Risk Management Benchmarking


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Risk Management Benchmarking

  1. 1. Risk Management Benchmarking Services Riskpro, India 1
  2. 2. Who is Riskpro… Why us? ABOUT US MISSION Riskpro is an organisation of member firms around India devoted to client service  Provide integrated risk management excellence. Member firms offer wide range consulting services to mid-large sized of services in the field of risk management. corporate /financial institutions in India Currently it has offices in three major cities  Be the preferred service provider for Mumbai, Delhi and Bangalore and alliances complete Governance, Risk and Compliance in other cities. (GRC) solutions. Managed by experienced professionals with experiences spanning various industries. VALUE PROPOSITION DIFFERENTIATORS You get quality advisory, normally delivered by large consulting firms, at fee levels  Risk Management is our main focus charged by independent & small firms  Over 200 years of cumulative experience High quality deliverables  Hybrid Delivery model Multi-skilled & multi-disciplined organisation.  Ability to take on large and complex projects Timely completion of any task due to delivery capabilities Affordable alternative to large firms  We Hold hands, not shake hands. 2
  3. 3. Risk Management Advisory Services Basel II/III Advisory Corporate Risks Information Security  Market Risk  Enterprise Risk Assessment  IS Audit  Credit Risk  Fraud Risk  Information Security  Operational Risk  Risk based Internal Audit  IT Assurance  ICAAP  Operations Risk  IT Governance  Forensic servicesSERVICES Operational Risk Governance Other Risks  Process reviews  Corporate Governance  Business/Strategic Risk  Policy/ Process Review  Business Strategic risk  Reputation Risk  Process Improvement  Fraud Risk  Outsourcing Risk  Compliance Risk  Forensic Accounting  Contractual Risk Training Recruitment  Banking – E Learning  Virtual Risk Managers  Corporate Training  Full Time Risk Professionals  Regular Risk Management Training  Part time Risk Professionals  Online Training material  Risk Managers on call – free  Workshops / Events 3
  4. 4. Riskpro’s Network Presence New Delhi Agra Ahmedabad Kolkata Mumbai Pune Hyderabad Bangalore Salem 4
  5. 5. Risk Management Benchmarking Methodology Why Benchmark  Necessary to evaluate your risk management framework vis a vis competition to ensure minimal financial and reputation losses or atleast losses should not exceed industry average  To plug loop holes that management knows exist, and to indentify more of such gaps  A comprehensive exercise mandated by the Board to carry out a major revamp of old and outdated risk management framework  to understand how divisions or programs compare internally or to industry standards  To minimise overlaps with internal audit, compliance, to bring efficiencies and better integration of overall GRC framework How Benchmarked  Benchmarking to International Best practice - The risk management process will be compared with and measured against world wide best practice and international risk management standards  Risk Management Maturity Models will be used to evaluate the exiting maturity of risk frameworks and where the firm needs to evolve to.  Benchmarking exercise will assess all aspects of the risk management process by reviewing documentation, reports etc and interviews with key personnel 5
  6. 6. Benchmarking Overview – Evaluation of Risk ManagementFramework Execution of Define Scope Benchmarking Procedures Reporting Findings 1. Perform agreed procedures1.Only Holding company or 1. Final reportall entities across the group 2. Frequent interaction to share results and findings 2. PPT presentation to2. Gap Analysis only or Senior Managementprocess improvement along 3. Stay focused on value addedthe way procedures 3. Further related advisory 6
  7. 7. Risk Management Benchmarking Procedures appliedA. Risk Management Strategy and B. Risk Identification and Evaluation Governance 1. Methods used to identify risk1. Evaluation of risk strategy against best 2. Sources of risk, level of inherent risk practices 3. Extent to which risks have been identified2. Risk Appetite Framework at the appropriate level3. Adequacy of risk management standards 4. Risk definitions – including use of inherent and frameworks adopted (gross) and residual (net) risks4. Linkage to Corporate and business 5. Categories of Risk and how determined objectives with risk appetite 6. Risk workshops – approach used5. Setup of risk governance and effective of committees/charter 7. Use of scenario planning6. Risk culture and training, awareness 8. Advanced models to gauge risks7. Adoption of relevant regulatory requirement 9. Measuring the impact and the likelihood of such as AML/KYC, Risk reporting and occurrence of each risk •Approach adopted disclosure •Risk matrix – evaluation against best practice8. Review of internal audit reports on risk •How has the approach ensured consistency •Ease of understanding by managers using the management function process •Reliability of the information gathered 7
