SlideShare a Scribd company logo

Risk Gov Reform RMAJournal

P
peterjschild
1 of 4
Download to read offline
Enterprise Risk Risk Governance Reform Disciplined, reliable, and comprehensive systems of risk management and corporate governance can enhance a company’s reputation and increase shareholder value. BY PETER SCHILD RISK MANAGEMENT CAN be described as the means by which Opportunities for reform are present in four key areas reasonable assurance is provided that the risk taken is equiv- of corporate governance: alent to the risk intended. Corporate governance, which has 1. Management’s need for line-of-business control and been called the strategic response to risk, is an organizing supervision. system designed to preserve economic and human capital 2. The board’s need for perspective to perform oversight, sufficient to sustain operations. make strategic decisions, and evaluate management. Given the (surely unintended) amount of shareholder value 3. The banking regulators’ need for effective, observable lost in the financial services industry, the potential to improve risk management practices. both risk management and corporate governance continues 4. The overall need for efficient processes that enable lever- to exist. This is not a regulatory issue. Boards, for the sake of age across finance, risk, compliance, and audit. PHOTODISC/THINKSTOCK their employees, shareholders, clients, and markets, should Genuine reform consumes resources, and some resistance compel managements to identify historical process faults and is natural. It’s fair to ask what return will come from the inspire stronger cultures of risk awareness. investment and what a feasible plan of execution looks 12 October 2011 The RMA Journal Copyright 2011 by RMA
To evaluate the company’s capacity to achieve core objectives, directors need confidence in a system of effective internal controls and the reliability of its maintenance, as well as evidence of widespread attentiveness to risk. like. Asking a few questions designed to broaden the Figure 1 consideration beyond risk management to governance might help build a case for more meaningful change. Augmenting the Organizational Structure for Risk Awareness 1. Does the board truly understand the strategic objec- tives, the top risks the company faces in executing Board of Directors strategies, and the strength of the processes that keep the board and senior management informed? Risk Governance Senior Risk Internal Audit Board reporting is itself a key component of any strat- Council Committee egy; effective oversight is contingent on a board conver- sant in the risks to established strategies and how they can be assessed. Because information reaches the full Credit Risk Market Risk Asset/Liability Operational Risk board from various members of management and through Committee Committee Committee Committee different committees, coordinating the diverse sources of data while respecting their distinct voices requires delib- erate structure and dedicated resources. Unfortunately, board-level reporting often resembles a swiftly passing freight train—more tedious than informative. hances board reporting. Properly executed, the configura- To evaluate the company’s capacity to achieve core ob- tion shown in Figure 1 adds depth and consistency to the jectives, directors need confidence in a system of effective board narrative, while retaining the independent voices of internal controls and the reliability of its maintenance, as internal audit and the separate risk functions. well as evidence of widespread attentiveness to risk. They must believe in management’s capacity to stay within the Senior Risk Committee (SRC): Chaired by the CEO, boundaries of established tolerances and to report clearly this committee includes the COO, CRO, chief audit execu- and concisely when those boundaries are approached. tive, CFO, general counsel, and head of human resources. A Augmenting the organizational structure as suggested in roundtable discussion group meets monthly and as needed. Figure 1 promotes senior management awareness, estab- It has no formal agenda and covers a range of current risks, lishes rapid lines of communication, provides for reflection concerns, and outlooks. The SRC is a forum for senior- at the appropriate levels for fast-moving events, and en- most management to keep up with high and emerging The RMA Journal October 2011 13
Figure 2 much detail obscures perspective and precludes a digest- ible assessment of the franchise’s capacity to take on and Aggregating Line-of-Business Segments manage risk. for Oversight Corporations in their entirety are more than collections Manage by Segment of individual activities subject to the separate interests of Oversee by Strategy their components. A uniform process must be overlaid I onto routine reporting mechanisms to lift information from them and fit it into a format suited for oversight, as Legal/Compliance Line of Business 1 Line of Business 2 Line of Business 3 Risk Management Human Resources II illustrated in Figure 2. Technology Operations Finance III Absent a firm-wide, uniform approach that enables aggregation of the discrete line-of-business activities IV that make up each strategic initiative, managements and boards cannot visualize risk sufficiently well to identify, assess, accept, and monitor its full magnitude. risks to strategies, discuss economic and human capital resource allocations, enhance literacy and accountability, 3.Do all lines of business (particularly support activities) and renew the commitment to intended risk. coordinate so that their duties do not overlap and their reports to senior management and the board are Risk Governance Council (RGC): This committee is compatible? chaired by the CRO and includes the chief audit executive (ex officio), chief accounting officer, heads of operational, All voices must be heard—and, for the efficiency of credit, and market risk, and the chief compliance officer. day-to-day operations as well as the need to present the It reviews outstanding risk issues and exposures, control board with a comprehensible message, they should speak concerns, status of reso- the same language. Too often risk, finance, compliance, The RGC and Internal lution, and boundaries of risk tolerance. The audit, and lines of business view the organizational hier- archy differently, leading to duplication and irreconcilable Audit are each important RGC examines identi- reporting. sources of information for fied control weaknesses Reliable financial reporting and strict regulatory