Your SlideShare is downloading. ×
Risk Management And Internal Control In The Changing Econmic Landscape
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Risk Management And Internal Control In The Changing Econmic Landscape

1,138
views

Published on

The changing business landscape requires more emphasis on enterprise risk management

The changing business landscape requires more emphasis on enterprise risk management

Published in: Business, Economy & Finance

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,138
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
115
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. RISK MANAGEMENT AND INTERNAL CONTROL IN CHANGING ECONOMIC LANDSCAPE
    Nik Mohd Hasyudeen Yusoff
    Finance Function Excellence
    12 October 2009
    Competitiveness Through Innovation and Strategy
  • 2. Agenda
    Attaining business sustainability through risk management
    Changing business landscape and risk profile
    Linking risks to internal control
    Good governance factor in risk management
    Mindset and culture in strengthening risk management
  • 3. Attaining business sustainability through risk management
    • A business:
    • 4. Needs to serve customers
    • 5. Needs to compete
    • 6. Operates in business environment that keeps on changing
    • 7. Is affected by global developments
    • 8. Has stakeholders beyond shareholders
    • 9. Generates profit through risk taking (uncertainty)
  • Attaining business sustainability through risk management
    Value Creation Facets of BHP Billiton
    Value creation is multi-facet and could be viewed from internal dimension as well as external dimension
    Balancing the value proposition to shareholders and stakeholders would be key to business sustainability
  • 10. Attaining business sustainability through risk management
    Inovastra’s view of value creation
    Leadership
    Strategy
    Values
    Value proposition
    Internal resources
    Value creation
    Customers
    People
    Processes
    Functionality
    Platform
    Intellectual assets
    Feelings
    Physical resources
    Financials
    Protocol
    External network
    Business partners
    Institutional partners
  • 11. Attaining business sustainability through risk management
    Enterprise risk management encompasses:
    Aligning risk appetite and strategy
    Enhancing risk response decisions
    Reducing operational surprises and losses
    Identifying and managing multiple and cross-enterprise risks
    Seizing opportunities
    Improving deployment of capital
  • 12. Attaining business sustainability through risk management
    In ensuring business sustainability, the appreciation of risks and mitigation of risks at the strategic level is very important
    Key strategic risks are:
    Demand risk
    Competitive risk
    Capability risk
  • 13. The business landscape should not only be view from a single dimension such as between a business and its customers only
    The drivers that change the landscape and the effect on all players should also be understood
    Changing business landscape and risk profile
  • 14. Politics
    Your
    Competitors
    Your
    Competitors
    Economy
    Your
    Customers
    Your
    Customers
    Your
    Customers
    Society
    Technology
    Your
    Business
    Your
    Suppliers
    Your
    Network
    Partners
    Environment
    Changing business landscape and risk profile
  • 15. Politics drive government policies which would affect the economy and business climate
    Global and regional political developments add to the complications of local politics
    How far would the G-20 initiatives would affect you?
    Changing business landscape and risk profile
  • 16. The inter-linkages between economies could not be denied anymore and any changes in other places would affect the local economic conditions
    The globalisation and regionalisation of business require businesses be involved in more than one economic regions
    Do you think the AEC 2015 will affect you industry and your business?
    Changing business landscape and risk profile
  • 17. Rights
    Health
    Education
    Security
    Distribution of wealth
    New lifestyles
    Demography
    Which one of these elements would affect you business most?
    Changing business landscape and risk profile
  • 18. Technology has been one of the factors that levels economies and markets
    Enables new business
    Destroy existing business
    Allows different ways of running businesses
    Would Web 2.0 makes your business model obsolete?
    Changing business landscape and risk profile
  • 19. The Green Economy would be more visible in the years to come
    Rules and regulation, domestically and in the market you serve, would require businesses to assess the business models
    Is your business already affected by environmental issues?
    Changing business landscape and risk profile
  • 20. Don’t be caught like a frog in the boiling pot!
    Changing business landscape and risk profile
  • 21. Changing business landscape and risk profile
    Some turbulence could be detectable some are not
    Spurts of prosperity
    Chaotic
    Continuum
    Spurts of downturn
    Adapted from The Chaotics Model – Kotler and Caslione
  • 22. Changing business landscape and risk profile
