MetisGRC is a governance and risk management consultancy that helps clients improve their performance through better governance and risk management practices. They provide assessments, surveys, advisory services, project management, coaching and education. Their clients include investors, shareholders, supervisors and other stakeholders. MetisGRC believes that good governance and risk management can reduce costs, improve efficiency and create value by strengthening stakeholder relationships. They help organizations implement transparent governance structures and risk management strategies and policies to enhance performance and meet stakeholder expectations.
Governance Culture & Incentives- Fundamentals of Operational RiskAndrew Smart
Governance, Culture & Incentives. -Fundamentals of Operational Risk. This presentation provides some practical tools to answer three key questions and create alignment.
Governance Culture & Incentives- Fundamentals of Operational RiskAndrew Smart
Governance, Culture & Incentives. -Fundamentals of Operational Risk. This presentation provides some practical tools to answer three key questions and create alignment.
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
Significant opportunities remain for organizations to continue to strengthen their approaches to identifying and assessing key risks. This program will provide an overview of Enterprise Risk Management (ERM) best practices and current emerging risks that should be on your radar for 2018.
Watch the complete webinar here: https://aronsonllc.com/c-suites-guide-to-enterprise-risk-management-and-emerging-risks/?sf_data=all&_sft_insight-type=on-demand-webinar
Deloitte’s risk management philosophy – Risk Intelligence (RI), focuses on maintaining the right balance between risk and reward. Asking the right questions and finding effective answers to them is critical to developing the right risk management capabilities. Most organizations already have a multitude of Enterprise Risk Management (ERM) practices and processes to address risks but the lack of a strategic view to an ERM program, can expose risk management gaps and redundancies and prevent sufficient insight into key risk interdependencies
A crisis can tear an organization down without any plan to combat its effects. Therefore, businesses and companies first and foremost create a crisis management plan that can tackle any nature of crisis; be it a natural disaster or a technical failure. Besides learning how to manage a crisis, the framework of the plan also tests the overall strength and strategic ability of the organization to respond. Equipping a team within the organization with specific crisis management skills will result in a faster and more efficient way to handle a real-time crisis as well as a smooth transition towards recovery.
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
COSO, which has provided global thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence for over three decades, recently released a draft update to the original COSO ERM Framework. This framework is widely used by organizations to enhance their ability to manage uncertainty, gauge risk, and increase stakeholder value. However, significant new risks have emerged since the Framework was released, demanding heightened board awareness and oversight of risk management, as well as improved risk reporting. For those organizations exploring ESRM – these themes will be strikingly familiar and the lessons learned, highly relevant.
Presentation by: Bob Hirth, Global Chairman of COSO.
Even in today’s heavily regulated environment, company oversight organizations may not substantially cover several operational functions important to managing the business’s top-tier risks. In other instances, internal and external oversight groups redundantly monitor business processes. Additionally, simultaneously occurring assessments often burden and may overwhelm the company’s operational staff. Consequently, there exists a need to better align assessment activities with business risks and coordinate audits between oversight groups. StrategyDriven’s Risk Assurance Maps address all of these challenges.
StrategyDriven’s Risk Assurance Maps enable visualization of the relationships between enterprise risks and their associated operational processes. Concurrently, they reveal the degree of oversight applied to these processes and the residual risk remaining based on the outcomes of these assessments and the performance revealed by the organization’s performance measurement system.
To learn more, visit: http://www.strategydriven.com/risk-assurance-maps/
Strategic Planning Society Webinar- Integrating Strategy and Risk ManagementAndrew Smart
• The credit crunch and its subsequent fall-out has rewritten the rules on strategy execution and risk management.
• The balanced scorecard and risk management approaches have evolved as silo processes over approximately 20 years – an approach that integrates both is a natural evolution.
• To effectively streamline management and regulatory reporting, organisations need to adopt an integrated framework, which covers strategy execution, risk management & compliance.
