1) The document discusses compliance risk as a critical business risk for asset managers. Compliance violations can seriously damage firms through reputational harm, legal penalties, and even cause the demise of firms like Galleon Management.
2) Regulators are pushing asset managers to strengthen enterprise risk management with compliance as a key component. Firms must take a comprehensive approach to identifying all risks, including emerging compliance risks.
3) Leading practices cited include integrating compliance fully into enterprise risk management for a single view of all risks, strong governance, and effective mitigation strategies to prevent serious compliance breaches like insider trading.
An Enterprise Risk Management (ERM) programme can help organizations achieve strategic objectives more effectively by taking a systematic approach to identifying, assessing, and addressing risks across the whole organization rather than operating in silos. Key aspects of an effective ERM programme include linking risk strategy to business strategy, establishing clear risk management responsibilities, and using risk information to improve decision-making and investment choices. Regular risk assessment and monitoring can optimize risk management and control activities while supporting organizational learning and competitiveness.
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
The document discusses lessons that can be learned from the financial crisis regarding effective risk management. It argues that risk management needs greater authority, senior executive leadership, and sufficient risk expertise at high levels. It also stresses the importance of combining quantitative risk model outputs with human judgment, paying attention to the quality of data used in models, and using stress testing and scenario planning to prepare for potential risks and events.
Enterprise risk management (ERM) takes a comprehensive, top-down approach to identifying and managing an organization's risks. It considers strategic, operational, pure and speculative risks across the entire organization rather than managing risks in silos. A typical ERM process involves identifying benefits, acquiring board support, developing risk procedures, determining risk appetite, and fostering a risk-aware culture. Barriers to effective ERM include difficulties defining risk appetite and a lack of requests to change risk management approaches. The 2012 Super Bowl in Indianapolis demonstrated how ERM can be applied to large-scale event planning and produce positive results. Future adoption of ERM may be slow as it is considered a "soft" aspect, but its principles are becoming
This document discusses how enterprise risk management (ERM) can help security leaders transform their roles. It provides an overview of ERM, outlining the key phases and processes involved. The security leader's background and experience make them well-positioned to play an important role in ERM. One security leader used ERM to ensure his department remained aligned with the company's strategic goals and supported a new initiative to expand into emerging markets. ERM provides a framework to manage risks across an organization in a coordinated way and help security leaders demonstrate their value through a strategic, enterprise-wide approach.
A new emphasis on enterprise risk management from regulators has heightened awareness among bankers to get educated and adopt these best practices at their institution. In response to this increased focus, the RMA ERM Council developed the ERM framework and associated competencies, which became the foundation for a series of highly practical workbooks for implementing effective ERM.
Enterprise Risk Management (ERM); From theory to practiceSegun Ogunwale
This document outlines the theory and practice of enterprise risk management (ERM). It discusses how ERM works differently in private versus public sector organizations due to differences in goals and risk tolerance. The document proposes a framework for implementing ERM with five phases: risk governance, risk assessment, risk quantification, risk monitoring and reporting, and risk optimization. It also describes steps to implement ERM such as obtaining buy-in, building an ERM foundation, conducting risk assessments, ongoing monitoring, and developing reporting. Roadblocks to implementation like resistance to change are also addressed.
Banking industry Hot Topics - Forum in New OrleansGrant Thornton
Enterprise risk management (ERM) is a critical topic for banks given increased regulatory scrutiny and uncertainty in the market. The panel discussion at the ABA Risk Management Forum highlighted the value of ERM in improving decision making and preventing high-impact risks. While ERM is important, many organizations struggle with implementation due to issues like not embedding it in the culture or focusing too broadly. The discussion provided practical tips for understanding key ERM concepts and implementing it through a step-by-step process.
This document discusses enterprise risk management (ERM) frameworks at two companies - Infosys and Rolls Royce. It finds that both companies manage risks through a mixture of internal management techniques and standard risk management processes. A risk managing culture is evident in both companies' management philosophies. The ERM programs at both include components like internal environment oversight, control activities, information/communication, and monitoring roles.