  8. 8. Risk Management Benchmarking Procedures appliedC. Assessment of Risk Mitigation D. Output from the Risk Process1. Approach adopted – workshops or other 1. Risk register – method adopted approach 2. Completeness of risk registers2. Risk Assessment – Adequacy of frequency 3. How has consistency been ensured and output of top risks 4. Approach adopted to deal with anomalies3. Method employed to assess risk mitigation 5. Risk owners – how have these been4. Identification of risk exposures determined5. Establishment of action plans. 6. How risk interdependencies have been6. Risk treatment analysis – how have the addressed cost/ benefits of dealing with exposures / 7. Reports for Senior Management exploiting opportunities been assessed? 8. Board reporting to review progress in7. Proper escalation and communication of addressing the exposures – method alerts, triggers of breaches adopted 9. Methodology for emerging risks 10. Risk disclosures – Regulatory and voluntary 8
  9. 9. Risk Management Benchmarking Procedures appliedE. Risk Principles and Risk F. Project Wrap up and Reporting Culture embedding 1. Final report with our major and moderate findings1. Approach adopted – workshops or other approach 2. Below each finding, a recommended improvement suggestions will be provided2. How have corporate risks been linked into the Strategic planning process 3. An overall list of minor issues noted will be attached as Annex3. Has the process been adopted across the organisation? 4. Final presentation to Board/Senior Management on the project4. How have operational risks into the business planning process 5. Undertaking additional assignments as a follow up of the report, depending upon the5. Approach adopted for risk tracking future scope agreed upon.6. How has the decision making process been influenced by the adoption of the formal risk management process?7. What benefits have been delivered?8. Integration of incident management9. Integration of Business Continuity planning10. Have risk champions been identified via the process? 9
  10. 10. Project Summary – Estimated CostsRisk Component Estimated Duration Estimated PricingRisk Management Benchmarking 4-6 weeks To be finalised after discussions of scopeTOTAL (exclusive of Service tax) TBDProject Exclusions Scope of our assignment will be as mentioned in the detailed proposal that we will submit to you. The benchmarking methodology is an illustration of the types of procedures carried out for various benchmarking exercise. Depending upon the project scope and budget, final procedures will be part of the engagement letter In particular, the following are not in scope for the current proposal.  Formulation or enhancement of any policy, process note or procedure documents  Implementation of any risk management component is excluded. Example Enhancing risk registers, creating risk reports, MIS information etc  Existing regulations will be used as a benchmark. 10
  11. 11. Riskpro’s other Services 11
  12. 12. Risk Management Trainings – Delivery Methods Onsite- Instructor Led Online- Web based Webinars Corporate Institutional trainings  Multi city delivery capability for  Interactive webinars on hot for senior management with training to large audience topics or customized areas for strategic interest areas global access audience  Suitable for frontline staff for Classroom trainings for junior/ induction and onboarding  Complimentary or Recorded mid level executives requirements versions for self paced re-cap and reference Delivered by knowledgeable  Delivered live by experts experts across industry providing topic outline  On demand services with select domains framework topics  Low cost model at regular  Conducted by industry experts intervals or fixed duration e- with Q&A session 12 learning platform
  13. 13. Our Recruitment services RECRUITMENTFull Time Staffing Riskpro is constantly building its network of Risk Professionals across India  Today, we can help you hire risk professionals at all levels of experience We differentiate from other recruitment firms, because, as Risk Managers ourselves, we are able to better match your requirements and candidate experience Our charge out rates are competitive  Slab rates. As we do more business with you, the rates come down.Temporary Staffing - The Project Team Pool of highly qualified staff with deep risk expertise Available for your short to medium term needs Varying levels of professionals available. Experience starting from 4 years to 20 years. All will have CA, ICWA or equivalent qualification. The Project employees pool will be available as per your needs and the employees on site can start/stop projects as per your master project plan. 13
  14. 14. Risk Based Internal Audit How we Do Internal Auditing helps an organization accomplish its objectives by bringing a Enterprise Risk systematic, disciplined approach to evaluate Assessment and improve the effectiveness of risk management, control and governance processes. Risk Need of Organizations Source: The Institute of Internal Auditors 1999 (IIA) Assessment Process Reviews Fraud Benefits of Risk based Audit Mitigation • Traditional audit view value added Control techniques Reviews •Risk profile of Businesses •Internal Controls & Ops Risk reviews Transaction •Cost reductions recommendations Audit •Review of Fraud Risk Controls Increasing Enterprise Risk Focus 14
