1Risk Management Benchmarking ServicesRiskpro, India
2Who is Riskpro… Why us?ABOUT US Riskpro is an organisation of member firmsaround India devoted to client serviceexcellence. Member firms offer wide rangeof services in the field of risk management. Currently it has offices in three major citiesMumbai, Delhi and Bangalore and alliancesin other cities. Managed by experienced professionals withexperiences spanning various industries.MISSION Provide integrated risk managementconsulting services to mid-large sizedcorporate /financial institutions in India Be the preferred service provider forcomplete Governance, Risk and Compliance(GRC) solutions.VALUE PROPOSITION You get quality advisory, normally deliveredby large consulting firms, at fee levelscharged by independent & small firms High quality deliverables Multi-skilled & multi-disciplined organisation. Timely completion of any task Affordable alternative to large firmsDIFFERENTIATORS Risk Management is our main focus Over 200 years of cumulative experience Hybrid Delivery model Ability to take on large and complex projectsdue to delivery capabilities We Hold hands, not shake hands.
3Risk Management Advisory ServicesTraining RecruitmentBasel II/III Advisory Market Risk Credit Risk Operational Risk ICAAPCorporate Risks Enterprise Risk Assessment Fraud Risk Risk based Internal Audit Operations Risk Forensic servicesInformation Security IS Audit Information Security IT Assurance IT GovernanceOperational Risk Process reviews Policy/ Process Review Process Improvement Compliance RiskGovernance Corporate Governance Business Strategic risk Fraud Risk Forensic AccountingOther Risks Business/Strategic Risk Reputation Risk Outsourcing Risk Contractual Risk Banking – E Learning Corporate Training Regular Risk Management Training Online Training material Workshops / Events Virtual Risk Managers Full Time Risk Professionals Part time Risk Professionals Risk Managers on call – freeSERVICES
5Risk Management Benchmarking Methodology Why Benchmark Necessary to evaluate your risk management framework vis a vis competition to ensureminimal financial and reputation losses or atleast losses should not exceed industryaverage To plug loop holes that management knows exist, and to indentify more of such gaps A comprehensive exercise mandated by the Board to carry out a major revamp of old andoutdated risk management framework to understand how divisions or programs compare internally or to industry standards To minimise overlaps with internal audit, compliance, to bring efficiencies and betterintegration of overall GRC framework How Benchmarked Benchmarking to International Best practice - The risk management process will becompared with and measured against world wide best practice and international riskmanagement standards Risk Management Maturity Models will be used to evaluate the exiting maturity of riskframeworks and where the firm needs to evolve to. Benchmarking exercise will assess all aspects of the risk management process byreviewing documentation, reports etc and interviews with key personnel
6Benchmarking Overview – Evaluation of Risk ManagementFrameworkDefine Scope1.Only Holding company orall entities across the group2. Gap Analysis only orprocess improvement alongthe wayExecution ofBenchmarking Procedures1. Perform agreed procedures2. Frequent interaction to shareresults and findings3. Stay focused on value addedproceduresReporting Findings1. Final report2. PPT presentation toSenior Management3. Further related advisory
7Risk Management Benchmarking Procedures appliedA. Risk Management Strategy andGovernance1. Evaluation of risk strategy against bestpractices2. Risk Appetite Framework3. Adequacy of risk management standardsand frameworks adopted4. Linkage to Corporate and businessobjectives with risk appetite5. Setup of risk governance and effective ofcommittees/charter6. Risk culture and training, awareness7. Adoption of relevant regulatory requirementsuch as AML/KYC, Risk reporting anddisclosure8. Review of internal audit reports on riskmanagement functionB. Risk Identification and Evaluation1. Methods used to identify risk2. Sources of risk, level of inherent risk3. Extent to which risks have been identifiedat the appropriate level4. Risk definitions – including use of inherent(gross) and residual (net) risks5. Categories of Risk and how determined6. Risk workshops – approach used7. Use of scenario planning8. Advanced models to gauge risks9. Measuring the impact and the likelihood ofoccurrence of each risk•Approach adopted•Risk matrix – evaluation against best practice•How has the approach ensured consistency•Ease of understanding by managers using theprocess•Reliability of the information gathered