An Enterprise Risk Management (ERM) programme can help organizations achieve strategic objectives more effectively by taking a systematic approach to identifying, assessing, and addressing risks across the whole organization rather than operating in silos. Key aspects of an effective ERM programme include linking risk strategy to business strategy, establishing clear risk management responsibilities, and using risk information to improve decision-making and investment choices. Regular risk assessment and monitoring can optimize risk management and control activities while supporting organizational learning and competitiveness.
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
The document discusses lessons that can be learned from the financial crisis regarding effective risk management. It argues that risk management needs greater authority, senior executive leadership, and sufficient risk expertise at high levels. It also stresses the importance of combining quantitative risk model outputs with human judgment, paying attention to the quality of data used in models, and using stress testing and scenario planning to prepare for potential risks and events.
Enterprise risk management (ERM) takes a comprehensive, top-down approach to identifying and managing an organization's risks. It considers strategic, operational, pure and speculative risks across the entire organization rather than managing risks in silos. A typical ERM process involves identifying benefits, acquiring board support, developing risk procedures, determining risk appetite, and fostering a risk-aware culture. Barriers to effective ERM include difficulties defining risk appetite and a lack of requests to change risk management approaches. The 2012 Super Bowl in Indianapolis demonstrated how ERM can be applied to large-scale event planning and produce positive results. Future adoption of ERM may be slow as it is considered a "soft" aspect, but its principles are becoming
This document discusses how enterprise risk management (ERM) can help security leaders transform their roles. It provides an overview of ERM, outlining the key phases and processes involved. The security leader's background and experience make them well-positioned to play an important role in ERM. One security leader used ERM to ensure his department remained aligned with the company's strategic goals and supported a new initiative to expand into emerging markets. ERM provides a framework to manage risks across an organization in a coordinated way and help security leaders demonstrate their value through a strategic, enterprise-wide approach.
A new emphasis on enterprise risk management from regulators has heightened awareness among bankers to get educated and adopt these best practices at their institution. In response to this increased focus, the RMA ERM Council developed the ERM framework and associated competencies, which became the foundation for a series of highly practical workbooks for implementing effective ERM.
Enterprise Risk Management (ERM); From theory to practiceSegun Ogunwale
This document outlines the theory and practice of enterprise risk management (ERM). It discusses how ERM works differently in private versus public sector organizations due to differences in goals and risk tolerance. The document proposes a framework for implementing ERM with five phases: risk governance, risk assessment, risk quantification, risk monitoring and reporting, and risk optimization. It also describes steps to implement ERM such as obtaining buy-in, building an ERM foundation, conducting risk assessments, ongoing monitoring, and developing reporting. Roadblocks to implementation like resistance to change are also addressed.
Banking industry Hot Topics - Forum in New OrleansGrant Thornton
Enterprise risk management (ERM) is a critical topic for banks given increased regulatory scrutiny and uncertainty in the market. The panel discussion at the ABA Risk Management Forum highlighted the value of ERM in improving decision making and preventing high-impact risks. While ERM is important, many organizations struggle with implementation due to issues like not embedding it in the culture or focusing too broadly. The discussion provided practical tips for understanding key ERM concepts and implementing it through a step-by-step process.
This document discusses enterprise risk management (ERM) frameworks at two companies - Infosys and Rolls Royce. It finds that both companies manage risks through a mixture of internal management techniques and standard risk management processes. A risk managing culture is evident in both companies' management philosophies. The ERM programs at both include components like internal environment oversight, control activities, information/communication, and monitoring roles.
The document compares three major risk management frameworks: NIST, ISO, and COSO. NIST focuses on information security and risk management for US federal systems. ISO provides generic international guidelines for diverse organizations. COSO emphasizes internal controls and accurate reporting. While the frameworks differ in scope and focus, they all aim to guide organizations in managing risks through integrated strategies. Organizations should analyze features of each to determine the best combination for their unique needs and objectives.
This document provides an overview of operational risk and risk management. It defines operational risk as "the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events." It outlines the scope of operational risks, including both internal risks from failures and external strategic risks. It also describes the causes, events, and consequences of operational risks, as well as the role and processes of operational risk management programs, including risk identification, assessment, measurement, monitoring, and mitigation.
How often have you wondered, “what else can go wrong and how are all the risks interconnected?” Developing a risk governance program, a stress testing and scenario analysis program, as well as a risk appetite statement, can help you build an effective, proactive risk management strategy and enhance the risk culture of your institution.
