Enterprise risk management (ERM) is a critical topic for banks given increased regulatory scrutiny and uncertainty in the market. The panel discussion at the ABA Risk Management Forum highlighted the value of ERM in improving decision making and preventing high-impact risks. While ERM is important, many organizations struggle with implementation due to issues like not embedding it in the culture or focusing too broadly. The discussion provided practical tips for understanding key ERM concepts and implementing it through a step-by-step process.
This document discusses how enterprise risk management (ERM) can help security leaders transform their roles. It provides an overview of ERM, outlining the key phases and processes involved. The security leader's background and experience make them well-positioned to play an important role in ERM. One security leader used ERM to ensure his department remained aligned with the company's strategic goals and supported a new initiative to expand into emerging markets. ERM provides a framework to manage risks across an organization in a coordinated way and help security leaders demonstrate their value through a strategic, enterprise-wide approach.
A brief and clear argumentation in favour of the personalisation approach in risk management procedures in large companies.
Taken from "Making better risk management decisions" by J. Birkinshaw and H. Jenkins.
DIFFERENCES BETWEEN ERM PRACTICES BETWEEN THE FINANCIAL AND CORPORATE SECTORS
DIFFÉRENCES DES PRATIQUES ERM ENTRE LES SECTEURS FINANCIERS ET CORPORATIFS
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
The document discusses lessons that can be learned from the financial crisis regarding effective risk management. It argues that risk management needs greater authority, senior executive leadership, and sufficient risk expertise at high levels. It also stresses the importance of combining quantitative risk model outputs with human judgment, paying attention to the quality of data used in models, and using stress testing and scenario planning to prepare for potential risks and events.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
1) The document discusses compliance risk as a critical business risk for asset managers. Compliance violations can seriously damage firms through reputational harm, legal penalties, and even cause the demise of firms like Galleon Management.
2) Regulators are pushing asset managers to strengthen enterprise risk management with compliance as a key component. Firms must take a comprehensive approach to identifying all risks, including emerging compliance risks.
3) Leading practices cited include integrating compliance fully into enterprise risk management for a single view of all risks, strong governance, and effective mitigation strategies to prevent serious compliance breaches like insider trading.
The document discusses reputation risk for financial institutions. It provides definitions of reputation and compares it to concepts like image and brand. Reputation is described as being based on a company's past actions and how trustworthy stakeholders perceive the company to be. The value of reputation comes from factors like financial performance, customer service, and governance. Maintaining a good reputation provides benefits like encouraging sales, attracting employees and investors, and gaining favor with regulators. The document notes that reputation risk is the number one concern for chief risk officers.
The presentation is from Mr. Mark Victor , Director, Deloitte Consulting, South Africa, from the just concluded African Round Table & Conference on Corporate Sustainability and Responsibility (AR-CSR™), which held in Tinapa Business Resort, Calabar, Cross River State between 20 to 21 June, 2013. Organised by ThistlePraxis Consulting Limited
The document discusses the increasing risks that directors and executives face from litigation and how approaches to risk management need to evolve. It notes that legislation like the Dodd-Frank Act and UK Bribery Act have made executives more personally liable. Modern risk managers require a diverse set of skills to help boards with strategic risk management. They must be able to discuss risks in the language of finance and connect risk considerations to business strategy and growth opportunities.
This document discusses how enterprise risk management (ERM) can help security leaders transform their roles. It provides an overview of ERM, outlining the key phases and processes involved. The security leader's background and experience make them well-positioned to play an important role in ERM. One security leader used ERM to ensure his department remained aligned with the company's strategic goals and supported a new initiative to expand into emerging markets. ERM provides a framework to manage risks across an organization in a coordinated way and help security leaders demonstrate their value through a strategic, enterprise-wide approach.
A brief and clear argumentation in favour of the personalisation approach in risk management procedures in large companies.
Taken from "Making better risk management decisions" by J. Birkinshaw and H. Jenkins.
DIFFERENCES BETWEEN ERM PRACTICES BETWEEN THE FINANCIAL AND CORPORATE SECTORS
DIFFÉRENCES DES PRATIQUES ERM ENTRE LES SECTEURS FINANCIERS ET CORPORATIFS
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
The document discusses lessons that can be learned from the financial crisis regarding effective risk management. It argues that risk management needs greater authority, senior executive leadership, and sufficient risk expertise at high levels. It also stresses the importance of combining quantitative risk model outputs with human judgment, paying attention to the quality of data used in models, and using stress testing and scenario planning to prepare for potential risks and events.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
1) The document discusses compliance risk as a critical business risk for asset managers. Compliance violations can seriously damage firms through reputational harm, legal penalties, and even cause the demise of firms like Galleon Management.
2) Regulators are pushing asset managers to strengthen enterprise risk management with compliance as a key component. Firms must take a comprehensive approach to identifying all risks, including emerging compliance risks.
3) Leading practices cited include integrating compliance fully into enterprise risk management for a single view of all risks, strong governance, and effective mitigation strategies to prevent serious compliance breaches like insider trading.
The document discusses reputation risk for financial institutions. It provides definitions of reputation and compares it to concepts like image and brand. Reputation is described as being based on a company's past actions and how trustworthy stakeholders perceive the company to be. The value of reputation comes from factors like financial performance, customer service, and governance. Maintaining a good reputation provides benefits like encouraging sales, attracting employees and investors, and gaining favor with regulators. The document notes that reputation risk is the number one concern for chief risk officers.
The presentation is from Mr. Mark Victor , Director, Deloitte Consulting, South Africa, from the just concluded African Round Table & Conference on Corporate Sustainability and Responsibility (AR-CSR™), which held in Tinapa Business Resort, Calabar, Cross River State between 20 to 21 June, 2013. Organised by ThistlePraxis Consulting Limited
The document discusses the increasing risks that directors and executives face from litigation and how approaches to risk management need to evolve. It notes that legislation like the Dodd-Frank Act and UK Bribery Act have made executives more personally liable. Modern risk managers require a diverse set of skills to help boards with strategic risk management. They must be able to discuss risks in the language of finance and connect risk considerations to business strategy and growth opportunities.
The document discusses several topics related to operational risk and compliance:
1. People risk/behaviours are a major component of operational risk and financial institutions. Poor people risk management can lead to failures and risks.
2. Compliance risk is a major concern for operational risk managers and should be monitored and mitigated like other operational risks. Compliance failures can have serious financial and reputational impacts.
3. There is overlap between operational risk and compliance functions. Effective communication is needed between the two to manage compliance risk as part of overall operational risk.
This document discusses accountability and conduct regimes that have been introduced by various regulators to promote individual accountability in financial institutions. It focuses on the Monetary Authority of Singapore's proposed Guidelines on Individual Accountability and Conduct. The guidelines aim to clearly identify senior managers responsible for core management functions, ensure senior managers are fit and proper for their roles, and establish standards of proper conduct for all employees. The document examines challenges for financial institutions in complying with the guidelines, such as mapping management structures and responsibilities in large, complex organizations operating across multiple jurisdictions. It also discusses ensuring clear ownership of risks across the three lines of defense.
Financial risk management involves identifying risks, measuring them, and developing plans to address risks, particularly credit risk and market risk. It focuses on when and how to hedge risks using financial instruments. Common risk management techniques across financial firms include independent risk assessments, controls on risk taking, and hedging risks with derivatives or reinsurance. While techniques are similar, firms focus more on risks dominant in their primary business lines, with commercial banks most concerned with credit and funding risks, securities firms with market risk, and insurers with ensuring adequate technical provisions.
