures, and leadership maturity shape risk culture.

Sectors & Experience

Fintech & Financial Services

SaaS & Technology

Healthcare & Life Sciences

Insurance & Asset Management

Companies from 15 to 5,000 people

Clients across Europe, USA, GCC

We had policies, frameworks, and a compliance team. What we did not have was a risk system that actually worked. Elina found that gap in the first conversation and fixed it in six weeks.

15+

Years in risk management consulting

Years as CRO at MetLife & Allianz

10+

RM systems built from scratch

2-3 wk

To initial diagnostic & roadmap

03.How I Can Help You

Seven ways companies work with me.

Each engagement is built around what your company actually needs at the stage you are now. No standard packages, no consultancy boilerplate.

i.Foundation

Risk System Design

You don’t have a working risk system, or the one you have describes a company you don’t recognise. I build one that fits how your business actually operates: clear on who owns what, simple enough to maintain, solid enough to show investors and regulators.

From first conversation to working framework in 4 to 6 weeks.

ii.Capital

Investor & Due Diligence Readiness

Governance always comes up. Whether it is an investment round, an acquisition, or a regulatory review, I work with your leadership team to build the structure and documentation that holds up under real scrutiny, not just looks good in a deck.

Investor-ready governance package in 3 weeks.

iii.Recovery

Incident Response

Something went wrong. A financial loss, a compliance breach, a key person who left taking critical knowledge. I find where the structure failed, fix it, and make sure the same gap does not produce a second incident six months later.

Root-cause analysis and structural fix, fast.

iv.Diagnostic

Governance & Risk Maturity Assessment

A structured assessment of your corporate governance and risk management maturity. I identify specific weaknesses across decision-making, accountability, controls, escalation and culture. Then I give you a concrete plan to close each gap, in priority order.

Specific gaps. Concrete plan. No theoretical frameworks.

v.Scale

Governance for Growth

Your company doubled in 18 months. The way decisions got made at 20 people is breaking at 100. Nobody is certain who owns what. I redesign the structure so accountability keeps pace with growth, without adding bureaucracy that slows it down.

Accountability that keeps pace with growth.

vi.Ongoing

Fractional CRO

You need senior risk expertise but not a full-time hire. I work with your leadership team on an ongoing basis: present for the decisions that matter, available for investor conversations that need a credible risk perspective, and reachable when something unexpected happens.

Senior risk expertise without a full-time hire.

vii.Featured Practice

Risk Culture & Tailored Risk Training

The most costly risk failures in growing companies share one pattern: people who saw the problem and said nothing. I run practical risk management training programmes designed specifically for your company and tailored to each audience: board members, top management, and front-line employees. I design speak-up mechanisms that fit how your team works, and measure whether they are having any effect as a business metric, not an HR score.

Board-level training C-suite workshops Front-line programmes Speak-up design Culture diagnostics

04.Engagement Process

Clear from day one. Yours to keep.

I work in stages. Each one produces something usable. No 80-page reports that sit unread. No recommendations list that requires another engagement to implement. When we finish, what we built belongs to your team.

Book Your Free Diagnostic

Initial Consultation, Complimentary

A 30-minute conversation. I ask about your company and what is worrying you. You get an honest read on where you are. We decide together if it makes sense to go further.

30 min

ii.

Risk Mapping

I document how decisions actually get made, where accountability sits, and where the gaps are. You get a clear picture of your actual risk profile, not a generic framework that could apply to anyone.

3-5 days

iii.

Priority Issues First

I identify the two or three things that could genuinely hurt your business in the next 12 months and give you a concrete plan for each. Not a colour-coded list of 40 items.

1 week

iv.

Build With Your Team

I build the structure with your people, not for them. Run the training, set up the processes, make sure it is working before I step back. Your team knows how to use it and why it matters.

4-12 weeks

Available When It Matters

Investor question, regulatory contact, something unexpected. I stay reachable for the moments when you need a senior risk perspective quickly.

Ongoing

05.Deliverables

What you receive at the end of every engagement.

Every engagement ends with concrete outputs your team owns and can use without me. Structured around four typical client scenarios.

No risk system yet

Formalised Risk Management System

For companies without a formalised risk function, or where it exists only on paper. I build a risk management structure designed around your business: key processes, owners, required documentation, and regulatory alignment. Not a generic template. A working system that fits how your company actually operates.

Existing system, weak results

Existing System Strengthening

For companies with an existing risk management function that is not delivering results. I analyse what is not working and why, develop practical recommendations to strengthen the system, and support implementation. Not just a report handover.

Regulatory pressure

Regulatory Documentation & Audit Support

Preparation of risk management documentation aligned with regulatory requirements. Support during regulatory enquiries, inspections and external audits. The goal is to walk in with a credible, defensible answer, not improvise one under pressure.