RMA's Risk Appetite Workbook is a practical guide to understanding and developing a risk appetite statement that is appropriate for your bank. Also available are workbooks on Scenario Analysis & Stress Testing for Community Banks, and Governance & Policies.
This document provides an overview of risk management concepts and frameworks. It defines key risk types such as credit risk, operational risk, market risk, and enterprise risk. It also discusses important risk management standards and regulations such as Basel II, Solvency II, Sarbanes-Oxley, and MIFID. Additionally, it outlines the risk management process and covers topics like risk assessment, analysis, handling, and important risk terms and approaches.
This document discusses operational risk management (ORM) for flight safety courses. It provides an overview of ORM, defines key ORM concepts like risk and hazard, and outlines the six-step ORM process of identifying hazards, assessing risks, analyzing risk control measures, making control decisions, implementing controls, and supervising and reviewing the process. The goal of ORM is to protect personnel and resources while maximizing capabilities and mission effectiveness.
It provides a general overview of enterprise risk management principles which can help to transform corporate from risk exposure to the risk protected. Consideration for basic steps in Risk Management Process are critically and logically analysed
Delivering stronger business security and resiliencezadok001
This document discusses delivering stronger business security and resilience in a weak financial climate. It covers the spectrum of threats facing organizations, including terrorism, crime, and insider threats. It emphasizes taking a risk-led approach to determine appropriate security based on an organization's risk appetite. Client needs are also discussed, including the desire for easy risk analysis, scalable solutions, and a return on investment. The document recommends design-based solutions like converged networks and smarter devices, as well as operations-based solutions like unified command and control. It stresses the importance of standards, best practices, and risk assessments tailored to an organization's specific form, function and budget.
The document discusses enterprise risk management (ERM) and its rising importance for information security practices. ERM aims to align security solutions with business priorities by analyzing overall IT risks, prioritizing risk mitigation actions, and taking a managed approach to enterprise investments. Key drivers of ERM adoption include changing regulations, expanding business threats, and interest in simplifying security management.
This document provides an overview of a public workshop on enterprise risk management given by Deddy Jacobus. It introduces Deddy Jacobus and his qualifications and experience in risk management. The workshop objectives are to establish the importance of enterprise risk management for achieving corporate objectives and provide an overview of the ISO 31000:2009 risk management principles and guidelines. Key aspects of enterprise risk management frameworks from COSO 2004 and ISO 31000:2009 are summarized, including the risk management process, risk assessment methods, risk registers, and establishing risk appetite and tolerance levels.
CBIZ MHM Special Report: THE EMERGING FRONTIERS OF RISK MANAGEMENT - TODAY’S ...CBIZ, Inc.
How well prepared is your company for the risks, expectations, and stresses on internal controls that lie ahead?
This report will help you understand how your company compares with others and what steps you can take now to improve the way you manage risks.
For more information visit http://www.cbiz.com/ras/
Overview of Enterprise Risk Management (ERM)Segun Ogunwale
This document provides an introduction to enterprise risk management (ERM) concepts. It discusses ERM concepts such as risk, risk management, and the evolution of ERM from focusing only on financial risks to a more holistic approach. It also covers ERM definitions, frameworks, roles and responsibilities, and benefits. Examples of risks for the public sector are also presented, along with conclusions on implementing ERM as a strategy and corporate culture.
The document outlines an agenda for a 2009 conference on internal audit solutions that will discuss the evolving roles of the Chief Risk Officer and Chief Audit Executive, strategies for an effective partnership between these roles, and how the current economic crisis has impacted enterprise risk management approaches. It also provides background on the development of these risk management roles and compares the key responsibilities of the Chief Risk Officer and Chief Audit Executive.
Siegfried addressing current governance and risk management challenges in gov...icgfmconference
The document summarizes a presentation by Alan Siegfried on addressing current governance and risk management challenges in governmental and international organizations. Siegfried discusses how the global economic turmoil has shaken stakeholder confidence and presents opportunities for internal audit to demonstrate leadership in risk management. He outlines 10 current challenges for governance and risk management functions and potential roles for internal audit in risk assessment and monitoring organizational governance.