The document outlines a Risk Management Protocol for the Saint Mary's University Students' Association. It defines risk and risk management, identifies types of risks the Association may face, and establishes processes for measuring, managing, and reporting on significant risks and contingency risks. The Protocol assigns roles and responsibilities for risk management, and establishes principles for the Association's overall approach to risk oversight.
The document discusses the importance of reputation resilience planning for businesses. It argues that reputation is an intangible asset determined by stakeholder perceptions, not owned by the organization. While operational resilience focuses on continuing operations during crises, reputation resilience requires sustaining positive stakeholder views. The Sony hack is used as an example of how a crisis can damage a company's reputation. The document advocates for integrating reputation risk management into overall risk processes to improve reputation competence across an organization.
The document discusses risk management and insurance for banks. It covers the following key points in 3 sentences:
The document provides an overview of risk management and insurance for banks, including the importance of identifying risks, implementing controls, and determining whether to retain or transfer risks through various insurance options. It discusses various types of insurance available to banks, with a focus on fidelity bonds which cover losses from employee dishonesty, robbery, and other risks. Procedures for examiners are outlined to assess the adequacy of banks' risk management and insurance programs based on their specific risk exposures and attempts to obtain necessary coverage.
The document discusses corporate risk management. It defines risk as events that can damage a company's income and reputation. Risk is inherent in all businesses and managing it is important. The document outlines the risk management process, which includes determining objectives, identifying risks, evaluating risks, developing policies and strategies, implementing policies, and reviewing effectiveness. It also discusses sources of risk like interest rate risk, exchange risk, and business risk. Risk management techniques can be internal, involving day-to-day operations, or external, involving financial contracts with other entities. Guidelines for effective risk management include using flexible strategies and bringing risk to an optimal level for the company.
Overview of Enterprise Risk Management (ERM)Segun Ogunwale
This document provides an introduction to enterprise risk management (ERM) concepts. It discusses ERM concepts such as risk, risk management, and the evolution of ERM from focusing only on financial risks to a more holistic approach. It also covers ERM definitions, frameworks, roles and responsibilities, and benefits. Examples of risks for the public sector are also presented, along with conclusions on implementing ERM as a strategy and corporate culture.
The document provides a risk assessment of JPMorgan Chase following a 2014 data breach that compromised 83 million customer records. It identifies stakeholders, assets, and six main risks: 1) Inadequate controls allowing external access to data and systems, 2) Lack of customer data monitoring enabling long intrusions, 3) Slow technology adaptation leaving the bank vulnerable, and 4) Inefficient security communication. For each risk, drivers are analyzed and current/planned mitigations are described, such as access controls, third-party oversight, training, and a security-focused culture. The assessment follows the ISO 31000 risk management framework.
The DNA of The Greek CFO - Ernst & Youngddelonas
In 2010, Ernst & Young published
The DNA of the CFO,1 a report that provided
insight into what it is to be a chief financial
officer. The report was based on our analysis
of a survey of 669 CFOs from across Europe,
the Middle East, India and Africa (EMEIA), along
with a program of in-depth interviews with
leading CFOs and finance directors from
these regions.
In this country-specific report, we focus on the
changing role, responsibilities and challenges
of CFOs based in Greece. The report is based
on a survey, conducted in late 2011, of 65 CFOs
and finance directors, who are either CFOs
of companies headquartered in Greece, or of
Greek subsidiaries of major multinationals.
Almost two-thirds of respondents represent
companies with annual revenues in excess
of €50m. To supplement the survey,
Ernst & Young also conducted a number
of in-depth interviews with CFOs and finance
directors based in Greece.
Discussion of reputation risk and how to incorporation reputation management into a business in order to build resiliency and growth. Presented at the 3rd International Reputation Management Conference in Istanbul, Turkey, in November 2014
This document discusses improving organizational risk management. It begins by describing traditional risk management principles like risk sharing and diversification. However, it notes that modern interconnected organizations face novel risks from factors like tightly coupled systems and networks. These nontraditional risks can have unexpectedly large cascading impacts. The document then examines how questions of trust and uncertainty about other parties' commitments and reliability introduce political, economic and organizational risks. It argues traditional risk management needs augmenting to address risks arising from limited trustworthiness between organizations.
An introduction to risk management concepts for future outdoor leaders. It serves up metaphors and poses suitable questions for other forms of risk management.
This document discusses the development of enterprise risk management (ERM) in the insurance industry. It provides context on how the Global Financial Crisis highlighted weaknesses in risk management and increased regulatory focus on ERM. It outlines how ERM frameworks assess different types of risk, establish risk appetites and tolerances, and integrate risk considerations into strategic decision making. The role of actuaries in leading ERM implementation for insurers is also discussed.
Tools &Techniques for Effective Risk Management V3.0cgautam
The document outlines the traditional view of risk management and its flaws. It discusses the need for an enterprise-wide approach to risk management (ERM) to address changing internal and external requirements. The ERM process involves environment scanning, strategic alignment, event identification, risk assessment, and risk response planning. It should have clear roles and responsibilities defined across the organization and be integrated into strategic decision making. Overall the document provides an overview of ERM and its benefits over traditional risk management approaches.
Thoughts on Direction of Ops Risk Management -V4 0Amrut Joshi
The document discusses risk management and operational risk. It provides context on the tumultuous global economic environment of the last decade which brought focus to risk management. However, some question if current risk management practices are adequate given failures still occurred. The document then discusses various studies on risk management and findings that risks are about human decisions. Therefore, influencing business decisions is important to manage risks and avoid failures. It introduces the concept of "behavioural risk management" and capturing the experience of being embedded within business to influence decisions from the first line of defence.
This document summarizes the key findings of a survey conducted by Harvard Business Review Analytic Services on leadership in risk management at European companies. The main points are:
1) Responsibility for risk management is increasingly concentrated at the top levels, with either the CRO, CEO/CFO, or board having direct responsibility at many companies.
2) Companies are emphasizing strong board engagement and regular communication with the C-suite on risk exposures. However, communication between the C-suite and CRO needs improvement at some companies.
3) While risk management is aligning with company strategies, companies are making less progress integrating it into strategic projects like mergers. Adopting risk-based incentives is also slow
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2Tim Leech
The document discusses the need for a paradigm shift in enterprise risk management (ERM) and internal audit approaches from a risk-centric model to an objective-centric model. It argues the current risk-centric models that rely on risk registers are flawed because they look at risks in isolation rather than linking them to organizational objectives. It proposes boards require management to regularly report on residual risk status linked to key value creation and preservation objectives. This would position management as primarily responsible for risk assessment rather than traditional ERM and internal audit groups. It acknowledges there are significant barriers to change, including guidance materials, skills gaps, and reluctance to change entrenched practices.
Common Risk Management failures include lack of organizational integration, outdated risk measurement capabilities, and failure to view risk management as an enabler of long-term competitive advantage rather than just a preventative measure. Major challenges in establishing effective ERM include organizational silos, growing and changing risks, and cost pressures. As risk management becomes more strategic, companies are expected to increase spending to improve risk capabilities across the organization.
This document discusses challenges facing enterprise risk management (ERM) professionals. Interviews with ERM executives revealed common themes of feeling diminished relevance, questioning their significance to leadership, and dealing with uncertainty in their roles. When times are tough, organizations seek more validation of ERM's value. Relationships can become strained during debates over ERM ownership. The document calls for ERM professionals to reflect on stress management techniques and maintaining resilience amid these challenges.