Shaping Your Culture via Risk Appetite Andrew Smart
Andrew Smart will briefly explain risk appetite and how it can be linked into the overall strategy and risk management process of an organisation. He will then go on to clarify how Risk Appetite statements work alongside Vision statements; creating the right ‘tone from the top’, and how that can be cascaded through the organisation in the form of Risk Tolerances and KRI's. The webinar will conclude with a demonstration of how to enable and embed change, leveraging your SharePoint investment.
Please contact andrew.smart@stratexsystems.com for more details about the presentation or to have a talk about our software solutions.
Discussion of reputation risk and how to incorporation reputation management into a business in order to build resiliency and growth. Presented at the 3rd International Reputation Management Conference in Istanbul, Turkey, in November 2014
Business and Risk go hand in hand, the professionals like chartered accountants with expertise in finance, management and audit are well suited for the role of forecasting, evaluating, and mitigating prospective risk involve in any organization’s activity and seize opportunities to take the growth of business on next level. This article brings you in-depth details of the role of a chartered accountant in Enterprise Risk Management.
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
Significant opportunities remain for organizations to continue to strengthen their approaches to identifying and assessing key risks. This program will provide an overview of Enterprise Risk Management (ERM) best practices and current emerging risks that should be on your radar for 2018.
Watch the complete webinar here: https://aronsonllc.com/c-suites-guide-to-enterprise-risk-management-and-emerging-risks/?sf_data=all&_sft_insight-type=on-demand-webinar
Deloitte’s risk management philosophy – Risk Intelligence (RI), focuses on maintaining the right balance between risk and reward. Asking the right questions and finding effective answers to them is critical to developing the right risk management capabilities. Most organizations already have a multitude of Enterprise Risk Management (ERM) practices and processes to address risks but the lack of a strategic view to an ERM program, can expose risk management gaps and redundancies and prevent sufficient insight into key risk interdependencies
A crisis can tear an organization down without any plan to combat its effects. Therefore, businesses and companies first and foremost create a crisis management plan that can tackle any nature of crisis; be it a natural disaster or a technical failure. Besides learning how to manage a crisis, the framework of the plan also tests the overall strength and strategic ability of the organization to respond. Equipping a team within the organization with specific crisis management skills will result in a faster and more efficient way to handle a real-time crisis as well as a smooth transition towards recovery.
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
COSO, which has provided global thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence for over three decades, recently released a draft update to the original COSO ERM Framework. This framework is widely used by organizations to enhance their ability to manage uncertainty, gauge risk, and increase stakeholder value. However, significant new risks have emerged since the Framework was released, demanding heightened board awareness and oversight of risk management, as well as improved risk reporting. For those organizations exploring ESRM – these themes will be strikingly familiar and the lessons learned, highly relevant.
Presentation by: Bob Hirth, Global Chairman of COSO.
Even in today’s heavily regulated environment, company oversight organizations may not substantially cover several operational functions important to managing the business’s top-tier risks. In other instances, internal and external oversight groups redundantly monitor business processes. Additionally, simultaneously occurring assessments often burden and may overwhelm the company’s operational staff. Consequently, there exists a need to better align assessment activities with business risks and coordinate audits between oversight groups. StrategyDriven’s Risk Assurance Maps address all of these challenges.
StrategyDriven’s Risk Assurance Maps enable visualization of the relationships between enterprise risks and their associated operational processes. Concurrently, they reveal the degree of oversight applied to these processes and the residual risk remaining based on the outcomes of these assessments and the performance revealed by the organization’s performance measurement system.
To learn more, visit: http://www.strategydriven.com/risk-assurance-maps/
Strategic Planning Society Webinar- Integrating Strategy and Risk ManagementAndrew Smart
• The credit crunch and its subsequent fall-out has rewritten the rules on strategy execution and risk management.
• The balanced scorecard and risk management approaches have evolved as silo processes over approximately 20 years – an approach that integrates both is a natural evolution.
• To effectively streamline management and regulatory reporting, organisations need to adopt an integrated framework, which covers strategy execution, risk management & compliance.
Shaping Your Culture via Risk Appetite Andrew Smart
Andrew Smart will briefly explain risk appetite and how it can be linked into the overall strategy and risk management process of an organisation. He will then go on to clarify how Risk Appetite statements work alongside Vision statements; creating the right ‘tone from the top’, and how that can be cascaded through the organisation in the form of Risk Tolerances and KRI's. The webinar will conclude with a demonstration of how to enable and embed change, leveraging your SharePoint investment.