The document discusses corporate risk management. It defines risk as events that can damage a company's income and reputation. Risk is inherent in all businesses and managing it is important. The document outlines the risk management process, which includes determining objectives, identifying risks, evaluating risks, developing policies and strategies, implementing policies, and reviewing effectiveness. It also discusses sources of risk like interest rate risk, exchange risk, and business risk. Risk management techniques can be internal, involving day-to-day operations, or external, involving financial contracts with other entities. Guidelines for effective risk management include using flexible strategies and bringing risk to an optimal level for the company.
This document discusses deploying risk management in small and medium enterprises (SMEs). It defines risk and outlines the types of risks facing SMEs, including credit, operational, market, liquidity, legal, and compliance risks. It also describes enterprise risk management (ERM), which deals with risks and opportunities affecting value creation. The key components of an ERM framework include risk assessment, risk response, control activities, information and communication, and monitoring. Implementing ERM can help SMEs align strategy with risk appetite, reduce losses, improve overall risk ratings, and facilitate long-term survival.
An assessment of risk management of small and medium scale enterprises in nig...Alexander Decker
This document summarizes a research study that assessed risk management among small and medium enterprises (SMEs) in Nigeria. The study examined SME accounting records and insurance policies. It found that SMEs do not maintain proper accounts, making it difficult to identify and manage risks. Additionally, 84% of SMEs did not have insurance to cover business risks outside of their control. The study recommends SMEs maintain proper accounting records to better plan for and manage risks, and purchase insurance to protect against losses from uncontrollable risks.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
April 2010 - Journal of Securities Law, Regulation & Compliance Volume 3 Number 2
Compliance risk: A critical business risk
for asset managers
ABSTRACT
2010 presents a historical moment to define the
path forward to the ‘future of enterprise risk
management and mitigation strategies’ of
increasing compliance risk for asset managers.1–4
The recent financial crises and cases of material
compliance violations, Ponzi schemes, fraudulent
activities, misappropriation of investors’ assets
and collapse of major financial firms have had
significant, harmful impact on investors and
shareholders. Serious compliance violations, such
as insider trading, have proven to be self-destructive
to asset managers. No one is immune to
these trends. ‘Enterprise Risk Management —
2010 and Beyond Forward Looking Approach
by Asset Managers’ is a series of papers dedicated
to regulatory developments and industry best practices in the enterprise risk management
with a focus on ‘compliance risk: a critical business
risk for asset managers’.
Risk management for law firms chapter 1 ark 2009 by dave cunninghamDavid Cunningham
This document provides an overview of effective risk management for law firms. It discusses that risk management involves balancing risks and opportunities to positively impact a firm's competitive standing. While risk responsibilities were traditionally fragmented, firms are increasingly taking an enterprise-wide view of risk management led by roles like the general counsel. The document outlines key types of risks facing law firms and how risk roles and responsibilities are evolving to take a more proactive, holistic approach to identifying, assessing, and monitoring risks across a firm. It provides guidance on implementing an effective risk management process including communication, context-setting, assessment, treatment, and ongoing monitoring.
This document discusses risk management. It defines risk management as the process of identifying, assessing, and controlling threats to an organization's capital and earnings. It notes that risk sources include financial uncertainties, legal liabilities, technology issues, strategic management issues, accidents, and natural disasters. The document emphasizes that risk management is important because it provides a holistic strategy and helps organizations determine which risks they can accept and which require additional controls. It also outlines some differences between traditional and enterprise risk management approaches, as well as differences in risk management for different types of companies. The document concludes by listing some common risk categories and frameworks for risk management.
Common Risk Management failures include lack of organizational integration, outdated risk measurement capabilities, and failure to view risk management as an enabler of long-term competitive advantage rather than just a preventative measure. Major challenges in establishing effective ERM include organizational silos, growing and changing risks, and cost pressures. As risk management becomes more strategic, companies are expected to increase spending to improve risk capabilities across the organization.
The document compares three major risk management frameworks: NIST, ISO, and COSO. NIST focuses on information security and risk management for US federal systems. ISO provides generic international guidelines for diverse organizations. COSO emphasizes internal controls and accurate reporting. While the frameworks differ in scope and focus, they all aim to guide organizations in managing risks through integrated strategies. Organizations should analyze features of each to determine the best combination for their unique needs and objectives.