The document discusses several topics related to operational risk and compliance:
1. People risk/behaviours are a major component of operational risk and financial institutions. Poor people risk management can lead to failures and risks.
2. Compliance risk is a major concern for operational risk managers and should be monitored and mitigated like other operational risks. Compliance failures can have serious financial and reputational impacts.
3. There is overlap between operational risk and compliance functions. Effective communication is needed between the two to manage compliance risk as part of overall operational risk.
This document discusses accountability and conduct regimes that have been introduced by various regulators to promote individual accountability in financial institutions. It focuses on the Monetary Authority of Singapore's proposed Guidelines on Individual Accountability and Conduct. The guidelines aim to clearly identify senior managers responsible for core management functions, ensure senior managers are fit and proper for their roles, and establish standards of proper conduct for all employees. The document examines challenges for financial institutions in complying with the guidelines, such as mapping management structures and responsibilities in large, complex organizations operating across multiple jurisdictions. It also discusses ensuring clear ownership of risks across the three lines of defense.
Financial risk management involves identifying risks, measuring them, and developing plans to address risks, particularly credit risk and market risk. It focuses on when and how to hedge risks using financial instruments. Common risk management techniques across financial firms include independent risk assessments, controls on risk taking, and hedging risks with derivatives or reinsurance. While techniques are similar, firms focus more on risks dominant in their primary business lines, with commercial banks most concerned with credit and funding risks, securities firms with market risk, and insurers with ensuring adequate technical provisions.
The document outlines a Risk Management Protocol for the Saint Mary's University Students' Association. It defines risk and risk management, identifies types of risks the Association may face, and establishes processes for measuring, managing, and reporting on significant risks and contingency risks. The Protocol assigns roles and responsibilities for risk management, and establishes principles for the Association's overall approach to risk oversight.
The document discusses the importance of reputation resilience planning for businesses. It argues that reputation is an intangible asset determined by stakeholder perceptions, not owned by the organization. While operational resilience focuses on continuing operations during crises, reputation resilience requires sustaining positive stakeholder views. The Sony hack is used as an example of how a crisis can damage a company's reputation. The document advocates for integrating reputation risk management into overall risk processes to improve reputation competence across an organization.
The document discusses risk management and insurance for banks. It covers the following key points in 3 sentences:
The document provides an overview of risk management and insurance for banks, including the importance of identifying risks, implementing controls, and determining whether to retain or transfer risks through various insurance options. It discusses various types of insurance available to banks, with a focus on fidelity bonds which cover losses from employee dishonesty, robbery, and other risks. Procedures for examiners are outlined to assess the adequacy of banks' risk management and insurance programs based on their specific risk exposures and attempts to obtain necessary coverage.
The document discusses corporate risk management. It defines risk as events that can damage a company's income and reputation. Risk is inherent in all businesses and managing it is important. The document outlines the risk management process, which includes determining objectives, identifying risks, evaluating risks, developing policies and strategies, implementing policies, and reviewing effectiveness. It also discusses sources of risk like interest rate risk, exchange risk, and business risk. Risk management techniques can be internal, involving day-to-day operations, or external, involving financial contracts with other entities. Guidelines for effective risk management include using flexible strategies and bringing risk to an optimal level for the company.
Overview of Enterprise Risk Management (ERM)Segun Ogunwale
This document provides an introduction to enterprise risk management (ERM) concepts. It discusses ERM concepts such as risk, risk management, and the evolution of ERM from focusing only on financial risks to a more holistic approach. It also covers ERM definitions, frameworks, roles and responsibilities, and benefits. Examples of risks for the public sector are also presented, along with conclusions on implementing ERM as a strategy and corporate culture.
The document provides a risk assessment of JPMorgan Chase following a 2014 data breach that compromised 83 million customer records. It identifies stakeholders, assets, and six main risks: 1) Inadequate controls allowing external access to data and systems, 2) Lack of customer data monitoring enabling long intrusions, 3) Slow technology adaptation leaving the bank vulnerable, and 4) Inefficient security communication. For each risk, drivers are analyzed and current/planned mitigations are described, such as access controls, third-party oversight, training, and a security-focused culture. The assessment follows the ISO 31000 risk management framework.
The DNA of The Greek CFO - Ernst & Youngddelonas
In 2010, Ernst & Young published
The DNA of the CFO,1 a report that provided
insight into what it is to be a chief financial
officer. The report was based on our analysis
of a survey of 669 CFOs from across Europe,
the Middle East, India and Africa (EMEIA), along
with a program of in-depth interviews with
leading CFOs and finance directors from
these regions.
In this country-specific report, we focus on the
changing role, responsibilities and challenges
of CFOs based in Greece. The report is based
on a survey, conducted in late 2011, of 65 CFOs
and finance directors, who are either CFOs
of companies headquartered in Greece, or of
Greek subsidiaries of major multinationals.
Almost two-thirds of respondents represent
companies with annual revenues in excess
of €50m. To supplement the survey,
Ernst & Young also conducted a number
of in-depth interviews with CFOs and finance
directors based in Greece.
Discussion of reputation risk and how to incorporation reputation management into a business in order to build resiliency and growth. Presented at the 3rd International Reputation Management Conference in Istanbul, Turkey, in November 2014
This document discusses improving organizational risk management. It begins by describing traditional risk management principles like risk sharing and diversification. However, it notes that modern interconnected organizations face novel risks from factors like tightly coupled systems and networks. These nontraditional risks can have unexpectedly large cascading impacts. The document then examines how questions of trust and uncertainty about other parties' commitments and reliability introduce political, economic and organizational risks. It argues traditional risk management needs augmenting to address risks arising from limited trustworthiness between organizations.
An introduction to risk management concepts for future outdoor leaders. It serves up metaphors and poses suitable questions for other forms of risk management.
This document discusses the development of enterprise risk management (ERM) in the insurance industry. It provides context on how the Global Financial Crisis highlighted weaknesses in risk management and increased regulatory focus on ERM. It outlines how ERM frameworks assess different types of risk, establish risk appetites and tolerances, and integrate risk considerations into strategic decision making. The role of actuaries in leading ERM implementation for insurers is also discussed.
Tools &Techniques for Effective Risk Management V3.0cgautam
The document outlines the traditional view of risk management and its flaws. It discusses the need for an enterprise-wide approach to risk management (ERM) to address changing internal and external requirements. The ERM process involves environment scanning, strategic alignment, event identification, risk assessment, and risk response planning. It should have clear roles and responsibilities defined across the organization and be integrated into strategic decision making. Overall the document provides an overview of ERM and its benefits over traditional risk management approaches.
Thoughts on Direction of Ops Risk Management -V4 0Amrut Joshi
The document discusses risk management and operational risk. It provides context on the tumultuous global economic environment of the last decade which brought focus to risk management. However, some question if current risk management practices are adequate given failures still occurred. The document then discusses various studies on risk management and findings that risks are about human decisions. Therefore, influencing business decisions is important to manage risks and avoid failures. It introduces the concept of "behavioural risk management" and capturing the experience of being embedded within business to influence decisions from the first line of defence.
This document summarizes the key findings of a survey conducted by Harvard Business Review Analytic Services on leadership in risk management at European companies. The main points are:
1) Responsibility for risk management is increasingly concentrated at the top levels, with either the CRO, CEO/CFO, or board having direct responsibility at many companies.