Please contact andrew.smart@stratexsystems.com for more details about the presentation or to have a talk about our software solutions.
Discussion of reputation risk and how to incorporation reputation management into a business in order to build resiliency and growth. Presented at the 3rd International Reputation Management Conference in Istanbul, Turkey, in November 2014
Business and Risk go hand in hand, the professionals like chartered accountants with expertise in finance, management and audit are well suited for the role of forecasting, evaluating, and mitigating prospective risk involve in any organization’s activity and seize opportunities to take the growth of business on next level. This article brings you in-depth details of the role of a chartered accountant in Enterprise Risk Management.
Due to the current instability in the business world, organizations should be able to anticipate changes and have coherent responses at hand to effective manage risks, create value, build good relations, increase profit and improve competitive positioning.
A report titled Exploring Strategic Risk issued in 2013 for Forbes Insights by Deloitte, contains some very important conclusions for the business community. 300 executives from around the world were interviewed for the study, in an attempt to find out their vision of the risk strategy and current changes and analysing how organizations should face these new challenges.
Sometimes it is difficult to link risks to a specific financial impact and not all data are pertinent to the evaluation of emerging risks. That's why companies have to be aware of internal risks and manage them well in order to be able to manage external risks and invest into strategic assets such as human capital, clients and innovation.
This insight explains the case of the financial services as the sector that less trust generates due to its short-sightedness, lack of values and lack of professional education that resulted in corruption and bad practices, which compromised the financial sector.
The report A Crisis of Culture: Valuing Ethics and Knowledge in Financial Services examines the role of integrity and knowledge in restoring culture in the financial services industry. The conclusions appear in the full version of this document.
The financial industry is just one example in the wider panorama. Lack of values is widespread and creates significant risks. Bad practices trigger problems such as loss of profit, loss of reputation and even loss of shareholders, clients and employees.
The crisis, as well as the arrival of new technologies, urges companies to maintain their good practices and emphasize aspects as ethics, leadership, commitment, performance, transparency and sustainability.
The digital revolution and social networks encourage companies to be more transparent: companies meet their promises and obligations, deliver a coherent dialogue and improve the relationship with their stakeholders.
Application of values raises the possibility of good results and profits for companies through improvement of their reputation and business as well as optimization of resources. This certainly creates competitive advantages, establishes a strong cultural connection and improves employees’ motivation.
Before taking any decision, an institution should keep in mind the fact that it needs implicit and explicit public approval. Good business management implies risk management, creating a climate of trust, good will, credibility, social commitment and empathy between stakeholders and the company.
2017 coso-erm-integrating-with-strategy-and-performance-executive-summaryVALUES & SENSE
This update to the 2004 publication addresses the evolution of enterprise risk management and the need for organizations to improve their approach to managing risk to meet the demands of an evolving business environment. The updated document, titled Enterprise Risk Management—Integrating with Strategy and Performance, highlights the importance of considering risk in both the strategy-setting process and in driving performance.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
April 2010 - Journal of Securities Law, Regulation & Compliance Volume 3 Number 2
Compliance risk: A critical business risk
for asset managers
ABSTRACT
2010 presents a historical moment to define the
path forward to the ‘future of enterprise risk
management and mitigation strategies’ of
increasing compliance risk for asset managers.1–4
The recent financial crises and cases of material
compliance violations, Ponzi schemes, fraudulent
activities, misappropriation of investors’ assets
and collapse of major financial firms have had
significant, harmful impact on investors and
shareholders. Serious compliance violations, such
as insider trading, have proven to be self-destructive
to asset managers. No one is immune to
these trends. ‘Enterprise Risk Management —
2010 and Beyond Forward Looking Approach
by Asset Managers’ is a series of papers dedicated
to regulatory developments and industry best practices in the enterprise risk management
with a focus on ‘compliance risk: a critical business
risk for asset managers’.