  15. 15. Our Solution for Fraud Investigation How we Do Based on our understanding of your requirements, we have customized a package of our solution offerings to meet your needs. To detect and prevent fraud Our Solution For you and evaluate Code Of Benefits To You Conduct Compliance on following parameters :  Protects you from any Fraud Detection Resolve Monetary or Reputation damage Fraudulent Vendor Investigate Prioritize Recruiting new dealers, solutions and remedial  Code of conduct suppliers, franchisees or Analyze measures Source Root establishment distributors cause of Problem Anti-Fraud Measures Understanding Your Supply  Enables you to identify Quantify Loss Monitoring Compliance and Aut Chain and Suggest risks / control gaps possible Actions horization Obtaining And securing Evidence  Helps you identify any Workplace Practice To Monitor Your undisclosed production Background check for Process Solve Compliances employees Issues  Risk Mitigation Confidential Background check for Interviews with vendors customers Evaluating your need Prevent default of high value bills 15
  16. 16. IT Governance How we Do IS AUDIT • Operating Systems Audit • Database Audit • Networking Audit IT GOVERNANCE • Firewall Audit • COBIT • IDS Audit • ValIT • Web Application, Data Center Audit • Balanced Scorecard • Internet Banking, Core Banking Audit • IT & Business Maturity Models • Performance & Forensic Auditing •Application Systems - Functional review • Compliance with IS Policies & Procedures IT ASSURANCE • Business Continuity Planning • Computer Crime Investigations INFORMATION SECURITY • Training in IT • Penetration Testing • Compliance with IS Policies & • Application Systems - Security review Procedures • Review of IS Controls • BS 7799 / (ISO 27001) Implémentation • Formation of IS Security Policy • Compliance with IS Policies & Procedures 16
  17. 17. Riskpro Clients Our ClientsAny trademarks or logos used throughout this presentation are the property of theirrespective owners 17
  18. 18. Riskpro Training Credentials - ExampleCompany Training Details  One Day Fraud Risk Training in the Factoring Business  In-depth understanding of fraud schemes, fraud prevention measures  One Day Risk Management Training / ISO 31000 Training  Enterprise Risk Management Training with a focus on Strategic Risk, Reputation Risk and Outsourcing Risk  One Day intensive Enterprise Risk Management Training at Sanand, Gujarat  Training Led by Ex Head – Corporate Risk Management Larsen & Toubro  Half day session on Managing Corporate Governance Risks at the Board level  Similar trainings and programs at other public forums such as ASSOCHAM  Half Day training on Key Risk Indicators at Corporate Office  How to successfully choose effective KRI and implement leading and lagging KRI  One Day training on Corporate Fraud Risks at the Company’s offsite  Numerous case studies and interactive sessions 18
  19. 19. Team Experiences Our Experiences Our team members have worked at world class Companies Any trademarks or logos used throughout this presentation are the property of their respective owners 19
  20. 20. RESUMES – Our team Credentials  Co-Founder - Riskpro  CA, CPA, MBA-Finance (USA), FRM (GARP) Manoj Jain  Over 10 years international experience – 6 years in Bahrain and 4 years USA  15 years exp in risk management consulting and internal audits, Specialization in Operational Risk, Basel II, Sox and Control design  Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain), Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)  Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)  Co- Founder - Riskpro  CA (India), MBA (Netherlands), CIA (USA) Rahul Bhan  Over 15 years of extensive internal and external audit experience in India and abroad.  Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young Kuwait, Deloitte Netherlands and KPMG India.  Worked with clients in a wide variety of industries and countries including trading, retail and consumer goods, NGO, manufacturing and banking and finance. Major clients include banks, investment companies, manufacturing organizations, aviation etc. 20
  21. 21. RESUMES - Our team Credentials  Co-Founder - Riskpro Casper Abraham  PGD (Electrical & Electronics & Computer Programming)  30 years of experience in Information & Communications Technology (ICT) Solutions for Retail, Garments, Manufacturing, Services Industries.  Has created Companies, Divisions, Products, Brands, Teams & Markets.  Consulting in Business, Technology, Marketing & Sales & Strategic Planning.  Advisory, Training, Workshops & Implementation in Systems Thinking, Systems Modeling & Balanced Scorecard  Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,  Senior Vice President – Risk Management (Fraud Risk, BFSI)  MBA, PDFM, NSE-NCFM, PMP, CSSGB,Trained ISO 9001:2000 I.A Hemant Seigell  Professional with 17 years of rich experience into diverse Consumer finance/ Lending operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting & Housing finance in BFSI industry having successfully led key business strategic engagements across multi-product environment in APAC, Australia and US regions.  Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank  Highly skilled and expert Trainer in Fraud Risk areas across Credit, Corporate Risk management.  Specializes in Fraud Control, Compliance QA ,ERM and Regulatory governance. 21