2) Companies are emphasizing strong board engagement and regular communication with the C-suite on risk exposures. However, communication between the C-suite and CRO needs improvement at some companies.
3) While risk management is aligning with company strategies, companies are making less progress integrating it into strategic projects like mergers. Adopting risk-based incentives is also slow
Paradigm Paralysis in ERM & IA EB7_p48-51 Tim Leech v2Tim Leech
The document discusses the need for a paradigm shift in enterprise risk management (ERM) and internal audit approaches from a risk-centric model to an objective-centric model. It argues the current risk-centric models that rely on risk registers are flawed because they look at risks in isolation rather than linking them to organizational objectives. It proposes boards require management to regularly report on residual risk status linked to key value creation and preservation objectives. This would position management as primarily responsible for risk assessment rather than traditional ERM and internal audit groups. It acknowledges there are significant barriers to change, including guidance materials, skills gaps, and reluctance to change entrenched practices.
Common Risk Management failures include lack of organizational integration, outdated risk measurement capabilities, and failure to view risk management as an enabler of long-term competitive advantage rather than just a preventative measure. Major challenges in establishing effective ERM include organizational silos, growing and changing risks, and cost pressures. As risk management becomes more strategic, companies are expected to increase spending to improve risk capabilities across the organization.
This document discusses challenges facing enterprise risk management (ERM) professionals. Interviews with ERM executives revealed common themes of feeling diminished relevance, questioning their significance to leadership, and dealing with uncertainty in their roles. When times are tough, organizations seek more validation of ERM's value. Relationships can become strained during debates over ERM ownership. The document calls for ERM professionals to reflect on stress management techniques and maintaining resilience amid these challenges.
Enterprise risk management is an underutilized management practice that allows community-based financial institutions to become more efficient, smarter, and better able to compete in an increasingly complex environment.
WolfPAC Solutions Group Director Michael Cohn creates a strong case on why community-based financial institutions should implement an enterprise risk management program to reduce costs and successfully achieve business goals in an increasingly competitive and regulated environment.
The document outlines an agenda for a 2009 conference on internal audit solutions that will discuss the evolving roles of the Chief Risk Officer and Chief Audit Executive, strategies for an effective partnership between these roles, and how the current economic crisis has impacted enterprise risk management approaches. It also provides background on the development of these risk management roles and compares the key responsibilities of the Chief Risk Officer and Chief Audit Executive.
I need response to Discussion post in 200 words.docxwrite4
This document discusses efficient frontier analysis and strategic risk management. It provides context for how efficient frontier analysis can help organizations identify projects that determine appropriate risks and investments. Strategic risk management allows organizations to better understand risk across divisions to inform decision making. Quantitative financial and behavioral models are increasingly used to analyze risk portfolios. Strategic risk management creates opportunities for interaction across an organization to holistically assess risk.
I need response to Discussion post in 200 words.docxsdfghj21
This document discusses efficient frontier analysis and strategic risk management. It provides context for how efficient frontier analysis can help organizations identify projects that determine appropriate risks and investments. Strategic risk management allows organizations to better understand risk across divisions to inform decision making. Quantitative financial and behavioral models are increasingly used to analyze risk portfolios. Strategic risk management creates opportunities for interaction across an organization to holistically assess risk.
I need a response to the discussion in APA format.docxbkbk37
Enterprise risk management (ERM) is a process used by companies to reduce risks that affect earnings and capital. It involves planning, organizing, and managing risks related to strategy, operations, finance, and accidents. Key elements of ERM include assessing significant risks and implementing appropriate risk responses like risk acceptance, avoidance, transfer, or mitigation. The University of California used ERM to decrease overall risk by advancing their program and regularly updating risk plans. Risk governance and culture are also important components that drive effective ERM programs.
I need a response to the discussion in APA format.docx4934bk
Enterprise risk management (ERM) is a process used by companies to plan for, manage, and mitigate risks that could impact earnings and capital. ERM addresses strategic, operational, financial, and accidental risks. Key elements of ERM include assessing significant risks and implementing appropriate risk responses such as risk acceptance, avoidance, transfer, or mitigation. The University of California adopted ERM to reduce overall risk and its Office of Risk Management regularly updates risk plans. Risk governance and culture are critical components of an effective ERM program.
Enterprise Risk Management (ERM); From theory to practiceSegun Ogunwale
This document outlines the theory and practice of enterprise risk management (ERM). It discusses how ERM works differently in private versus public sector organizations due to differences in goals and risk tolerance. The document proposes a framework for implementing ERM with five phases: risk governance, risk assessment, risk quantification, risk monitoring and reporting, and risk optimization. It also describes steps to implement ERM such as obtaining buy-in, building an ERM foundation, conducting risk assessments, ongoing monitoring, and developing reporting. Roadblocks to implementation like resistance to change are also addressed.
1) Enterprise risk management (ERM) and governance-risk-compliance (GRC) are approaches that have emerged in the past decade but there is no consensus on how they relate.
2) Currently, GRC is seen as a top-down process that sets risk requirements, while ERM identifies and reports on risks, but the document argues this view is flawed.
3) The document contends that ERM should drive risk assessment and response, informing governance and compliance, rather than the other way around. With ERM in charge of holistic risk management, conflicts can be reduced and risks better addressed.
This document is a term paper submitted by Anu Damodaran to her faculty guide, Mr. C.T. Sunil, in partial completion of her MBA program at Amity University in Dubai. The paper is titled "To study ERM - A competitive edge for the company and how it adds value to its shareholders". The introduction provides background on enterprise risk management (ERM) and its importance for businesses facing various strategic, market, operational and financial risks. The paper will review literature on ERM and explore how companies can implement ERM through risk mapping and maturity models. It will also discuss the advantages, suitability and limitations of ERM for businesses.
This chapter discusses risk management, corporate strategy, and corporate governance. It defines governance and explains the nexus between risk management and strategy. The objectives of risk management are to identify potential problems in advance and have plans to address them. Corporate strategy and governance provide direction and structure for organizations. Effective risk management requires consideration of both financial and non-financial risks at both the strategic and operational levels. Risks can be managed at the corporate, department, borough and project levels. Strategic risk management identifies risks that could impact business strategy. Culture and leadership play important roles in risk management. State-owned enterprises and unlisted companies also require tailored risk management practices. Challenges in implementing enterprise-wide risk management include issues related to culture
Narayana Rao Mahankali Week 11 - DiscussionCOLLAPSETop of Fo.docxvannagoforth
Narayana Rao Mahankali
Week 11 - Discussion
COLLAPSE
Top of Form
Week 11 – Discussion:
ERM Measures & Mini case studies:
The organization's ERM goal ought to be to quantify and express the normal result from accomplishing them. The result ought to be based, to the degree conceivable, on the normal helpful effect on the execution estimates that are utilized to run the organization. This kind of rule suggests, obviously, that the organization as of now has set up unmistakably verbalized and surely knew execution proportions of this sort. The types of risks that ERM to cover and the ERM measures that the organization should implement to monitor risks include in the following broad categories: Financial, Operational, Hazard, Strategic plans.
The key measures I will recommend that Akawini uses in the monitoring of both progress and performance is to follow in characterizing the risk types a given organization should cover in its ERM program and that organization supervisors need to take care of and oversee in an incorporated manner is that the risks matter most to the organization's strategic goals. Managers need an unmistakable, normal comprehension of what the organization implies by those risks and why they are vital to the company’s performance.