Failure deriving from underestimating risk managementPECB
What is risk? Why are organizations concerned with it?
Whether it is driving, taking a shower or just going at the grocery store, everyone exposes themselves to risk. Organizations face internal and external risks that endanger the possibility of achieving their goals and objectives. As the world becomes more unpredictable, the concept of risk has turned into a major concern to professionals of different industries. According to ISO 31000, risk is the effect of uncertainty on objectives. In addition, risk management is the process of identifying, analyzing, and prioritizing risks. The goal of risk management is to manage risks before they affect the organization.
M_o_R is intended to help organisations put in place an effective framework for risk management. This will help them make informed decisions about the risks that affect their strategic, programme, project and operational objectives. The guide provides a route map for risk management, bringing together basic concepts, an approach, a process with a set of interrelated process steps, and pointers to more detailed sources of advice on risk management techniques and specialisms. It also provides advice on how the principles, approach and processes should be embedded, reviewed and applied differently depending on the nature of the objectives at risk.
This three day Management of Risk (M_o_R) course is designed to illustrate this best practice framework and give candidates an understanding of risk as it should be managed across an organisation. Within project and programme environments there will always be risk which needs to be identified, analysed and managed. Other areas of an organisation will also be exposed to risks as operational functions are carried out. M_o_R provides guidance on how best to deal with all these areas.
The Guide has been written by leading industry experts and is part of the ‘Swirl’ set of best practices managed by AXELOS, which includes ITIL, PRINCE2 & MSP methodologies. This training event is designed to prepare candidates to manage risks in a controlled and structured way by examining the M_o_R guide. Examinations are available during the event for candidates to achieve the Foundation level certification.
Syzygal is a globally Accredited Training Organisation and Accredited Courseware Provider for the M_o_R education & certification program. We are accredited by the following Examination Institutes: APMG, EXIN, Loyalist and PEOPLECERT.
Key Topics
Sessions will comprise a combination of panel discussions, oxford style debates, thought leadership addresses and practical case studies:
Examining how risk management functions deliver shareholder value
Exploring what fit for purpose ERM looks like in a Middle East corporate
Embedding a true risk culture at all levels of your organisation
ERM and corporate finance: Showcasing how good ERM can drive down borrowing costs and manage project investment risk
Thought Leadership: Building capability in risk quantification
Thought Leadership: Behavioural economics and risk bias
Risk mitigation in practice
Risk management standards and guidance: the next chapter
Integrated risk assessment
Risk universe map
Exploring methodologies for development and embedding risk appetite
The great debate: ERM vs Internal Audit - how can risk management and internal audit complement each other?
The role of insurance in risk mitigation
IT: danger or enabler?
Supply chain and procurement risk management
Enterprise Risk Management and SustainabilityJeff B
An overview of our endeavors at implementing ISO 31000 enterprise risk management and the importance of establishing good risk culture within the company.
Five lines of assurance a new paradigm in internal audit & ermDr. Zar Rdj
• Boards are provided with a tangible vehicle to demonstrate they are actively overseeing the company’s “risk appetite framework” (“RAF”)
• The process is designed to fully integrate with strategic planning, new product/service initiatives, and M&A activities.
• The process provides a clear response to emerging expectations like the UK Governance Code, Canadian Securities Administrators, SEC, FSB, credit agencies, institutional investors and TSB.
• The main role of internal audit is to report on the effectiveness of the risk management processes and the consolidated report on residual risk status the board receives from the CEO or his/her designate and to help the company build and maintain robust risk management processes
• Boards are provided with a tangible vehicle to demonstrate they are actively overseeing the company’s “risk appetite framework” (“RAF”)
• The process is designed to fully integrate with strategic planning, new product/service initiatives, and M&A activities.
• The process provides a clear response to emerging expectations like the UK Governance Code, Canadian Securities Administrators, SEC, FSB, credit agencies, institutional investors and TSB.
• The main role of internal audit is to report on the effectiveness of the risk management processes and the consolidated report on residual risk status the board receives from the CEO or his/her designate and to help the company build and maintain robust risk management processes.