compli- for potential damage ance are unconditional but costly requirements. A common the SRC. Their separate and determines that method for identifying the company’s parts and assembling lines of input sustain residual risk is based them into a whole fosters mutual reliance among support on actual, as opposed groups and yields efficiencies. A shared understanding of their independence, to expected, internal common objectives (for example, enlightening the board) standing, and authority. control environments. beyond immediate responsibilities is a reasonable expecta- In the process, this tion and is also consistent with the imperative of operational committee has the capacity to recommend changes to effectiveness. accepted risk tolerances, both up and down. It provides senior management and the board with the assurance Figure 3 that residual risk across the enterprise is monitored continuously. Integral Analysis of Process and Culture The RGC and Internal Audit are each important sources of information for the SRC. Their separate lines of input Subjective Beliefs Objective Measures sustain their independence, standing, and authority. My feelings/ One’s empirical Individual 2.Are the lines of business that contribute to any given intentions behaviors strategic objective evaluated as a complete set of activities? While likely to be managed separately, Culture Process are they observed together as one strategy? Our culture: Our company: connection through connection through Group Strategic risk is managed differently from day-to-day meaning and values principles and procedures operations. The normal practice of managing in silos produces volumes of data that, when bound together, contribute to that image of a lengthy freight train. Too 14 October 2011 The RMA Journal
Figure 4 nect and employees arrive at a shared understanding of what it looks like to Reform Methodology and Benefits realize corporate objectives. A useful component of effective, effi- cient governance is an integral analysis. Enterprise-wide · Assurance Paying attention to all four quadrants in risk management · Facilitation Figure 3 takes into account the widest principles · Verification Reliable reporting Clear oversight perspective Increased variety of evidence from the greatest Efficient operations Observable governance practices shareholder value Compliance with laws Market & regulatory confidence number of sources. Group cultures Capital preservation Better reputation Employees who · Awareness (in the lower left) are accompanied by feel connected to · Literacy the company · Accountability social practices (in the lower right) that identify experiences generally held to be true, valid, and believable within the organization. Such experiences in turn favorably affect behaviors (upper right) 4.Does available capital match the risk appetite? and what is held to be significant by individual Risk is aggregated only Capital resources are difficult to measure precisely. But employees (upper left). managing beyond the measurable is necessary to provide rea- Goal setting involves after committing to it sonable assurance of adequate capital and its preservation. striving to do better and apart from where Different measures of capital—economic, regulatory, both within and across it’s taken; therefore, GAAP—show how scorekeepers can disagree, presenting quadrants. Just as each hurdles to communication among lines of business, board individual has tasks to individual awareness and members, regulators, accountants, and shareholders. Quan- perform that, in coor- how people connect with tification of capital is too uncertain to be the sole means of dination with those of determining its adequacy, although existing tools to measure others, contribute to each other matter in an risk-based capital remain necessary and useful. But only when group production, so organization strategically these tools are combined with an assessment of employee culture is both individ- committed to taking risk. skills, competencies, and risk awareness—human capital— ual feelings and a set of can overall capital adequacy be evaluated realistically. group values. In this way, as well, performance evaluations may be elevated from individual to more meaningful team 5.Are employees connected to the corporate vision? assessments. In order for sustainability to be achieved, in- dividuals’ and groups’ subjective (cultural) and objective The objective process of managing risk can be sustained (process) feelings, attitudes, behaviors, and day-to-day only with development of the more subjective elements procedures must be shaped and monitored together. of culture. Without the right culture, the risk taken can This entire reform methodology and its logical benefits easily exceed the risk intended, regardless of the processes can be pictured (Figure 4) as a continuous flow built on employed to measure and monitor it. a sound process and culture in which both the individual Employees should understand and agree with intended and the group play a part. outcomes and their individual and team roles in achieving Implementation of the approach described here enables them. Risk is aggregated only after committing to it and the board, external auditors, regulators, rating agencies, and apart from where it’s taken; therefore, individual aware- financial analysts alike to recognize disciplined, reliable, and ness and how people connect with each other matter in an comprehensive systems of risk management and corporate organization strategically committed to taking risk. Process governance, thereby enhancing the company’s reputation. alone, no matter how well designed and implemented, is And if the market’s appraisal of management’s competence is not enough to achieve effective governance. reflected in the amount by which total capitalization exceeds Widespread risk literacy and identification with corporate net worth, then enhancing the institution’s reputation leads goals are essential. Merging a culture of employee engagement to increased shareholder value. v with the fundamental principles of risk management requires a full-range program of organizational learning strategies, addressing recruiting, development, retention, and account- Peter Schild was chief audit executive at Wachovia. He retired in December 2007, a ability. Literacy and accountability, at individual and group few months before Wells Fargo acquired Wachovia. He can be reached at pschild@ levels, cultivate an environment where personal visions con- carolina.rr.com. The RMA Journal October 2011 15