8Risk Management Benchmarking Procedures appliedC. Assessment of Risk Mitigation1. Approach adopted – workshops or otherapproach2. Risk Assessment – Adequacy of frequencyand output of top risks3. Method employed to assess risk mitigation4. Identification of risk exposures5. Establishment of action plans.6. Risk treatment analysis – how have thecost/ benefits of dealing with exposures /exploiting opportunities been assessed?7. Proper escalation and communication ofalerts, triggers of breachesD. Output from the Risk Process1. Risk register – method adopted2. Completeness of risk registers3. How has consistency been ensured4. Approach adopted to deal with anomalies5. Risk owners – how have these beendetermined6. How risk interdependencies have beenaddressed7. Reports for Senior Management8. Board reporting to review progress inaddressing the exposures – methodadopted9. Methodology for emerging risks10. Risk disclosures – Regulatory andvoluntary
9Risk Management Benchmarking Procedures appliedE. Risk Principles and RiskCulture embedding1. Approach adopted – workshops or otherapproach2. How have corporate risks been linked intothe Strategic planning process3. Has the process been adopted across theorganisation?4. How have operational risks into thebusiness planning process5. Approach adopted for risk tracking6. How has the decision making processbeen influenced by the adoption of theformal risk management process?7. What benefits have been delivered?8. Integration of incident management9. Integration of Business Continuity planning10. Have risk champions been identified viathe process?F. Project Wrap up and Reporting1. Final report with our major and moderatefindings2. Below each finding, a recommendedimprovement suggestions will be provided3. An overall list of minor issues noted will beattached as Annex4. Final presentation to Board/SeniorManagement on the project5. Undertaking additional assignments as afollow up of the report, depending upon thefuture scope agreed upon.
10Project Summary – Estimated CostsRisk Component Estimated Duration Estimated PricingRisk Management Benchmarking 4-6 weeks To be finalised afterdiscussions of scopeTOTAL (exclusive of Service tax) TBDProject Exclusions Scope of our assignment will be as mentioned in the detailed proposal that we will submit toyou. The benchmarking methodology is an illustration of the types of procedures carried out forvarious benchmarking exercise. Depending upon the project scope and budget, finalprocedures will be part of the engagement letter In particular, the following are not in scope for the current proposal. Formulation or enhancement of any policy, process note or procedure documents Implementation of any risk management component is excluded. Example Enhancing riskregisters, creating risk reports, MIS information etc Existing regulations will be used as a benchmark.
12Risk Management Trainings – Delivery MethodsOnsite- Instructor Led Online- Web based Webinars Corporate Institutional trainingsfor senior management withstrategic interest areas Classroom trainings for junior/mid level executives Delivered by knowledgeableexperts across industrydomains Multi city delivery capability fortraining to large audience Suitable for frontline staff forinduction and onboardingrequirements Delivered live by expertsproviding topic outlineframework Low cost model at regularintervals or fixed duration e-learning platform Interactive webinars on hottopics or customized areas forglobal access audience Complimentary or Recordedversions for self paced re-capand reference On demand services with selecttopics Conducted by industry expertswith Q&A session
13Our Recruitment servicesFull Time Staffing Riskpro is constantly building its network of Risk Professionals across India Today, we can help you hire risk professionals at all levels of experience We differentiate from other recruitment firms, because, as Risk Managers ourselves, weare able to better match your requirements and candidate experience Our charge out rates are competitive Slab rates. As we do more business with you, the rates come down.Temporary Staffing - The Project Team Pool of highly qualified staff with deep risk expertise Available for your short to medium term needs Varying levels of professionals available. Experience starting from 4 years to 20 years.All will have CA, ICWA or equivalent qualification. The Project employees pool will be available as per your needs and the employees onsite can start/stop projects as per your master project plan.RECRUITMENT