Corporate Governance Mechanisms 3
Corporate Governance is the process through which companies are governed in order to maximize performance and profits as well as manage and monitor risks. (Monks, 2003) Accountability and transparency especially to stakeholders and shareholders is an indication of good governance. Corporate governance seeks to promote accountability, transparency and corporate fairness. It ensures shareholders’ interests are protected, transparency and accountability in business transactions is applied, compliance to legal and statutory requirements, adequate disclosures, ethical business conduct, and effective decision making. Corporate governance, in other words, recognizes the shareholders as the owners of the business and the company’s role as stewards and trustees to the business. In this regard, the company’s actions are geared towards benefiting the greatest number of stakeholders.
Companies are required to fully understand their responsibilities and the impact of their actions on the environment and society at large. This involves the establishment of roles and responsibilities among the company employees. The employees are then expected to be accountable and answerable to one or more people. In addition to this, there needs to be a clear system of communication flow, control and supervision. The company is not only expected to offer financial accounting but also social and environmental accounting. This entails a thorough analysis into the firm’s activities and their impacts on the company, its shareholders, the environment and society in order to achieve sustainable development. Sustainability, ethical and financial issues are directly linked to governance.
Corporate governance also requires good risk analysis and management. The board especially must understand the full impacts and risks involved in the activities and strategies undertaken by the company. They are required under corporate governance, to thoroughly analyze the risks involved in such strategies and their impact on the company, the environment and society before they approve of them. This should be followed by adequate monitoring of the implementation, reporting, accounting and audit. (Belimoria, 1994)
Corporate governance is a requirement for all companies listed in the London Stock Exchange. Given the nature and functions of corporate governance, it would be expected that these companies would thrive and experience improved performance. (Gugler, 2001) Recently however, the 20008/2009 global financial crisis saw the collapse of several companies including many high profile banks. (Himick, 1998) The media attributed these failures to lack of adequate corporate governance mechanisms yet these debacles continued to take place even after the company governance was put in the lime light. While it appears that in many cases, the comp.
2. Page 2
What we do.............
Governance and Risk is about many things, including;
• Improving confidence in the system
• Reducing probability of corporate/organisational failure
• Shareholder wealth protection/creation
• Enhancing social welfare
• Driving good risk management
At MetisGRC we enable our clients to improve governance and risk management performance.
We do this in tailored ways often involving in depth assessments, surveys, program monitoring,
facilitation of events, advisory assignments, project management, coaching and education.
Our clients are typically stakeholders in investment and strategic processes such as investors,
shareholders, supervisors and (public or private) interest groups and company C-suites.
3. Page 3
Governance & Risk Management; Cost or value?
Corporate Governance covers the area of investigation into the rights and responsibilities of the
management of a company – its board, shareholders and the various stakeholders in that
company. The system of internal procedures and controls that makes up the management
structure of a company is coming increasingly under scrutiny in the valuation of that company’s
equity.
In an ever more globalised world
economic imbalances have
proved to contain the seeds for
future financial crises, says the
WEF's Global Risks 2011
report. Economic disparity and
global governance failures are
exacerbating and driving risks,
according to the World
Economic Forum.
This figure from the WEF 2011 documentation
depicts the interconnectedness of risks and the
central place that governance (failure) takes therein
4. Page 4
Governance & Risk Management; Costing money or
adding value?
We already know that good governance & risk management reduces the probability of corporate
or organisational failure. Further developments in IT and controls enable that governance can
now also positively contribute to value creation and efficiency improvement. Good governance
has the potential to reduce cost, improve workforce motivation and enhance the (defined)
relationship between (all) the stakeholders in a firms business.
ESG; Linking Governance & Risk Management to Corporate & Social Responsibility
Recently Corporate and Social Responsibility has been linked with Governance/Risk Management
from the realisation that CSR and Governance both aim to establish a better balance between
the interests of different stakeholder groups in an organisation. The financial crisis has
demonstrated how impactful failure by institutions can be on others than shareholders alone.