Recommended

Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign Vladimir Matviychuk
 
Internal audit requirement
Internal audit requirementInternal audit requirement
Internal audit requirementabhijitsingh007
 
The New Value Integrator
The New Value IntegratorThe New Value Integrator
The New Value IntegratorBogdan Năforniţă
 
A strategic framework_for_governance,_ri
A strategic framework_for_governance,_riA strategic framework_for_governance,_ri
A strategic framework_for_governance,_rinmbbhe001
 
CFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To ProsperityCFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To Prosperitycraignorris
 
CFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To ProsperityCFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To Prosperitypscottc
 
Is Your Supply Chain Talent Ready For Growth[1]
Is Your Supply Chain Talent Ready For Growth[1]Is Your Supply Chain Talent Ready For Growth[1]
Is Your Supply Chain Talent Ready For Growth[1]cjazh
 
Critical Success Factors for Contract Management Automation_IACCM
Critical Success Factors for Contract Management Automation_IACCMCritical Success Factors for Contract Management Automation_IACCM
Critical Success Factors for Contract Management Automation_IACCMZycus
 

Recommended

Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign Vladimir Matviychuk
 
Internal audit requirement
Internal audit requirementInternal audit requirement
Internal audit requirementabhijitsingh007
 
The New Value Integrator
The New Value IntegratorThe New Value Integrator
The New Value IntegratorBogdan Năforniţă
 
A strategic framework_for_governance,_ri
A strategic framework_for_governance,_riA strategic framework_for_governance,_ri
A strategic framework_for_governance,_rinmbbhe001
 
CFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To ProsperityCFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To Prosperitycraignorris
 
CFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To ProsperityCFO Whitepaper The Path To Prosperity
CFO Whitepaper The Path To Prosperitypscottc
 
Is Your Supply Chain Talent Ready For Growth[1]
Is Your Supply Chain Talent Ready For Growth[1]Is Your Supply Chain Talent Ready For Growth[1]
Is Your Supply Chain Talent Ready For Growth[1]cjazh
 
Critical Success Factors for Contract Management Automation_IACCM
Critical Success Factors for Contract Management Automation_IACCMCritical Success Factors for Contract Management Automation_IACCM
Critical Success Factors for Contract Management Automation_IACCMZycus
 
Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management Surajit Datta
 
Commarca Comunicación
Commarca ComunicaciónCommarca Comunicación
Commarca ComunicaciónCommarca Comunicación
 
1.1.2010 Ops Risk
1.1.2010 Ops Risk1.1.2010 Ops Risk
1.1.2010 Ops Risksllzurich
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk TransformationAndrew Smart
 
CC Metric Issue 02
CC Metric Issue 02CC Metric Issue 02
CC Metric Issue 02chasecooper
 
B sc dari kun m
B sc dari kun mB sc dari kun m
B sc dari kun mMuhammad Gunawan
 
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)promindsbalaji
 
Three Lines of Defense
Three Lines of DefenseThree Lines of Defense
Three Lines of DefenseСветла Иванова
 
Compliance in the framework of corporate governance (side panel 2) - Oliver O...
Compliance in the framework of corporate governance (side panel 2) - Oliver O...Compliance in the framework of corporate governance (side panel 2) - Oliver O...
Compliance in the framework of corporate governance (side panel 2) - Oliver O...e-Democracy Conference
 
PeopleFirm Merger Integration
PeopleFirm Merger IntegrationPeopleFirm Merger Integration
PeopleFirm Merger IntegrationM. Tamra Chandler
 
Manigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessManigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessAndrew Smart
 
Is Your Supply Chain Talent Ready for Growth?
Is Your Supply Chain Talent Ready for Growth? Is Your Supply Chain Talent Ready for Growth?
Is Your Supply Chain Talent Ready for Growth? Andy Green
 
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010kochalla
 
Erm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & MethodologyErm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & Methodologysteinkamps6
 
Od mod1
Od mod1Od mod1
Od mod1Tufail Ahmed
 
Org learning levels
Org learning levels Org learning levels
Org learning levels Strategic Business & IT Services
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820สปสช นครสวรรค์
 
Karma
KarmaKarma
Karmaasksachinsaini
 
Presentatie Bouwdorp 2009
Presentatie Bouwdorp 2009Presentatie Bouwdorp 2009
Presentatie Bouwdorp 2009edvanuden
 
Karhu, Kaisa, Oulun seminaari 15042009
Karhu, Kaisa, Oulun seminaari 15042009Karhu, Kaisa, Oulun seminaari 15042009
Karhu, Kaisa, Oulun seminaari 15042009jennikaisto
 
Squizz presentation
Squizz presentationSquizz presentation
Squizz presentationmichaellleahy
 
Corp Risk Gov Reform
Corp Risk Gov ReformCorp Risk Gov Reform
Corp Risk Gov Reformpeterjschild
 

More Related Content

What's hot

Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management Surajit Datta
 
1.1.2010 Ops Risk
1.1.2010 Ops Risk1.1.2010 Ops Risk
1.1.2010 Ops Risksllzurich
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk TransformationAndrew Smart
 
CC Metric Issue 02
CC Metric Issue 02CC Metric Issue 02
CC Metric Issue 02chasecooper
 
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)promindsbalaji
 
Compliance in the framework of corporate governance (side panel 2) - Oliver O...
Compliance in the framework of corporate governance (side panel 2) - Oliver O...Compliance in the framework of corporate governance (side panel 2) - Oliver O...
Compliance in the framework of corporate governance (side panel 2) - Oliver O...e-Democracy Conference
 
PeopleFirm Merger Integration
PeopleFirm Merger IntegrationPeopleFirm Merger Integration
PeopleFirm Merger IntegrationM. Tamra Chandler
 
Manigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessManigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessAndrew Smart
 
Is Your Supply Chain Talent Ready for Growth?
Is Your Supply Chain Talent Ready for Growth? Is Your Supply Chain Talent Ready for Growth?
Is Your Supply Chain Talent Ready for Growth? Andy Green
 
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010kochalla
 
Erm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & MethodologyErm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & Methodologysteinkamps6
 

What's hot (17)

Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management
 
Commarca Comunicación
Commarca ComunicaciónCommarca Comunicación
Commarca Comunicación
 
1.1.2010 Ops Risk
1.1.2010 Ops Risk1.1.2010 Ops Risk
1.1.2010 Ops Risk
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk Transformation
 
CC Metric Issue 02
CC Metric Issue 02CC Metric Issue 02
CC Metric Issue 02
 
B sc dari kun m
B sc dari kun mB sc dari kun m
B sc dari kun m
 
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)
HYDSPIN-ProMinds CERT-RMM Presentation (25Aug2011)
 
Three Lines of Defense
Three Lines of DefenseThree Lines of Defense
Three Lines of Defense
 
Compliance in the framework of corporate governance (side panel 2) - Oliver O...
Compliance in the framework of corporate governance (side panel 2) - Oliver O...Compliance in the framework of corporate governance (side panel 2) - Oliver O...
Compliance in the framework of corporate governance (side panel 2) - Oliver O...
 
PeopleFirm Merger Integration
PeopleFirm Merger IntegrationPeopleFirm Merger Integration
PeopleFirm Merger Integration
 
Manigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessManigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy Process
 
Is Your Supply Chain Talent Ready for Growth?
Is Your Supply Chain Talent Ready for Growth? Is Your Supply Chain Talent Ready for Growth?
Is Your Supply Chain Talent Ready for Growth?
 