Losses from weak governance

Governance Gap Analysis & Recovery Plan

Identification of the key weaknesses in decision-making and corporate governance that are producing material losses. A list of priority gaps. A concrete action plan to close each one. Implementation support until the gaps are actually closed.

06.Selected Engagements

What changes after working together.

All company names and identifying details withheld at client request. All figures confirmed at project close.

Fintech
60 People · Series B

Lead investor flagged governance gaps two weeks before closing. The company had policies on file but no working risk structure. The deal was at risk of being delayed or repriced.

3 wk

from first call to investor-ready governance package

100%

of governance questions answered with no follow-up requests

deal conditions added related to risk management

Investor Readiness · Governance Design

ii.

SaaS
120 People

Finance director found a GBP 180k discrepancy. Investigation showed three approval steps that existed on paper had never been enforced. The team had grown from 15 to 120 in two years.

6 wk

full fraud governance review and control redesign

approval gaps closed before the incident could repeat

increase in team-reported risk flags after speak-up training

Fraud Response · Risk Culture

iii.

Healthcare
200 People

Regulator requested documentation of risk management practices. The company had a compliance team but no coherent risk framework. Leadership had two weeks to respond credibly.

12 d

to produce a complete risk framework response

further regulatory action required after submission

6 mo

fractional CRO engagement to build the function in-house

Regulatory Response · Fractional CRO

07.Insights

What most companies find out too late.

Risk Theater

Risk registers presented. Heat maps reviewed. Mitigation plans approved. And the same risks materialise next quarter. The performance of risk management is not the same as risk management. When the structure cannot challenge the answer, the answer becomes a ritual.

Read on LinkedIn→

KRI Design

ii.

From Strategic Goals to KRIs

Most KRI dashboards measure activity, not risk to strategy. The trick is starting with the strategic goal and working backwards: what would have to go wrong for this to fail, what would tell us early, what number captures that. The work is in the translation, not in the dashboard.

Read on LinkedIn→

Decision Quality

iii.

Risk Management That Improves Decision Quality

A risk function that produces documents is not the same as one that improves decisions. The difference is not the framework. It is whether the function has the access, the authority, and the credibility to make leadership pause before a decision that should be questioned. Most companies stop at the documents.

Your organisation has a policy for everything. Updated annually. Signed off. Filed correctly. And the incidents keep happening. The gap between document and behaviour is not a training problem. It is a design problem, and adding another policy makes it worse.

Read on LinkedIn→

Fraud Governance

Fraud Is Born in Governance

Every fraud investigation ends with a name. Very few start with the question that matters: what in the structure made this easy? The approval gaps, the reporting lines with no independence, and the controls that existed on paper but were never enforced as the team grew.

Read on LinkedIn→

08.Featured Appearances

Conversations with peers and industry leaders.

Selected podcast appearances, conference talks, and executive roundtables on board-level risk oversight, governance design, and decision-making under uncertainty.

Podcast Episode

The Third Party Risk Institute Podcast

Why Most Risk Governance Systems Fail (And How to Fix Them)

A 57-minute conversation on the governance structures that determine how decisions are made, how risks are escalated, and why most risk frameworks fail to prevent the events they were designed for.

With Linda Tuck Chapman

March 2026 · 57 min →

Conference Keynote

Information Asymmetry & Board-Level Governance

International Risk & Governance Forum

2025

Executive Roundtable

Cross-Border Risk Forum

Decision-Making Under Uncertainty

Closed roundtable for senior risk leaders on how cognitive biases, incentive structures, and leadership maturity shape risk culture and board-level decisions.

2025-2026

09.Private Community

A private room for peers.

I run a private Telegram group for senior risk professionals, founders, board members and top executives. Inside, I share templates, working documents, and practical advice on risk management that I do not publish anywhere else.

Templates

Risk registers, policy frameworks, escalation maps. The actual working files, not theoretical examples.

Case Discussions

Real situations members are working through, with senior peer input. Anonymous when needed.

Practical Advice

Direct answers to specific governance questions. No theory, no consulting jargon.

Quiet Network

A small group of senior practitioners. Vetted membership. Conversations stay inside.

For

Risk Professionals Founders Board Members Top Management

Request Membership By invitation. Limited capacity.

No. 10Begin the conversation

Start a conversation early.

Most clients wait until something breaks. By then, the cost of fixing it is far higher than the cost of preventing it.

10.Schedule

Complimentary 30-minute consultation.

I will tell you where I think your biggest risks are and whether it makes sense to work together. No sales process. No proposal unless you want one.

Schedule a Consultation Connect on LinkedIn

→ Telegram: Risk University (weekly insights)