It does not need a lot of thought to understand that the value of ESG/RM is much higher than the
costs of implementing it. The challenge is to make this value visible in a world where short term
financial interests tend to prevail of longer term interests that can not (yet) always be expressed
in money. MetisGRC wants to help you investigating the business case and support the roll-out
and monitoring of your performance enhancement programs.
5. Page 5
The ESG business case
ESG is no longer just risk management, social responsibility and compliance; it’s equally about
creating value through high performance measured in terms such as lower costs, stronger
customer relationships, increased revenues, social benefits and economic progress.
United Nations Global Compact;
Relentless value focus is a key characteristic of a “new era of sustainability,” one in which
environmental, social and corporate governance issues are embedded throughout operations,
the supply chain and subsidiaries. That era is closer than one might think, (based on a global
survey of more than 750 CEOs and in-depth interviews with 50 of the world’s foremost CEOs in
a range of industries and geographies)
Shared Value (M.Porter & M.Kramer)
The concept of shared value is defined as policies and operating practices that enhance the
competitiveness of a company while simultaneously advancing the social and economic
conditions in the communities in which it operates. It focuses on identifying and expanding the
connections between societal and economic progress (e.g. Water use, employee health, etc);
6. Page 6
The value of RM&ESG; from erosion to creation
Leadership
Value
creation
Profitability
Compliance
Value Minimum Standards:
erosion
Risk management License to Operate Managing for value Strategic advantage
Minimum regds + Environmental + Social = Value
7. Page 7
Who we are........
The principal partners of MetisGRC are Mik Breek and Otbert de Jong
Mik Breek is an experienced social and Otbert de Jong is an experienced
corporate lawyer, who has worked in international career banker, who
private practice and international banking. developed his risk advisory skills through
He became a corporate governance numerous implementations of Basel II for
expert and has meanwhile trained and banks all over the world. Until recently
assessed numerous (non) executive Otbert was an advisory partner in PwC.
boards of large cap Dutch companies and He and his team have supported
governmental regulatory bodies and has numerous banks both in Asia, the Middle
advised on the performance East and Europe in upgrading their risk
enhancement of both governance and management. Otbert also advises the
risk management fostering integrity and Dutch government on banking related
responsible behaviour. issues.
Both are firm believers that every company can enhance performance through better governance
and risk management and make the ESG business case. They aim to help to you to facilitate
the process.
8. Page 8
In practice (continued)
In practice, we often work on behalf of financial sector organizations such as banks, insurers,
pension funds, service companies and asset managers seeking to optimize performance by
effectively managing and measuring their own risks and governance and those associated with
their investments.
We help implement transparent governance models/structures to foster efficient processes and
smart strategies to enhance return on both financial – and human capital, implement governance,
risk and compliance legislation, improve the quality of board and senior management functioning
and foster better communication about performance, governance and risks, clearly demonstrating
more than minimum compliance with requirements, so as to better meet expectations from
clients, investors, regulators, and other stakeholders for transparency and accountability.
9. Page 9
Activities in practice
Corporate Governance;
Assessments of corporate governance effectiveness
Improvement programs of organizational governance effectiveness
Facilitation of boardroom governance effectiveness
Coaching and training of (NE) Board members
Risk & Audit Committee Assistance
Governance and risk policies and implementation
Governance counseling on validity of governance structure in view of strategy and culture
10. Page 10
Activities in practice (continued)
Risk Management
Risk strategy & risk appetite articulation: enhancing an integrated business – risk approach
Advisory in support of meeting regulatory risk requirements
Technical advisory on Market, Credit, Operational & Country Risk
Consultancy on risk tooling & system implementation: development of Risk Management
dashboards
Risk Management effectiveness assessments; Integrated Management Control Statements
Support in follow up of Control Risk Self Assessments processes
Development of bonus-/reward systems for risk and governance weighted targets
Policies & procedures development: including product and services approval processes
Interim Risk Management
11. Page 11
MetisGRC Governance & Risk Management Consulting
World Trade Center #C-11 29A Teo Hong Road
Strawinskylaan 1143 Singapore 088335
1077 XX Amsterdam
The Netherlands
Tel. +31 20 578 8372 Tel. +65 64715269
Fax +31 20 578 8373 Fax +65 62262685