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010
Deloitte Capital and Real Estate Transformation Newsletter 1Q 2010
 
Erm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & MethodologyErm Presentation Bsw Approach & Methodology
Erm Presentation Bsw Approach & Methodology
 
Od mod1
Od mod1Od mod1
Od mod1
 
Org learning levels
Org learning levels Org learning levels
Org learning levels
 
Risk management standard_030820
Risk management standard_030820Risk management standard_030820
Risk management standard_030820
 

Viewers also liked

Presentatie Bouwdorp 2009
Presentatie Bouwdorp 2009Presentatie Bouwdorp 2009
Presentatie Bouwdorp 2009edvanuden
 
Karhu, Kaisa, Oulun seminaari 15042009
Karhu, Kaisa, Oulun seminaari 15042009Karhu, Kaisa, Oulun seminaari 15042009
Karhu, Kaisa, Oulun seminaari 15042009jennikaisto
 
Corp Risk Gov Reform
Corp Risk Gov ReformCorp Risk Gov Reform
Corp Risk Gov Reformpeterjschild
 
The Age Of Absolutism
The Age Of AbsolutismThe Age Of Absolutism
The Age Of Absolutismguest075159
 
Advertix
AdvertixAdvertix
Advertixiusti
 
Maple Hills Projects
Maple Hills ProjectsMaple Hills Projects
Maple Hills Projectsgueste10ff8
 
Como Bajar De Peso
Como Bajar De PesoComo Bajar De Peso
Como Bajar De Pesoguestea86109
 
Technology Use in Special Education
Technology Use in Special EducationTechnology Use in Special Education
Technology Use in Special Educationguesta429eb
 
Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...guestb741cc
 
Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...guestb741cc
 
Technology Use in Special Education
Technology Use in Special EducationTechnology Use in Special Education
Technology Use in Special Educationguesta429eb
 

Viewers also liked (16)

Karma
KarmaKarma
Karma
 
Presentatie Bouwdorp 2009
Presentatie Bouwdorp 2009Presentatie Bouwdorp 2009
Presentatie Bouwdorp 2009
 
Karhu, Kaisa, Oulun seminaari 15042009
Karhu, Kaisa, Oulun seminaari 15042009Karhu, Kaisa, Oulun seminaari 15042009
Karhu, Kaisa, Oulun seminaari 15042009
 
Squizz presentation
Squizz presentationSquizz presentation
Squizz presentation
 
Corp Risk Gov Reform
Corp Risk Gov ReformCorp Risk Gov Reform
Corp Risk Gov Reform
 
Doc Display
Doc DisplayDoc Display
Doc Display
 
The Age Of Absolutism
The Age Of AbsolutismThe Age Of Absolutism
The Age Of Absolutism
 
Advertix
AdvertixAdvertix
Advertix
 
asdfghjkl;\'
asdfghjkl;\'asdfghjkl;\'
asdfghjkl;\'
 
Maple Hills Projects
Maple Hills ProjectsMaple Hills Projects
Maple Hills Projects
 
Phil Portfolio08
Phil Portfolio08Phil Portfolio08
Phil Portfolio08
 
Como Bajar De Peso
Como Bajar De PesoComo Bajar De Peso
Como Bajar De Peso
 
Technology Use in Special Education
Technology Use in Special EducationTechnology Use in Special Education
Technology Use in Special Education
 
Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...
 
Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...Global solution for the overall fleet consumption reduction inside the Autmot...
Global solution for the overall fleet consumption reduction inside the Autmot...
 
Technology Use in Special Education
Technology Use in Special EducationTechnology Use in Special Education
Technology Use in Special Education
 

Similar to Risk Gov Reform RMAJournal

Integrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational StrategyIntegrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational Strategyhenrytk2
 
Common Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAECommon Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAEWheelhouse Advisors LLC
 
Comprehensive integrated reporting fei article by david phillips mike willis ...
Comprehensive integrated reporting fei article by david phillips mike willis ...Comprehensive integrated reporting fei article by david phillips mike willis ...
Comprehensive integrated reporting fei article by david phillips mike willis ...Workiva
 
Guide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive SummaryGuide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive Summaryeuweben01
 
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )euwebtc01
 
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )euwebtc01
 
Guide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive SummaryGuide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive Summaryeuweben01
 
Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...
Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...
Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...Dayana Mastura FCCA CA
 
What Boards Should Know About Social Media
What Boards Should Know About Social MediaWhat Boards Should Know About Social Media
What Boards Should Know About Social MediaDorri McWhorter
 
Meeting the Challenge of Vivek Kundra's 25 Point Plan
Meeting the Challenge of Vivek Kundra's 25 Point PlanMeeting the Challenge of Vivek Kundra's 25 Point Plan
Meeting the Challenge of Vivek Kundra's 25 Point PlanPlanet Technologies
 
Internal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo WachiraInternal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo WachiraJenard Wachira
 