This document provides an overview of operational risk and risk management. It defines operational risk as "the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events." It outlines the scope of operational risks, including both internal risks from failures and external strategic risks. It also describes the causes, events, and consequences of operational risks, as well as the role and processes of operational risk management programs, including risk identification, assessment, measurement, monitoring, and mitigation.
How often have you wondered, “what else can go wrong and how are all the risks interconnected?” Developing a risk governance program, a stress testing and scenario analysis program, as well as a risk appetite statement, can help you build an effective, proactive risk management strategy and enhance the risk culture of your institution.
RMA's Risk Appetite Workbook is a practical guide to understanding and developing a risk appetite statement that is appropriate for your bank. Also available are workbooks on Scenario Analysis & Stress Testing for Community Banks, and Governance & Policies.
This document provides an overview of risk management concepts and frameworks. It defines key risk types such as credit risk, operational risk, market risk, and enterprise risk. It also discusses important risk management standards and regulations such as Basel II, Solvency II, Sarbanes-Oxley, and MIFID. Additionally, it outlines the risk management process and covers topics like risk assessment, analysis, handling, and important risk terms and approaches.
This document discusses operational risk management (ORM) for flight safety courses. It provides an overview of ORM, defines key ORM concepts like risk and hazard, and outlines the six-step ORM process of identifying hazards, assessing risks, analyzing risk control measures, making control decisions, implementing controls, and supervising and reviewing the process. The goal of ORM is to protect personnel and resources while maximizing capabilities and mission effectiveness.
It provides a general overview of enterprise risk management principles which can help to transform corporate from risk exposure to the risk protected. Consideration for basic steps in Risk Management Process are critically and logically analysed
Delivering stronger business security and resiliencezadok001
This document discusses delivering stronger business security and resilience in a weak financial climate. It covers the spectrum of threats facing organizations, including terrorism, crime, and insider threats. It emphasizes taking a risk-led approach to determine appropriate security based on an organization's risk appetite. Client needs are also discussed, including the desire for easy risk analysis, scalable solutions, and a return on investment. The document recommends design-based solutions like converged networks and smarter devices, as well as operations-based solutions like unified command and control. It stresses the importance of standards, best practices, and risk assessments tailored to an organization's specific form, function and budget.
The document discusses enterprise risk management (ERM) and its rising importance for information security practices. ERM aims to align security solutions with business priorities by analyzing overall IT risks, prioritizing risk mitigation actions, and taking a managed approach to enterprise investments. Key drivers of ERM adoption include changing regulations, expanding business threats, and interest in simplifying security management.
This document provides an overview of a public workshop on enterprise risk management given by Deddy Jacobus. It introduces Deddy Jacobus and his qualifications and experience in risk management. The workshop objectives are to establish the importance of enterprise risk management for achieving corporate objectives and provide an overview of the ISO 31000:2009 risk management principles and guidelines. Key aspects of enterprise risk management frameworks from COSO 2004 and ISO 31000:2009 are summarized, including the risk management process, risk assessment methods, risk registers, and establishing risk appetite and tolerance levels.
CBIZ MHM Special Report: THE EMERGING FRONTIERS OF RISK MANAGEMENT - TODAY’S ...CBIZ, Inc.
How well prepared is your company for the risks, expectations, and stresses on internal controls that lie ahead?
This report will help you understand how your company compares with others and what steps you can take now to improve the way you manage risks.
For more information visit http://www.cbiz.com/ras/
Overview of Enterprise Risk Management (ERM)Segun Ogunwale
This document provides an introduction to enterprise risk management (ERM) concepts. It discusses ERM concepts such as risk, risk management, and the evolution of ERM from focusing only on financial risks to a more holistic approach. It also covers ERM definitions, frameworks, roles and responsibilities, and benefits. Examples of risks for the public sector are also presented, along with conclusions on implementing ERM as a strategy and corporate culture.
The document outlines an agenda for a 2009 conference on internal audit solutions that will discuss the evolving roles of the Chief Risk Officer and Chief Audit Executive, strategies for an effective partnership between these roles, and how the current economic crisis has impacted enterprise risk management approaches. It also provides background on the development of these risk management roles and compares the key responsibilities of the Chief Risk Officer and Chief Audit Executive.
