AINEWS
Vanguard names 25-year insider Manish Nagar as its next chief risk officer
Nagar will run investments, IT, cyber, and operational risk as Vanguard's top risk executive starting January 2027, as two managing directors retire.
Nagar will run investments, IT, cyber, and operational risk as Vanguard's top risk executive starting January 2027, as two managing directors retire.
Vanguard is putting the four biggest pieces of its risk operation under a single executive, and on Monday named a 25-year company veteran to take the combined role at the start of 2027.
The Valley Forge, Pennsylvania-based asset manager said Manish Nagar will become its next chief risk officer and a managing director of the firm, effective January 1, 2027. Nagar currently leads Vanguard's Business and Operational Risk group, which oversees risk governance for the firm's global client-facing businesses. His new remit will be broader than any previous CRO role at the firm: across more than two decades at Vanguard he has run risk for the investment management business, led risk for the firm's European operations, and served as the firm's chief information security officer, per the company's announcement.
The consolidation, framed by Vanguard president and chief investment officer Greg Davis as evolving risk into "an integrated, enterprise discipline," lands in a year when the firm is also losing two long-serving leaders. Managing Directors Joe Brennan, the outgoing chief risk officer, and John James will both retire later this year, and the dual exit is the part of the announcement that helps explain why Vanguard is willing to roll four risk functions into a single role now.
Nagar's portfolio will span investment, information technology, cybersecurity, and operational risk, the four functions the release says he has rotated through on his way to the top risk job. That breadth, and the explicit language about integration, is the part of the announcement the wire copy does not lead with. One executive will now own the question of how Vanguard balances market exposure, system outages, cyber incidents, and process failures, and the answer will be set inside the firm by a 25-year employee rather than imported from outside.
The release does not explain why the four pieces are being brought together now, or what the integrated function will look like in practice. Vanguard did not publish additional commentary alongside the announcement, and the press release itself does not name Nagar's direct counterpart in each of the four risk domains or describe whether the consolidation will translate into organizational change below the CRO. Readers looking for an external read on the transition will need to wait for a successor interview, a regulatory filing, or a peer-firm comparison. The one thing the press release does make clear is the order: a 25-year employee will be the one to design and run it.