  22. 22. RESUMES - Our team Credentials  Head – Taxation Risk Advisory Rajesh Jhalani  B.Com, FCA  Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra and Mehrotra  Over 19 years of experience in the field of Audit, Taxation, Company law matters.  Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of India etc. President – Banking & Financial Services  A senior researcher in Applied Mathematics leading to Ph.D after MSc (Mathematics), Sivaramakrishnan CWA, CAIIB  Combined experience of 25+ years in corporate banking, risk management, international trade finance, development of risk rating models, project finance, credit monitoring and NPA management  Since 2006 conducting open / in-house training on the above domains to all Top public/ new and old private sector banks, top MNC banks (India and abroad), leading NBFCs and corporates in manufacturing and financial services space; Worked on IFC (World Bank) funded projects for MSMEs in India and abroad  Worked for Bank of Baroda and ICICI Bank – bestowed Top Performer Award continuously two years during his tenure; widely travelled abroad for business relations, seminars, offering training, investor meetings, NYSE listing and for processes involving establishment of representative Office in USA 22
  23. 23. RESUMES - Our team Credentials  Vice President & Head – IT Risk Advisory Ravikiran Bhandari  Over 14+ Years of Experience in Information Security and Risk Management & CISM certified  Headed the Global Information Security team of Daimler (Mercedes-Benz) Worldwide at Bangalore for 9 years, previously worked at organization like Wipro, Bangalore Labs  Multi-sector experience including Banking, Insurance, Finance, Energy, Manufacturing, Retail, Hi-Tech & Telecom, and Automobile  Well known Ethical hacker: Was featured in BusinessWorld Magazine in an article about leading ethical hackers in India and published several articles in Print and Online Media  Rich experience in Information Security Audits across Corporations, 3rd Party Suppliers, Joint Ventures across several countries in the world including US, UK, China, Germany Vice President – Legal Risk Advisory Aashish Shrivastav   B.B.A. LL.B. (Hons.)  About half a decade experience in legal services to client’s with respect to Contract and Commercial Laws, Joint Ventures, Inbound & Outbound Investments, Private Equity Investment Transactions, Real Estate & Infrastructure, Energy and General Corporate.  Have advised various social enterprises and start ups in setting up business in India.  Worked for the leading law firms of India such as FoxMandal Little. 23
  24. 24. RESUMES - Our team Credentials Executive Vice President – Risk Management ( Banking & Financial Services) Vijayan Govindarajan  Professional Risk Manager with considerable domestic and international experience  An aggregate experience of 30 + years across industry, mainly Banking in several functional areas including Wholesale Credit Risk, Operational Risk, Trade Finance , Retail Banking and Islamic Financial Services.  Track record of setting up of excellence in the set-up, and management of credit and operational risk, compliance and credit administration functions in retail, commercial , Islamic Banking and offshore banking entities in the Middle East.  Key strength includes Corporate Credits, Risk Management in IT, implementation of Risk Management module in core banking Bank’s Policies, procedures, Country Risk. Played an active role in 3 core banking software implementations  Worked for a Private Sector Bank in India, ABN AMRO Bank, Bahrain, Bank Muscat Bahrain and BMI Bank Bahrain as AGM Risk Management. 24
  25. 25. Key Contacts Corporate Mumbai Delhi Bangalore Riskpro India Manoj Jain Rahul Bhan Casper Abraham Ventures (P) Limited Director Director Director M- 98337 67114 M- 99680 05042 M- 98450 61870 manoj.jain@riskpro.in rahul.bhan@riskpro.in casper.abraham@riskpro.in info@riskpro.in www.riskpro.in Sivaramakrishnan Hemant Seigell Vijayan Govindarajan President – Banking & FS SVP – Risk Management EVP – Risk Management C 561, Defence colony M- 98690 19311 M- 99536 97905 M- 99166 63652 New Delhi 110024 smaran.iyer@riskpro.in hemant.seigell@riskpro.in vijayan.govindarajan@riskpro.in Ahmedabad Pune Kolkata Gurgaon Maulik Manakiwala M.L. Jain Kashi Banerjee Nilesh Bhatia Associate Firm Principal – Strategy Risk EVP – Risk Management Head – Human Capital Mgt. M – 98256 40046 M- 98220 11987 M- 98304 75375 M- 98182 93434 mljain@riskpro.in kashi.banerjee@riskpro.in nilesh.bhatia@riskpro.in Gourav Ladha Sap Risk Advisory M- 97129 52955 Salem Ghaziabad Agra Hyderabad Chandrasekeran R Gupta Alok Kumar Agarwal Phanindra Prakash Recruitment franchisee Head – Insurance Risk Associate Firm Member Firm M – 94435 99132 M- 98101 07387 M- 99971 65253 M- 95500 61616Copyright- © 2012 Riskpro ,India .All rights reserved. 25
  26. 26. Key Contacts (Continued) Corporate Bangalore Riskpro India Ravikiran Bhandari Ventures (P) Limited VP – IT Risk Advisory M- 99001 69562 ravikiran.bhandari@riskpro.in info@riskpro.in www.riskpro.in C 561, Defence colony New Delhi 110024Copyright- © 2012 Riskpro ,India .All rights reserved. 26