[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...
[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...
[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...e-Democracy Conference
 
22462134 the-tows-matrix-a-tool-for-situational-analysis
22462134 the-tows-matrix-a-tool-for-situational-analysis22462134 the-tows-matrix-a-tool-for-situational-analysis
22462134 the-tows-matrix-a-tool-for-situational-analysisSantosh Pathak
 
Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...
Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...
Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...FindWhitePapers
 
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...WolfPAC - Integrated Risk Management
 
Chap. 1 corporate governance in international business
Chap. 1 corporate governance in international businessChap. 1 corporate governance in international business
Chap. 1 corporate governance in international businessMagiel Amora
 
Change and the Finance Function
Change and the Finance FunctionChange and the Finance Function
Change and the Finance FunctionMorgan McKinley
 

Similar to Risk Gov Reform RMAJournal (20)

Integrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational StrategyIntegrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational Strategy
 
Common Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAECommon Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAE
 
Ssg supplement 102009
Ssg supplement 102009Ssg supplement 102009
Ssg supplement 102009
 
Comprehensive integrated reporting fei article by david phillips mike willis ...
Comprehensive integrated reporting fei article by david phillips mike willis ...Comprehensive integrated reporting fei article by david phillips mike willis ...
Comprehensive integrated reporting fei article by david phillips mike willis ...
 
Guide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive SummaryGuide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive Summary
 
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
 
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
受 資 助 機 構 企 業 管 治 指 引 ─ 摘 要 ( 二 零 一 零 年 五 月 )
 
Guide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive SummaryGuide to Corporate Governance for Subvented Organisations - Executive Summary
Guide to Corporate Governance for Subvented Organisations - Executive Summary
 
Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...
Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...
Malaysian Code of Corporate Governance 2017 (MCCG2017): Principle B - Effecti...
 
What Boards Should Know About Social Media
What Boards Should Know About Social MediaWhat Boards Should Know About Social Media
What Boards Should Know About Social Media
 
Meeting the Challenge of Vivek Kundra's 25 Point Plan
Meeting the Challenge of Vivek Kundra's 25 Point PlanMeeting the Challenge of Vivek Kundra's 25 Point Plan
Meeting the Challenge of Vivek Kundra's 25 Point Plan
 
Internal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo WachiraInternal Audit And Internal Control Presentation Leo Wachira
Internal Audit And Internal Control Presentation Leo Wachira
 
ERM ppt.pptx
ERM ppt.pptxERM ppt.pptx
ERM ppt.pptx
 
[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...
[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...
[2010] Side panel 2: Official Journals Compliance in the Framework of Corpora...
 
Process Centric Integrity Management
Process Centric Integrity ManagementProcess Centric Integrity Management
Process Centric Integrity Management
 
22462134 the-tows-matrix-a-tool-for-situational-analysis
22462134 the-tows-matrix-a-tool-for-situational-analysis22462134 the-tows-matrix-a-tool-for-situational-analysis
22462134 the-tows-matrix-a-tool-for-situational-analysis
 
Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...
Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...
Increasing Business Agility: An Integrated Approach to Governance, Risk, and ...
 
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
Why Community-based Financial Institutions Should Practice Enterprise Risk Ma...
 
Chap. 1 corporate governance in international business
Chap. 1 corporate governance in international businessChap. 1 corporate governance in international business
Chap. 1 corporate governance in international business
 
Change and the Finance Function
Change and the Finance FunctionChange and the Finance Function
Change and the Finance Function
 