Siegfried addressing current governance and risk management challenges in gov...icgfmconference
The document summarizes a presentation by Alan Siegfried on addressing current governance and risk management challenges in governmental and international organizations. Siegfried discusses how the global economic turmoil has shaken stakeholder confidence and presents opportunities for internal audit to demonstrate leadership in risk management. He outlines 10 current challenges for governance and risk management functions and potential roles for internal audit in risk assessment and monitoring organizational governance.
The document discusses corporate risk management. It defines risk as events that can damage a company's income and reputation. Risk is inherent in all businesses and managing it is important. The document outlines the risk management process, which includes determining objectives, identifying risks, evaluating risks, developing policies and strategies, implementing policies, and reviewing effectiveness. It also discusses sources of risk like interest rate risk, exchange risk, and business risk. Risk management techniques can be internal, involving day-to-day operations, or external, involving financial contracts with other entities. Guidelines for effective risk management include using flexible strategies and bringing risk to an optimal level for the company.
This document discusses deploying risk management in small and medium enterprises (SMEs). It defines risk and outlines the types of risks facing SMEs, including credit, operational, market, liquidity, legal, and compliance risks. It also describes enterprise risk management (ERM), which deals with risks and opportunities affecting value creation. The key components of an ERM framework include risk assessment, risk response, control activities, information and communication, and monitoring. Implementing ERM can help SMEs align strategy with risk appetite, reduce losses, improve overall risk ratings, and facilitate long-term survival.
An assessment of risk management of small and medium scale enterprises in nig...Alexander Decker
This document summarizes a research study that assessed risk management among small and medium enterprises (SMEs) in Nigeria. The study examined SME accounting records and insurance policies. It found that SMEs do not maintain proper accounts, making it difficult to identify and manage risks. Additionally, 84% of SMEs did not have insurance to cover business risks outside of their control. The study recommends SMEs maintain proper accounting records to better plan for and manage risks, and purchase insurance to protect against losses from uncontrollable risks.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
April 2010 - Journal of Securities Law, Regulation & Compliance Volume 3 Number 2
Compliance risk: A critical business risk
for asset managers
ABSTRACT
2010 presents a historical moment to define the
path forward to the ‘future of enterprise risk
management and mitigation strategies’ of
increasing compliance risk for asset managers.1–4
The recent financial crises and cases of material
compliance violations, Ponzi schemes, fraudulent
activities, misappropriation of investors’ assets
and collapse of major financial firms have had
significant, harmful impact on investors and
shareholders. Serious compliance violations, such
as insider trading, have proven to be self-destructive
to asset managers. No one is immune to
these trends. ‘Enterprise Risk Management —
2010 and Beyond Forward Looking Approach
by Asset Managers’ is a series of papers dedicated
to regulatory developments and industry best practices in the enterprise risk management
with a focus on ‘compliance risk: a critical business
risk for asset managers’.
Risk management for law firms chapter 1 ark 2009 by dave cunninghamDavid Cunningham
This document provides an overview of effective risk management for law firms. It discusses that risk management involves balancing risks and opportunities to positively impact a firm's competitive standing. While risk responsibilities were traditionally fragmented, firms are increasingly taking an enterprise-wide view of risk management led by roles like the general counsel. The document outlines key types of risks facing law firms and how risk roles and responsibilities are evolving to take a more proactive, holistic approach to identifying, assessing, and monitoring risks across a firm. It provides guidance on implementing an effective risk management process including communication, context-setting, assessment, treatment, and ongoing monitoring.
This document discusses risk management. It defines risk management as the process of identifying, assessing, and controlling threats to an organization's capital and earnings. It notes that risk sources include financial uncertainties, legal liabilities, technology issues, strategic management issues, accidents, and natural disasters. The document emphasizes that risk management is important because it provides a holistic strategy and helps organizations determine which risks they can accept and which require additional controls. It also outlines some differences between traditional and enterprise risk management approaches, as well as differences in risk management for different types of companies. The document concludes by listing some common risk categories and frameworks for risk management.