14Risk Based Internal Audit How we DoTransactionAuditControlReviewsProcessReviewsRiskAssessmentFraudMitigationEnterprise RiskAssessmentIncreasing Enterprise Risk FocusNeedofOrganizationsInternal Auditing helps an organizationaccomplish its objectives by bringing asystematic, disciplined approach to evaluateand improve the effectiveness of riskmanagement, control and governanceprocesses.Source: The Institute of Internal Auditors 1999 (IIA)Benefits of Risk based Audit• Traditional audit view value addedtechniques•Risk profile of Businesses•Internal Controls & Ops Risk reviews•Cost reductions recommendations•Review of Fraud Risk Controls
15Our Solution for Fraud InvestigationBased on our understanding of your requirements, we have customized a package of oursolution offerings to meet your needs.To detect and prevent fraudand evaluate Code OfConduct Compliance onfollowing parameters : Fraud Detection Fraudulent Vendor Recruiting new dealers,suppliers, franchisees ordistributors Anti-Fraud Measures Monitoring Compliance and Authorization Workplace Practice Background check foremployees Background check forcustomers Prevent default of high valuebillsOur Solution For youAnalyzeInvestigateResolveUnderstandingYour SupplyChainTo Monitor YourProcessEvaluating yourneedSource Rootcause ofProblemObtaining AndsecuringEvidenceConfidentialInterviewswith vendorsPrioritizesolutions andremedialmeasuresQuantify Lossand Suggestpossible ActionsSolveCompliancesIssuesBenefits To You Protects you from anyMonetary or Reputationdamage Code of conductestablishment Enables you to identifyrisks / control gaps Helps you identify anyundisclosed production Risk MitigationHow we Do
16IT Governance How we DoIT ASSURANCE• Business Continuity Planning• Computer Crime Investigations• Training in IT• Compliance with IS Policies &ProceduresINFORMATION SECURITY• Penetration Testing• Application Systems - Security review• Review of IS Controls• BS 7799 / (ISO 27001) Implémentation• Formation of IS Security Policy• Compliance with IS Policies & ProceduresIT GOVERNANCE• COBIT• ValIT• Balanced Scorecard• IT & Business Maturity ModelsIS AUDIT• Operating Systems Audit• Database Audit• Networking Audit• Firewall Audit• IDS Audit• Web Application, Data Center Audit• Internet Banking, Core Banking Audit• Performance & Forensic Auditing•Application Systems - Functional review• Compliance with IS Policies & Procedures
17Riskpro Training Credentials - ExampleCompany Training Details One Day Fraud Risk Training in the Factoring Business In-depth understanding of fraud schemes, fraud prevention measures One Day Risk Management Training / ISO 31000 Training Enterprise Risk Management Training with a focus on Strategic Risk,Reputation Risk and Outsourcing Risk One Day intensive Enterprise Risk Management Training at Sanand,Gujarat Training Led by Ex Head – Corporate Risk Management Larsen & Toubro Half day session on Managing Corporate Governance Risks at the Boardlevel Similar trainings and programs at other public forums such asASSOCHAM Half Day training on Key Risk Indicators at Corporate Office How to successfully choose effective KRI and implement leading andlagging KRI One Day training on Corporate Fraud Risks at the Company’s offsite Numerous case studies and interactive sessions
18Riskpro Clients Our Clients*Any trademarks or logos used throughout this presentation are the property of their respective ownersBanking/InsuranceCorporateMNCBankingIntlConsultingIT / Others
19Team Experiences Our ExperiencesAny trademarks or logos used throughout this presentation are the property of theirrespective ownersOur team members have worked at world class Companies