    Turbulence is the unpredictable and swift changes in an organisational internal or external environment that affects its performance
    A business arrives at a strategic inflection point when its old strategy no longer works and must be replaced by new one if it want to ascend to new heights
    Strategic Inflection Point
    Level
    Of
    Chaos
    Time
  • 23. Linking risks to internal control
    Internal control is broadly defined as a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
    Effectiveness and efficiency of operations.
    Reliability of financial reporting.
    Compliance with applicable laws and regulations.
  • 24. Linking risks to internal control
    Policies and procedures to ensure management directives are carried out effectively
    Approvals and authorisations
    Verification and reconciliation
    Review of operations
    Security of assets
    Segregation of duties
    To bring down the risks to the level within the
    risk appetite set by the Board
  • 25. Giving up the illusion that you could predict the future is a very liberating moment. All you can do is to give yourself the capacity to respond to the only certainty of life – which is uncertainty. The creation of that capability is strategy.
    Lord John Browne, Group Chief Executive of BP
    Changing business landscape and risk profile
  • 26. Linking risks to internal control
    Understanding and responding to changes is not really rocket science, however a lot of organisation fail to put in place a framework to understand and responding to changes
  • 27. Linking risks to internal control
  • 28. Greed!
    Unmitigated excessive risk taking
    Independent directors turn dependent
    Executive incentives linked to short-term performance
    Auditors putting business interests above professional values
    Good governance factor in risk management
  • 29. The global financial crisis had surfaced governance lapses at various levels
    As key outcome of good governance is business sustainability, the roles played by the board and management are critical
    Strategy setting and risk appetite
    Risks assessment and mitigation
    Getting risk management functioning across organisation and across formal and informal structures
    Good governance factor in risk management
  • 30. A recent research by Northern Carolina State University discovered that:
    Over 60% of respondents believe that the volume and complexity of risks have changed “Extensively” or “A Great Deal” in the last five years
    Just over a third of respondents (36%) note that they were caught off guard by an operational surprise “Extensively” or “A Great Deal” in the last five years
    Good governance factor in risk management
  • 31. Good governance factor in risk management
    44% of respondents have no enterprise-wide risk management process in place and have no plans to implement one. An additional 18% without ERM processes in place indicate that they are currently investigating the concept, but have made no decisions about implementing ERM
    Forty-three percent do not have their business functions establishing or updating assessments of risk exposures on any formal basis. Over 75% indicate that key risks are being communicated merely on an ad hoc basis at management meetings
  • 32. For those audit committees formally monitoring risks for the board, 19% only monitor financial risks, 63% monitor operational and compliance risks in addition to financial risks. Only 18% monitor all entity risks, including strategic risks
    Despite strong interest in improving senior executive leadership in risk oversight, very few organizations (18%) have created a chief risk officer (CRO) position to lead and coordinate the organization’s risk oversight processes
    Good governance factor in risk management
  • 33.
    • Standards and Poor progress report of adoption of ERM in its rated companies:
    there have been few instances of a firm’s ability to articulate a risk tolerance or risk appetite that has been defined for the organization
    firms’ focus on managing downside risks with little, if any, attention paid to the opportunities
    that most risk management activities remain “silo-based” and at the operational managers’ level
    Good governance factor in risk management
  • 34. Would reporting failure occur again?
    Is there another way of guiding people to perform?
    MIA published a monograph on human governance which focuses on the inside-out approach instead of parameter-driven rule-based governance
    Spiritual aspect is recognised
  • 35. Mindset and culture in strengthening risk management
    Tone from the boardroom
    Indicate board’s priority
    Adequate oversight over management implementation of risk management and internal control
    Linking compensation packages to risk management
    Would encourage the right culture and mindset
    Balance between business sustainability and short term performance expectations
  • 36. Moving Forward Thoughts
    Taking risk in natural in attaining corporate objectives
    Given the dynamic environment, risks profile changes and corresponding response is necessary
    Risk management goes beyond ticking the box and need to be embrace holistically
    An inside-out approach would encourage the “doing the right thing” culture