Risk Gov Reform RMAJournal

  • 1. Enterprise Risk Risk Governance Reform Disciplined, reliable, and comprehensive systems of risk management and corporate governance can enhance a company’s reputation and increase shareholder value. BY PETER SCHILD RISK MANAGEMENT CAN be described as the means by which Opportunities for reform are present in four key areas reasonable assurance is provided that the risk taken is equiv- of corporate governance: alent to the risk intended. Corporate governance, which has 1. Management’s need for line-of-business control and been called the strategic response to risk, is an organizing supervision. system designed to preserve economic and human capital 2. The board’s need for perspective to perform oversight, sufficient to sustain operations. make strategic decisions, and evaluate management. Given the (surely unintended) amount of shareholder value 3. The banking regulators’ need for effective, observable lost in the financial services industry, the potential to improve risk management practices. both risk management and corporate governance continues 4. The overall need for efficient processes that enable lever- to exist. This is not a regulatory issue. Boards, for the sake of age across finance, risk, compliance, and audit. PHOTODISC/THINKSTOCK their employees, shareholders, clients, and markets, should Genuine reform consumes resources, and some resistance compel managements to identify historical process faults and is natural. It’s fair to ask what return will come from the inspire stronger cultures of risk awareness. investment and what a feasible plan of execution looks 12 October 2011 The RMA Journal Copyright 2011 by RMA
  • 2. To evaluate the company’s capacity to achieve core objectives, directors need confidence in a system of effective internal controls and the reliability of its maintenance, as well as evidence of widespread attentiveness to risk. like. Asking a few questions designed to broaden the Figure 1 consideration beyond risk management to governance might help build a case for more meaningful change. Augmenting the Organizational Structure for Risk Awareness 1. Does the board truly understand the strategic objec- tives, the top risks the company faces in executing Board of Directors strategies, and the strength of the processes that keep the board and senior management informed? Risk Governance Senior Risk Internal Audit Board reporting is itself a key component of any strat- Council Committee egy; effective oversight is contingent on a board conver- sant in the risks to established strategies and how they can be assessed. Because information reaches the full Credit Risk Market Risk Asset/Liability Operational Risk board from various members of management and through Committee Committee Committee Committee different committees, coordinating the diverse sources of data while respecting their distinct voices requires delib- erate structure and dedicated resources. Unfortunately, board-level reporting often resembles a swiftly passing freight train—more tedious than informative. hances board reporting. Properly executed, the configura- To evaluate the company’s capacity to achieve core ob- tion shown in Figure 1 adds depth and consistency to the jectives, directors need confidence in a system of effective board narrative, while retaining the independent voices of internal controls and the reliability of its maintenance, as internal audit and the separate risk functions. well as evidence of widespread attentiveness to risk. They must believe in management’s capacity to stay within the Senior Risk Committee (SRC): Chaired by the CEO, boundaries of established tolerances and to report clearly this committee includes the COO, CRO, chief audit execu- and concisely when those boundaries are approached. tive, CFO, general counsel, and head of human resources. A Augmenting the organizational structure as suggested in roundtable discussion group meets monthly and as needed. Figure 1 promotes senior management awareness, estab- It has no formal agenda and covers a range of current risks, lishes rapid lines of communication, provides for reflection concerns, and outlooks. The SRC is a forum for senior- at the appropriate levels for fast-moving events, and en- most management to keep up with high and emerging The RMA Journal October 2011 13
  • 3. Figure 2 much detail obscures perspective and precludes a digest- ible assessment of the franchise’s capacity to take on and Aggregating Line-of-Business Segments manage risk. for Oversight Corporations in their entirety are more than collections Manage by Segment of individual activities subject to the separate interests of Oversee by Strategy their components. A uniform process must be overlaid I onto routine reporting mechanisms to lift information from them and fit it into a format suited for oversight, as Legal/Compliance Line of Business 1 Line of Business 2 Line of Business 3 Risk Management Human Resources II illustrated in Figure 2. Technology Operations Finance III Absent a firm-wide, uniform approach that enables aggregation of the discrete line-of-business activities IV that make up each strategic initiative, managements and boards cannot visualize risk sufficiently well to identify, assess, accept, and monitor its full magnitude. risks to strategies, discuss economic and human capital resource allocations, enhance literacy and accountability, 3.Do all lines of business (particularly support activities) and renew the commitment to intended risk. coordinate so that their duties do not overlap and their reports to senior management and the board are Risk Governance Council (RGC): This committee is compatible? chaired by the CRO and includes the chief audit executive (ex officio), chief accounting officer, heads of operational, All voices must be heard—and, for the efficiency of credit, and market risk, and the chief compliance officer. day-to-day operations as well as the need to present the It reviews outstanding risk issues and exposures, control board with a comprehensible message, they should speak concerns, status of reso- the same language. Too often risk, finance, compliance, The RGC and Internal lution, and boundaries of risk tolerance. The audit, and lines of business view the organizational hier- archy differently, leading to duplication and irreconcilable Audit are each important RGC examines identi- reporting. sources of information for fied control weaknesses Reliable financial reporting and strict regulatory compli- for potential damage ance