20RESUMES – Our team Co-Founder - Riskpro CA, CPA, MBA-Finance (USA), FRM (GARP) Over 10 years international experience – 6 years in Bahrain and 4 years USA 15 years exp in risk management consulting and internal audits, Specialization inOperational Risk, Basel II, Sox and Control design Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain),Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India) Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)ManojJain Co- Founder - Riskpro CA (India), MBA (Netherlands), CIA (USA) Over 15 years of extensive internal and external audit experience in India andabroad. Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and YoungKuwait, Deloitte Netherlands and KPMG India. Worked with clients in a wide variety of industries and countries including trading,retail and consumer goods, NGO, manufacturing and banking and finance. Majorclients include banks, investment companies, manufacturing organizations,aviation etc.RahulBhanCredentials
21RESUMES - Our team Co-Founder - Riskpro PGD (Electrical & Electronics & Computer Programming) 30 years of experience in Information & Communications Technology (ICT) Solutionsfor Retail, Garments, Manufacturing, Services Industries. Has created Companies, Divisions, Products, Brands, Teams & Markets. Consulting in Business, Technology, Marketing & Sales & Strategic Planning. Advisory, Training, Workshops & Implementation in Systems Thinking, SystemsModeling & Balanced Scorecard Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,CasperAbrahamCredentials Senior Vice President – Risk Management (Fraud Risk, BFSI) MBA, PDFM, NSE-NCFM, PMP, CSSGB,Trained ISO 9001:2000 I.A Professional with 17 years of rich experience into diverse Consumer finance/ Lendingoperations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting &Housing finance in BFSI industry having successfully led key business strategicengagements across multi-product environment in APAC, Australia and US regions. Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank Highly skilled and expert Trainer in Fraud Risk areas across Credit, Corporate Riskmanagement. Specializes in Fraud Control, Compliance QA ,ERM and Regulatory governance.HemantSeigell
22RESUMES - Our team Head – Taxation Risk Advisory B.Com, FCA Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotraand Mehrotra Over 19 years of experience in the field of Audit, Taxation, Company law matters. Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority ofIndia etc.RajeshJhalaniCredentialsPresident – Banking & Financial Services A senior researcher in Applied Mathematics leading to Ph.D after MSc (Mathematics),CWA, CAIIB Combined experience of 25+ years in corporate banking, risk management,international trade finance, development of risk rating models, project finance, creditmonitoring and NPA management Since 2006 conducting open / in-house training on the above domains to all Toppublic/ new and old private sector banks, top MNC banks (India and abroad), leadingNBFCs and corporates in manufacturing and financial services space; Worked on IFC(World Bank) funded projects for MSMEs in India and abroad Worked for Bank of Baroda and ICICI Bank – bestowed Top Performer Awardcontinuously two years during his tenure; widely travelled abroad for businessrelations, seminars, offering training, investor meetings, NYSE listing and forprocesses involving establishment of representative Office in USASivaramakrishnan
23RESUMES - Our team Credentials Vice President & Head – IT Risk Advisory Over 14+ Years of Experience in Information Security and Risk Management & CISMcertified Headed the Global Information Security team of Daimler (Mercedes-Benz) Worldwide atBangalore for 9 years, previously worked at organization like Wipro, Bangalore Labs Multi-sector experience including Banking, Insurance, Finance, Energy, Manufacturing,Retail, Hi-Tech & Telecom, and Automobile Well known Ethical hacker: Was featured in BusinessWorld Magazine in an article aboutleading ethical hackers in India and published several articles in Print and Online Media Rich experience in Information Security Audits across Corporations, 3rd Party Suppliers, JointVentures across several countries in the world including US, UK, China, GermanyAashishShrivastavRavikiranBhandari Vice President – Legal Risk Advisory B.B.A. LL.B. (Hons.) About half a decade experience in legal services to client’s with respect to Contractand Commercial Laws, Joint Ventures, Inbound & Outbound Investments, PrivateEquity Investment Transactions, Real Estate & Infrastructure, Energy and GeneralCorporate. Have advised various social enterprises and start ups in setting up business inIndia. Worked for the leading law firms of India such as FoxMandal Little.