In setting the extent of their ERM program, organization leaders need to verify that the extent of risks and extent of processes are aligned and that they are probably going to enable the organization to achieve the ERM objectives they have officially set. Also, in deciding the administration procedures to be influenced, they should be sensible about the level of impact the ERM work can apply on the officeholder owners of these influenced procedures authoritative turf is ordinarily referred to as a main leading obstacle to compelling ERM. The pragmatic result is that the underlying scope is frequently less broad than the long-term desired scope.
References:
· Fraser, J., Simkins, B. & Narvaez, K. (2014). Implementing enterprise risk management: Case studies and best practices. Wiley & Sons.
· https://www.logicmanager.com/erm-software/2018/09/05/how-to-measure-your-enterprise-risk-management-effectiveness/
Bottom of Form
Srilekha Dasari
week 11
COLLAPSE
Top of Form
The Akawini copper company is a mining company with an international concern for the minerals. The company uses Enterprise Risk Management to ensure the effectiveness of its operations. The risk management system for the Akawini Company when shipping the concentrate to the port by the use of the trucks. The ERM is also important for the managing of the 1500 employees working in the suite and the port. The implemented framework for the management of the risks in the company is not effective because it is not likely to yield more profits ("Implementing Enterprise Risk Management: Case Studies and Best Practices", 2019).
The risk assessment should be done monthly or quarterly and not on an annual basis. It is important to track the progres ...
CHAPTER 34Turning Crisis into OpportunityBuilding an ERM.docxketurahhazelhurst
CHAPTER 34
Turning Crisis into Opportunity
Building an ERM Program at General Motors
MARC S. ROBINSON
Assistant Director, Enterprise Risk Management, GM
LISA M. SMITH
Assistant Director, Enterprise Risk Management, GM
BRIAN D. THELEN
General Auditor, GM
This case study chronicles the ground-up implementation of enterprise riskmanagement (ERM) at General Motors Company (GM), starting in 2010through the first four years of implementation. Discussion topics include
lessons learned during implementation and some of the unique approaches, tools,
and techniques that GM has employed. Examples of senior management reporting
are also included.
I think risk management is an element of all good executive management teams
and boards. It will ensure viability in downturns and high-risk periods. I think if
that is done not only within the automotive industry, but on a global and specif-
ically on a national scale, economies will be in better shape because it is additive.
If everybody is doing their job in assessing and understanding risk, the ultimate
outcome will be much more positive for our national economy and society, and it
is incumbent that corporate leadership understands that responsibility.
—Daniel F. Akerson, Chairman and Chief Executive Officer,
General Motors, October 2012
BACKGROUND AND IMPLEMENTATION
The enterprise risk management (ERM) program at General Motors was founded
in late 2010 at the direction of GM’s then newly appointed chief executive officer
(CEO), Daniel F. Akerson, who sought to leverage the program as another means to
achieve a competitive advantage in the industry. Having gone through bankruptcy
in 2009 as a new board member, Akerson felt that a more robust risk management
program would help guide the organization around the drivers of killer risks1
going forward. His goal was to help the company ensure that it was prepared,
607
www.it-ebooks.info
608 Implementing Enterprise Risk Management
agile, and fast to respond in an ever-changing world. Perhaps most importantly,
Akerson wanted an ERM program that would focus not only on risks but on oppor-
tunities as well.
A chief risk officer (CRO) was selected and appointed from within, and the
Finance and Risk Policy Committee of the board of directors was chartered to over-
see risk management as well as financial strategies and policies. In support of the
program, a senior manager and director joined the team. Risk officers were also
identified and aligned to all direct reports of the CEO; this helped to ensure that
all aspects of the business were covered. The CEO is the ultimate chief risk officer,
and his direct reports are the ultimate risk owners. Members of the risk officer team
were carefully selected by senior leadership based on their strong business expe-
rience, financial acumen, and most of all their ability to lead in the identification
and discussion of risk in an objective and transparent manner. These representa-
tives were expected to actively p ...
The new guidance is based on IRM’s professional standards and is aimed at organisations of all types seeking to recruit a Chief Risk Officer (CRO), perhaps their first, or to make other senior risk appointments.
Erm Presentation Bsw Approach & Methodologysteinkamps6
The document discusses enterprise risk management (ERM) and Brown Smith Wallace's (BSW) approach to ERM. It describes the components of BSW's ERM strategy, which are based on establishing an ERM structure aligned with corporate governance. The components include risk environment, communication, ERM structure/governance, risk assessment, risk mitigation, and monitoring. It then provides more details on each component and BSW's 5-phase ERM project approach.
This document discusses risk management in the corporate sector and the role of corporate governance. It makes three key points:
1) Corporate governance is important for managing and reducing risk in organizations, as good governance can help firms avoid risks that could damage them. Managing risk effectively allows firms to maximize profits and maintain a healthy environment.
2) There are newer and more complex risks emerging for corporate boards to oversee, such as reputational risk from a lack of transparent reporting and cybersecurity risks from increased technology usage. Boards must understand the risks companies face to make strategic decisions.
3) Effective risk management involves identifying, assessing, and prioritizing all potential risks. While eliminating all risk is impossible, corporate boards
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
April 2010 - Journal of Securities Law, Regulation & Compliance Volume 3 Number 2
Compliance risk: A critical business risk
for asset managers
ABSTRACT
2010 presents a historical moment to define the
path forward to the ‘future of enterprise risk
management and mitigation strategies’ of
increasing compliance risk for asset managers.1–4
The recent financial crises and cases of material
compliance violations, Ponzi schemes, fraudulent
activities, misappropriation of investors’ assets
and collapse of major financial firms have had
significant, harmful impact on investors and
shareholders. Serious compliance violations, such
as insider trading, have proven to be self-destructive
to asset managers. No one is immune to
these trends. ‘Enterprise Risk Management —
2010 and Beyond Forward Looking Approach
by Asset Managers’ is a series of papers dedicated
to regulatory developments and industry best practices in the enterprise risk management
with a focus on ‘compliance risk: a critical business
risk for asset managers’.
This standard provides guidelines for conducting risk management. It defines key terms like risk and outlines the risk management process. The process involves risk assessment, which includes risk identification, analysis, and evaluation. Risks can originate from external and internal factors and threaten an organization's objectives. Following the risk assessment, risks are evaluated, treated, monitored, and reported on to support strategic decision making and increase organizational efficiency. Regularly updating the standard based on best practices will help risk management remain an effective process.
Similar to Banking industry Hot Topics - Forum in New Orleans (20)
Produkcja prawa zwolniła, ale nadal przytłacza firmyGrant Thornton
W 2017 r. w życie weszło 27,1 tys. stron nowych aktów prawnych, czyli o 15 proc. mniej niż rok wcześniej. Na tym jednak dobre wiadomości się kończą – wynika z raportu Grant Thornton.
Stabilność prawa to jeden z warunków długotrwałego rozwoju gospodarczego. Nadmierna zmienność regulacji nie tylko utrudnia firmom działalność, naraża je na kary i grzywny, ale też zniechęca przedsiębiorców do podejmowania inwestycji. Żeby mierzyć skalę zmienności prawa, uruchomiliśmy trzy lata temu swój „Barometr otoczenia prawnego w polskiej gospodarce”, czyli projekt badawczy, który na konkretnych liczbach pokazuje, jak dużo prawa produkuje się w Polsce w danym okresie.