are unconditional but costly requirements. A common the SRC. Their separate and determines that method for identifying the company’s parts and assembling lines of input sustain residual risk is based them into a whole fosters mutual reliance among support on actual, as opposed groups and yields efficiencies. A shared understanding of their independence, to expected, internal common objectives (for example, enlightening the board) standing, and authority. control environments. beyond immediate responsibilities is a reasonable expecta- In the process, this tion and is also consistent with the imperative of operational committee has the capacity to recommend changes to effectiveness. accepted risk tolerances, both up and down. It provides senior management and the board with the assurance Figure 3 that residual risk across the enterprise is monitored continuously. Integral Analysis of Process and Culture The RGC and Internal Audit are each important sources of information for the SRC. Their separate lines of input Subjective Beliefs Objective Measures sustain their independence, standing, and authority. My feelings/ One’s empirical Individual 2.Are the lines of business that contribute to any given intentions behaviors strategic objective evaluated as a complete set of activities? While likely to be managed separately, Culture Process are they observed together as one strategy? Our culture: Our company: connection through connection through Group Strategic risk is managed differently from day-to-day meaning and values principles and procedures operations. The normal practice of managing in silos produces volumes of data that, when bound together, contribute to that image of a lengthy freight train. Too 14 October 2011 The RMA Journal
  • 4. Figure 4 nect and employees arrive at a shared understanding of what it looks like to Reform Methodology and Benefits realize corporate objectives. A useful component of effective, effi- cient governance is an integral analysis. Enterprise-wide · Assurance Paying attention to all four quadrants in risk management · Facilitation Figure 3 takes into account the widest principles · Verification Reliable reporting Clear oversight perspective Increased variety of evidence from the greatest Efficient operations Observable governance practices shareholder value Compliance with laws Market & regulatory confidence number of sources. Group cultures Capital preservation Better reputation Employees who · Awareness (in the lower left) are accompanied by feel connected to · Literacy the company · Accountability social practices (in the lower right) that identify experiences generally held to be true, valid, and believable within the organization. Such experiences in turn favorably affect behaviors (upper right) 4.Does available capital match the risk appetite? and what is held to be significant by individual Risk is aggregated only Capital resources are difficult to measure precisely. But employees (upper left). managing beyond the measurable is necessary to provide rea- Goal setting involves after committing to it sonable assurance of adequate capital and its preservation. striving to do better and apart from where Different measures of capital—economic, regulatory, both within and across it’s taken; therefore, GAAP—show how scorekeepers can disagree, presenting quadrants. Just as each hurdles to communication among lines of business, board individual has tasks to individual awareness and members, regulators, accountants, and shareholders. Quan- perform that, in coor- how people connect with tification of capital is too uncertain to be the sole means of dination with those of determining its adequacy, although existing tools to measure others, contribute to each other matter in an risk-based capital remain necessary and useful. But only when group production, so organization strategically these tools are combined with an assessment of employee culture is both individ- committed to taking risk. skills, competencies, and risk awareness—human capital— ual feelings and a set of can overall capital adequacy be evaluated realistically. group values. In this way, as well, performance evaluations may be elevated from individual to more meaningful team 5.Are employees connected to the corporate vision? assessments. In order for sustainability to be achieved, in- dividuals’ and groups’ subjective (cultural) and objective The objective process of managing risk can be sustained (process) feelings, attitudes, behaviors, and day-to-day only with development of the more subjective elements procedures must be shaped and monitored together. of culture. Without the right culture, the risk taken can This entire reform methodology and its logical benefits easily exceed the risk intended, regardless of the processes can be pictured (Figure 4) as a continuous flow built on employed to measure and monitor it. a sound process and culture in which both the individual Employees should understand and agree with intended and the group play a part. outcomes and their individual and team roles in achieving Implementation of the approach described here enables them. Risk is aggregated only after committing to it and the board, external auditors, regulators, rating agencies, and apart from where it’s taken; therefore, individual aware- financial analysts alike to recognize disciplined, reliable, and ness and how people connect with each other matter in an comprehensive systems of risk management and corporate organization strategically committed to taking risk. Process governance, thereby enhancing the company’s reputation. alone, no matter how well designed and implemented, is And if the market’s appraisal of management’s competence is not enough to achieve effective governance. reflected in the amount by which total capitalization exceeds Widespread risk literacy and identification with corporate net worth, then enhancing the institution’s reputation leads goals are essential. Merging a culture of employee engagement to increased shareholder value. v with the fundamental principles of risk management requires a full-range program of organizational learning strategies, addressing recruiting, development, retention, and account- Peter Schild was chief audit executive at Wachovia. He retired in December 2007, a ability. Literacy and accountability, at individual and group few months before Wells Fargo acquired Wachovia. He can be reached at pschild@ levels, cultivate an environment where personal visions con- carolina.rr.com. The RMA Journal October 2011 15