24RESUMES - Our team CredentialsPhanindraPrakash Vice President – Riskpro India FCA [India], ACMA [India], CFE [USA], CertIFRS [UK] Over 16 years of extensive consulting experience which includes financial & systems audit,process transformation, implementation of internal controls, SOX compliance, fraud audits& due diligence, US-India taxation Engaged in consulting roles as trusted advisor to finance, internal audit and informationtechnology executives of multiple Fortune 1000 companies with project sites in US,Canada, Europe & Asia Worked with E&Y and Deloitte Consulting in USA Some of the major clients served internationally are GE Capital, UBS, McKesson, Eaton,Imation, Albertsons, EVP and Head – Telecom Risk Advisory M.Tech, IIT Kharagpur, India; IES; Doctoral study, research and teaching in LinkopingUniversity/Sweden; Lead Auditor (BVQI). Over 30 years on International experience in networks and mobile Handsets from topglobal companies /institutes like ISRO, Ericsson, Nokia, Nokia Siemens Networks andbased mostly in its head quarter locations in India, EU, USA. Expertise: Setting up capability, behaviour, culture in turning Risk, Quality, Innovation forcompetitive advantage, customer delight and sustainability; key skill sets are Engagement,Handholding, Coaching, Mentoring and lot of best practices, benchmarking/standards likeCMMI, TL9000, Six Sigma, ISO, SAS 70 etc.AsokSit
25Executive Vice President – Risk Management ( Banking & Financial Services) Professional Risk Manager with considerable domestic and international experience An aggregate experience of 30 + years across industry, mainly Banking in severalfunctional areas including Wholesale Credit Risk, Operational Risk, Trade Finance ,Retail Banking and Islamic Financial Services. Track record of setting up of excellence in the set-up, and management of credit andoperational risk, compliance and credit administration functions in retail, commercial ,Islamic Banking and offshore banking entities in the Middle East. Key strength includes Corporate Credits, Risk Management in IT, implementation ofRisk Management module in core banking Bank’s Policies, procedures, Country Risk.Played an active role in 3 core banking software implementations Worked for a Private Sector Bank in India, ABN AMRO Bank, Bahrain, Bank MuscatBahrain and BMI Bank Bahrain as AGM Risk Management.VijayanGovindarajanRESUMES - Our team Credentials
26RESUMES - Our team CredentialsSiddharthaGhosh Executive Vice President – Riskpro India CPA (USA), ACA, ACS, Grad CWA (India), MBA (USA), Associate ICPAS (Singapore) Over 25 years of extensive audit and industry experience which includes 19 years withRolls-Royce India Pvt Ltd at New Delhi and its associate and parent companies of Rolls-Royce in UK, USA and Singapore in all aspects of Finance, Taxation, Audit, Banking, Legal,Company Secretarial, Statutory compliances and due diligence, Internal Control, ESOP,Budgets, Cashflows, Forecasts, MIS Reporting, HR, Expatriate & Office Administration,Payroll, IT, Retirement Funds Administration, Shared Services, Project Accounts, etc. Worked with Price Waterhouse Coopers for 4 years with reputed MNCs, banks, Indiancorporate houses Worked with McNally Bharat Engineering Company Ltd for 4 yearsPritiTawari Vice President – Riskpro India B. Com, ACA, Dip. IFRS Over 6 years of extensive audit and industry experience in all aspects of Finance, Taxation,Audit, Legal, Company Secretarial, Statutory compliances and due diligence, InternalControl, Budgets, Cash flows, Forecasts, MIS Reporting, HR, Expatriate & OfficeAdministration, Payroll, IT, Project Accounts, etc. Worked with Price Waterhouse Coopers for 3 years in audit & assurance for reputedMNCs, Indian corporate houses. Engage in own practice since 2010 specialize in outsourcing of finance department in midsize MNCs and consultation in Indirect Taxes and Management Reporting
27RESUMES - Our team CredentialsManojKumarSenior Vice PresidentCAIIB20 Years of hard core banking experience in India’s most reputed banksacross wide functional areas.Worked with Central Bank of India, ICICI Bank, HDFC Bank, and AxisBank as Asst Vice President, Cluster Head, and Branch Head.Areas of expertise are Financial Risk Management, NPA-Credit-DebtManagement, Asset Reconstruction, Project Finance, and others.Accomplished several achievements in the functional areas of banking.