10 najważniejszych zmian w podatkach ostatnich dwóch latGrant Thornton
Ranking najważniejszych z punktu widzenia podatnika zmian w przepisach podatkowych, które weszły w życie przez pierwsze dwa lata obecnej kadencji rządu
Polskie firmy nie chcą rozwijać nowych produktów Grant Thornton
Firma, aby się rozwijać, musi stale wprowadzać na rynek nowe produkty i usługi. W innym wypadku zostanie wyprzedzona przez bardziej dynamiczną konkurencję.
Jak pod tym względem wypadają obecnie polskie firmy? Zapraszamy do zapoznania się z wynikami badania przeprowadzonego przez Grant Thornton wśród średnich i dużych przedsiębiorstw z 33 krajów świata
Z przyjemnością prezentujemy kolejną edycję „Purpurowego Informatora”, czyli cyklu analiz, w którym omawiamy ważne dla przedsiębiorców kwestie prawne, księgowe i kadrowe.
Tym razem tematem naszego cyklu jest Jednolity Plik Kontrolny (JPK). Co to jest? Do czego służy? Jacy podatnicy mają obowiązek przekazywania JPK? Odpowiedzi na te i inne pytania znajdą Państwo w poniższym materiale.
The document provides guidance on applying the new IFRS 15 revenue recognition standard to companies in the real estate and construction industries. It discusses the five steps in IFRS 15's control-based model for recognizing revenue: 1) identifying contracts with customers, 2) identifying performance obligations, 3) determining transaction price, 4) allocating price to obligations, and 5) recognizing revenue. Key impacts include changes to the criteria for over time vs. point in time revenue recognition and expanded disclosures. Real estate companies will need to evaluate contracts carefully under the new standard.
Zmiany w przepisach o ochronie danych osobowychGrant Thornton
W maju 2018 roku zacznie obowiązywać unijne rozporządzenie o ochronie danych osobowych. Nowe przepisy będą dotyczyć wszystkich podmiotów, które na terenie UE przetwarzają dane w sposób zautomatyzowany. Warto zapoznać się z najważniejszymi zmianami zachodzącymi w rozporządzeniu i rozpocząć przygotowania już teraz.
Poland sustains good climate for international businessGrant Thornton
- The survey found that Poland has sustained a good investment climate and most foreign investors would choose to invest in Poland again if given the opportunity.
- Investors gave Poland an average rating of 3.72 out of 5 for its investment climate, the highest rating in the survey's 10-year history.
- While investors view factors like market size, economic stability and human resources positively, they see areas like legal stability and predictability, tax regulations, and the court system as opportunities for improvement.
Rekordowe wyniki rynku Catalyst w 2016 rokuGrant Thornton
Wartość nieskarbowych instrumentów dłużnych notowanych na Catalyst osiągnęła na koniec czwartego kwartału 2016 roku 81,8 mld zł, co było najwyższym wynikiem od momentu powstania rynku Catalyst – wynika z przygotowanego przez nas raportu pod patronatem Giełdy Papierów Wartościowych w Warszawie.
Festiwalowe szaleństwo na studencką kieszeńGrant Thornton
Średni koszt wyjazdu na festiwal muzyczny latem 2017 r. to 1530,04 zł – wynika z naszego raportu. Spośród największych europejskich festiwali najtaniej spędzisz czas na Coulors of Ostrava. Najbardziej ceną kuszą jednak polskie imprezy, zwłaszcza Przystanek Woodstock.
Grant Thornton’s transactional teams advised on a number of high profile deals throughout Europe in 2016, driving strong outcomes through highly experienced and internationally connected professionals. Grant Thornton’s success was reflected in the number two position (by average deal value) in the ranking of the top ten M&A advisors in Europe.
Z przyjemnością prezentujemy kolejną edycję „Purpurowego Informatora”, czyli cyklu analiz, w którym omawiamy ważne dla przedsiębiorców kwestie prawne, księgowe i kadrowe. Tym razem tematem naszego cyklu jest pakiet zmian w ustawie o rachunkowości, które obowiązują od 2016 roku.
Wpływy transferowe klubów piłkarskiej Ekstraklasy osiągnęły w sezonie 2016/2017 wartość 33,5 mln EUR – wynika z Grant Thornton. To najlepszy wynik w historii.
Prescriptive analytics BA4206 Anna University PPTFreelance
Business analysis - Prescriptive analytics Introduction to Prescriptive analytics
Prescriptive Modeling
Non Linear Optimization
Demonstrating Business Performance Improvement
63662490260Kalyan chart, satta matta matka 143, satta matka jodi fix , matka boss OTC 420, Indian Satta, India matka, matka ank, spbossmatka, online satta matka game play, live satta matka results, fix fix fix satta namber, free satta matka games, Kalyan matka jodi chart, Kalyan weekly final anl matka 420
High-Quality IPTV Monthly Subscription for $15advik4387
Experience high-quality entertainment with our IPTV monthly subscription for just $15. Access a vast array of live TV channels, movies, and on-demand shows with crystal-clear streaming. Our reliable service ensures smooth, uninterrupted viewing at an unbeatable price. Perfect for those seeking premium content without breaking the bank. Start streaming today!
https://rb.gy/f409dk
NIMA2024 | De toegevoegde waarde van DEI en ESG in campagnes | Nathalie Lam |...BBPMedia1
Nathalie zal delen hoe DEI en ESG een fundamentele rol kunnen spelen in je merkstrategie en je de juiste aansluiting kan creëren met je doelgroep. Door middel van voorbeelden en simpele handvatten toont ze hoe dit in jouw organisatie toegepast kan worden.
Unlocking WhatsApp Marketing with HubSpot: Integrating Messaging into Your Ma...Niswey
50 million companies worldwide leverage WhatsApp as a key marketing channel. You may have considered adding it to your marketing mix, or probably already driving impressive conversions with WhatsApp.
But wait. What happens when you fully integrate your WhatsApp campaigns with HubSpot?
That's exactly what we explored in this session.
We take a look at everything that you need to know in order to deploy effective WhatsApp marketing strategies, and integrate it with your buyer journey in HubSpot. From technical requirements to innovative campaign strategies, to advanced campaign reporting - we discuss all that and more, to leverage WhatsApp for maximum impact. Check out more details about the event here https://events.hubspot.com/events/details/hubspot-new-delhi-presents-unlocking-whatsapp-marketing-with-hubspot-integrating-messaging-into-your-marketing-strategy/
Discover the Beauty and Functionality of The Expert Remodeling Serviceobriengroupinc04
Unlock your kitchen's true potential with expert remodeling services from O'Brien Group Inc. Transform your space into a functional, modern, and luxurious haven with their experienced professionals. From layout reconfiguration to high-end upgrades, they deliver stunning results tailored to your style and needs. Visit obriengroupinc.com to elevate your kitchen's beauty and functionality today.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Tired of chasing down expiring contracts and drowning in paperwork? Mastering contract management can significantly enhance your business efficiency and productivity. This guide unveils expert secrets to streamline your contract management process. Learn how to save time, minimize risk, and achieve effortless contract management.
Cover Story - China's Investment Leader - Dr. Alyce SUmsthrill
In World Expo 2010 Shanghai – the most visited Expo in the World History
https://www.britannica.com/event/Expo-Shanghai-2010
China’s official organizer of the Expo, CCPIT (China Council for the Promotion of International Trade https://en.ccpit.org/) has chosen Dr. Alyce Su as the Cover Person with Cover Story, in the Expo’s official magazine distributed throughout the Expo, showcasing China’s New Generation of Leaders to the World.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART KALYAN CHART
Best Competitive Marble Pricing in Dubai - ☎ 9928909666Stone Art Hub
Stone Art Hub offers the best competitive Marble Pricing in Dubai, ensuring affordability without compromising quality. With a wide range of exquisite marble options to choose from, you can enhance your spaces with elegance and sophistication. For inquiries or orders, contact us at ☎ 9928909666. Experience luxury at unbeatable prices.
𝐔𝐧𝐯𝐞𝐢𝐥 𝐭𝐡𝐞 𝐅𝐮𝐭𝐮𝐫𝐞 𝐨𝐟 𝐄𝐧𝐞𝐫𝐠𝐲 𝐄𝐟𝐟𝐢𝐜𝐢𝐞𝐧𝐜𝐲 𝐰𝐢𝐭𝐡 𝐍𝐄𝐖𝐍𝐓𝐈𝐃𝐄’𝐬 𝐋𝐚𝐭𝐞𝐬𝐭 𝐎𝐟𝐟𝐞𝐫𝐢𝐧𝐠𝐬
Explore the details in our newly released product manual, which showcases NEWNTIDE's advanced heat pump technologies. Delve into our energy-efficient and eco-friendly solutions tailored for diverse global markets.
The Steadfast and Reliable Bull: Taurus Zodiac Signmy Pandit
Explore the steadfast and reliable nature of the Taurus Zodiac Sign. Discover the personality traits, key dates, and horoscope insights that define the determined and practical Taurus, and learn how their grounded nature makes them the anchor of the zodiac.
SATTA MATKA DPBOSS KALYAN MATKA RESULTS KALYAN CHART KALYAN MATKA MATKA RESULT KALYAN MATKA TIPS SATTA MATKA MATKA COM MATKA PANA JODI TODAY BATTA SATKA MATKA PATTI JODI NUMBER MATKA RESULTS MATKA CHART MATKA JODI SATTA COM INDIA SATTA MATKA MATKA TIPS MATKA WAPKA ALL MATKA RESULT LIVE ONLINE MATKA RESULT KALYAN MATKA RESULT DPBOSS MATKA 143 MAIN MATKA KALYAN MATKA RESULTS KALYAN CHART
Satta Matka Dpboss Kalyan Matka Results Kalyan Chart
Banking industry Hot Topics - Forum in New Orleans
1. Banking industry hot topics
Highlights from the ABA Risk Management Forum in New Orleans:
Enterprise risk management – Understanding risk in today’s complex banking environment
Grant Thornton LLP sponsored a panel discussion on I. Value of enterprise risk management
enterprise risk management (ERM) at the annual conference Presented by Steve Goldberg
Steve Goldberg has more than 25 years of business experience, including 20 years
of the American Bankers Association (ABA) — ABA Risk in financial services as an industry executive and management consultant. He has a
Management Forum — held in New Orleans in May 2012. The strong focus on business strategy and operations, including risk management and
panelists included three of Grant Thornton’s ERM specialists: business performance improvement.
• Steve Goldberg, Financial Services Advisory Principal What is the value of ERM?
• Tariq Mirza, Bank Regulatory National Managing Director A recent survey of 3,000 banks, conducted by Grant Thornton LLP
• Erin Morrow, Financial Services Advisory Principal and Bank Director, found that 34 percent of respondents believed
they would need to hire additional staff to meet the requirements of
Given the immense uncertainty in the market and growing Dodd-Frank, and 21 percent believed their firms would need to hire
demands from the enactment of the Dodd-Frank Wall Street an outside advisor, given that some of the provisions are one-time
Reform and Consumer Protection Act (Dodd-Frank) and from events. Nearly half of respondents think the overall financial reform
shareholders and customers, organizations face an environment will not be effective at all in detecting the broad risks to the financial
of increased scrutiny on their ERM process and its role within system. Others believe that key elements of Dodd-Frank could be
their company. Despite this renewed awareness of ERM, repealed, given the upcoming elections and resistance from Congress.
many are still struggling to implement it successfully. Some These responses raise the question: What is the value of
organizations don’t fully understand the value of ERM, while ERM? Given that the Federal Reserve Board (the FRB) and
others may have conducted a risk assessment but have not the SEC are moving forward with Dodd-Frank and expect to
followed up on it, and still others simply don’t know where finalize the rules and regulations by the summer or fall of 2012,
to begin. During this forum, our panelists discussed the value there is distinct value in implementing an ERM program.
of ERM, the view of ERM from a regulatory perspective, and Historically, companies have viewed risks in “silos,” with
practical tips for understanding ERM and implementing it in each silo representing a specific risk. Companies would analyze
your organization. and develop strategies for each risk. The goal of ERM is to take a
holistic approach and develop an overall strategy for managing risk
across the organization. ERM improves the likelihood of success
in the strategic planning process. It also prevents or reduces high-
impact risks for the organization and enables it to make timely and
informed decisions, with the ability to understand individual risks
and how they affect the organization. In the current environment,
regulators are looking for a culture of compliance within financial
organizations; ERM establishes a culture of transparency and
accountability across the organization. Finally, ERM prioritizes
the allocation of resources to the most significant risks. Performing
a structured risk assessment allows the organization to identify the
areas that require the most attention and investment.
2. Banking industry hot topics
What are the current drivers of ERM in the banking III. Understanding ERM, embedded risk management, risk
industry? intelligence and ERM implementation
Banking regulators, board members and bank management are Presented by Erin Morrow
Erin Morrow is a principal in Grant Thornton’s Financial Services Advisory practice,
all driving the renewed emphasis on ERM. Banking regulators and serves as the firm’s Governance, Risk and Compliance Solution leader for the
have increased their focus on broad risk management in their Northeast Region. Morrow is the outsourced internal audit leader for two regional
exams, including expectations of board and management banks. She is also works in an advisory capacity on topics in internal audit and risk
management with other banking and financial services organizations ranging from
oversight, and links to internal audit. Board members’
local banks to global institutions.
accountability has increased in the wake of the financial crisis;
therefore, they are requesting risk updates and risk monitoring
Despite the advent of Dodd-Frank and increased public and
tools. Bank management teams are also looking for tools to make
regulatory scrutiny, ERM still appears to be very immature
the process easier and give them much earlier warning of risk
and loosely adopted. In 2010, North Carolina State University
events, such as stress testing.
surveyed 460 senior management executives across different
industries about the current state of enterprisewide risk
II. Regulatory perspective
oversight. Findings suggest that there is room for improvement
Presented by Tariq Mirza
Prior to joining Grant Thornton, Tariq Mirza spent over 20 years with the Federal in ERM processes across most organizations, with over 50
Deposit Insurance Corporation (FDIC) in various roles. Most recently, he served as percent of respondents describing risk oversight as casual or
senior advisor under former FDIC Chairman Sheila Bair, providing technical advice
unstructured. One-third of respondents said they were not at all
on a wide range of banking and regulatory issues. He spoke about ERM from the
perspective of a former regulator. satisfied or minimally satisfied with their ERM programs.
With the implementation of Dodd-Frank, regulators are also Why are organizations having trouble maturing their ERM
holding themselves to the same standards to which they hold programs?
financial institutions. In fact, the FDIC recently appointed its There are several issues that appear to be presenting significant
own chief risk officer. Some regulators from other agencies challenges in implementing ERM. One of the leading issues
are looking to do the same, indicating that regulators are also seems to be that ERM never got embedded in the culture or
looking at ERM within their own organizations. According business process of the organization. The reasons for this might
to Mirza, regulators are not only “talking the talk, but also include failure to get executive sponsorship, or absence of
walking the walk.” governance or accountability, or perhaps there was simply no
Mirza laid out a basic framework for what the FRB expects awareness of or training for ERM in the organization. Another
from banks’ risk committees. The FRB’s proposal indicates that challenge is the lack of focus. Perhaps ERM was not properly
risk committees must approve a risk management framework defined or focused and became too big. Some organizations
that includes the following: may have suffered paralysis through analysis or addressed only
• Risk limitations for each business line risk symptoms rather than root causes. Finally, there is a still
• Establishing systems for identifying and reporting risks, a general lack of information and intelligence about ERM. In
including emerging risks some cases, ERM programs were not forward looking enough,
• Monitoring compliance with the risks and management did not receive useful or timely information to
• Ensuring effective and timely implementation of corrective respond to emerging risks.
actions
• Integrating risk objectives into management’s goals and
compensation
Finally, Mirza discussed high-impact risk. From his
perspective as a former regulator, high-impact risk stemming One of the leading issues seems to be that
from a weak or nonexistent ERM program could be an ERM never got embedded in the culture or
enforcement action, such as a cease and desist order, consent
order or civil money penalty. These regulatory actions are in business process of the organization.
the public domain and may result in substantial reputational
risk for the institution. The ultimate high-impact risk of a weak
ERM program is failure; since beginning of the recent financial
crisis, there have been more than 430 bank failures.
2
3. Banking industry hot topics
Understanding ERM What are the types of risk responses?
One of the keys to understanding ERM is learning The purpose of risk response is to bring the risk to the
the terminology. There is a common “language of risk acceptable level of risk appetite. The four categories are
management” that many professional practicing ERM have acceptance, transfer, avoidance and mitigation. Acceptance
come to adopt. Morrow defined a list of key ERM terms, which simply means to tolerate the risk; management may realize
included these: something is a risk but perhaps nothing can be done at a
• Risk – The Committee of Sponsoring Organizations of the reasonable cost to mitigate it, or the likelihood and impact of
Treadway Commission (COSO) has described risk as “the the risk occurring is at an acceptable level. Transfer is a form
possibility that an event will occur and adversely affect the of risk reduction whereby the risk is transferred to a third
achievement of objectives.” party. The most common example of risk transfer is insurance.
• Enterprise risk management – A report from COSO A premium is paid, and the insurance company takes on the
describes ERM as an ongoing process, implemented by risk. Avoidance means just that: avoiding or exiting activities
an entity’s board of directors, management and other that give rise to risk, such as a risky market, product or line
personnel, applied in strategy-setting and across the of business. Mitigation involves the process of developing
enterprise, designed to identify potential events that may options and actions to reduce the risks by putting controls and
affect the entity.1 monitoring in place to detect and prevent and/or control risk.
• Inherent risk – This refers to the “natural” level of This is the most common risk response.
risk associated with doing business. Inherent risk is not
necessarily a bad thing, given that most activities banks Embedded risk management
engage in to make money are inherently risky. Inherent risk ERM not just a project: it needs to be part of the day-to-day
is not static; it can rise because of external factors. operations of the company and its decision-making processes.
• Residual risk – This refers to the remaining risk after Merely putting ERM components in place is also not enough
management’s controls are taken into account. to create value or to avoid corporate failure; the key to making
• Key risk indicator (KRI) – This is a measure used in ERM valuable is to embed it in the organization where it must
management to indicate the level of risk currently in place. It be accepted and understood. So how can management achieve
gives a quantifiable view of the risk the bank is adopting. this? Embedding risk management entails performing a risk
• Risk appetite – According to COSO, risk appetite is “the assessment, installing a monitoring system, and developing
amount of risk, on a broad level, an entity is willing to a process for responding to changing risk levels quickly.
accept in pursuit of value.” Bank management may say they Furthermore, risk management ownership and participation
have no appetite for risk, but in order to grow and make is an enterprisewide endeavor. Everyone in the organization,
money, banks need to take on some risk. ranging from tellers to loan officers to the president and board
• Risk response – Once a key risk is identified, management of directors, owns some portion of risk.
will evaluate the risk and formulate a response. Risk Risk management should also be relevant to your
responses are grouped into four categories. organization. There is no single way to do risk management.
However, under Dodd-Frank, if an organization has over
$10 billion in assets, it must have a board risk committee. The
board committee must be independent of other committees
and also have an independent director with experience in risk
management. The board risk committee has oversight of risk
strategy and tolerance, and overall risk effectiveness.
1
Source: The Committee of Sponsoring Organizations of the Treadway Commission. Enterprise Risk Management – Integrated Framework, September 2004.
3
4. Banking industry hot topics
Another important element in the ERM process is installing Responding to the KRIs involves determining strategic
a management risk committee. The management risk committee responses the business would take if risk tolerance is exceeded.
is chaired by the chief risk officer, and its members usually Often this comprises a set of responses for progressively more
comprise the CFO, and legal and compliance personnel. Its role severe tolerance thresholds. In addition, the organization needs
is to review risk policies, implement risk strategies and make to decide when the risk threshold has been met, and then it
recommendations to the CEO. needs to implement the appropriate strategic response. Banks
should leverage risk intelligence to continuously update and
Risk intelligence improve the ERM program. When there are changes, events
Risk intelligence means being effective and efficient at managing and indicators that affect the organization, management should
risks to both existing assets and future growth. Banks should internally or externally review the current risk assessment (to
use risk intelligence to monitor and respond to risks on a determine if there are new emerging risks to address), the ERM
constant basis. Monitoring involves determining KRI for each strategy, communications protocols and risk responses.
risk in the watch list, determining a process for reporting KRIs,
and developing a process for communicating risk events. ERM implementation – Key steps
The development of effective KRIs can be a challenge for The process of implementing an ERM solution can seem
most companies. Financial institutions usually have a large overwhelming; however, we have found it less daunting for
amount of credit risk and market risk indicators, and most of some clients to break down the process into “bite-sized” steps:
them have a sound system for addressing them. But there are
additional “soft” indicators that go beyond the basics of credit 1. Define the organization’s risk universe, and rank each risk
risk and interest rate risk that many people overlook. These by impact and likelihood.
include the following: 2. Select a framework that fits the organization’s culture.
Consider how the bank works and people communicate, and
• Financial market turmoil/Unemployment — An increase structure something that will be successful for that group.
in unemployment can be an indicator of increased fraud risk. 3. Establish board or related board committee responsibilities
• Client dissatisfaction — Low client satisfaction scores can for risk oversight so they understand their responsibilities.
forecast an erosion of revenue. Although there is no one document that defines how to
• Staff turnover — High levels of staff turnover can predict manage risk, having a procedure manual that talks about the
reduced customer service and/or quality. whole risk program can be very useful.
• Open compliance cases — An increase in open compliance 4. Appoint a chief risk officer and/or an internal management
cases might indicate a change in the risk profile of clients or risk committee and related charter with roles and
staffing not keeping pace with growth. responsibilities.
• Loan growth — Significant loan growth can indicate a need
for additional hiring to keep pace.
4