Common Risk Management failures include lack of organizational integration, outdated risk measurement capabilities, and failure to view risk management as an enabler of long-term competitive advantage rather than just a preventative measure. Major challenges in establishing effective ERM include organizational silos, growing and changing risks, and cost pressures. As risk management becomes more strategic, companies are expected to increase spending to improve risk capabilities across the organization.
Dtt Fsi Global Risk Management Survey Fifth Editionbartonp
The document is a summary of findings from Deloitte's fifth global risk management survey of 130 financial institutions with nearly $21 trillion in total assets. Key findings include:
1) Risk management oversight has risen to the board level at 70% of institutions compared to 59% in 2004.
2) 84% of institutions now have a Chief Risk Officer compared to 65% in 2002.
3) Institutions rate themselves most effective at managing traditional risks like market, credit, and liquidity, and less effective at newer risks like operational and geopolitical risks.
4) Only 35% of institutions have fully implemented enterprise-wide risk management programs.
MetisGRC is a governance and risk management consultancy that helps clients improve their performance through better governance and risk management practices. They provide assessments, surveys, advisory services, project management, coaching and education. Their clients include investors, shareholders, supervisors and other stakeholders. MetisGRC believes that good governance and risk management can reduce costs, improve efficiency and create value by strengthening stakeholder relationships. They help organizations implement transparent governance structures and risk management strategies and policies to enhance performance and meet stakeholder expectations.
This document is a term paper submitted by Anu Damodaran to her faculty guide, Mr. C.T. Sunil, in partial completion of her MBA program at Amity University in Dubai. The paper is titled "To study ERM - A competitive edge for the company and how it adds value to its shareholders". The introduction provides background on enterprise risk management (ERM) and its importance for businesses facing various strategic, market, operational and financial risks. The paper will review literature on ERM and explore how companies can implement ERM through risk mapping and maturity models. It will also discuss the advantages, suitability and limitations of ERM for businesses.
This document provides an introduction to enterprise risk management (ERM). It discusses how ERM aims to protect and increase value for an organization by taking an integrated approach to managing risks across the entire enterprise. ERM calls for high-level oversight of all risks on a portfolio basis. The document provides background on the evolution of risk management and outlines some of the key risks organizations face today from globalization and other factors. It also notes that chief risk officers and risk committees are important for overseeing ERM.
The document discusses the role of chartered accountants in enterprise risk management. It begins with defining risk and the types of risks faced by organizations. It then explains what enterprise risk management is, its importance and benefits. It outlines the statutory requirements for ERM in India per the Companies Act and SEBI regulations. Finally, it details the various ways chartered accountants can facilitate the ERM process, such as conducting process audits, developing ERM frameworks, and assisting with implementation.
This document provides a summary of a report on managing risk in challenging economic times. It makes the following key points:
1. Risk managers at financial institutions warned of growing risks in the years leading up to the financial crisis but lacked the authority to curb excessive risk-taking driven by profit motives.
2. The report examines 10 practical lessons for improving risk management practices, including giving risk managers greater authority, ensuring risk expertise at senior levels, and balancing risk factors across all business units.
3. Interviews with industry and academic experts informed the report's findings. It provides questions for companies outside of finance to consider regarding their own risk governance and risk oversight practices.
The document discusses operational risk and its importance in banking regulations like Basel III. Operational risk is defined as losses from failed internal processes, people, or systems or external events. The document advocates for strong operational risk management frameworks with three lines of defense: business management, an independent operational risk function, and independent review.
The document discusses several topics related to operational risk and compliance:
1. People risk/behaviours are a major component of operational risk and financial institutions. Poor people risk management can lead to failures and risks.
2. Compliance risk is a major concern for operational risk managers and should be monitored and mitigated like other operational risks. Compliance failures can have serious financial and reputational impacts.
3. There is overlap between operational risk and compliance functions. Effective communication is needed between the two to manage compliance risk as part of overall operational risk.
This document is a report from the Senior Supervisors Group assessing risk management practices at major global financial institutions during recent market turmoil. It finds that firms with concentrated exposure to subprime mortgage securitizations suffered major losses, while those with comprehensive firm-wide risk identification and independent valuation practices fared better. It also notes challenges in managing liquidity needs and leveraged loan commitments. The report recommends supervisors strengthen regulatory frameworks and firms improve risk management, including senior oversight, stress testing, and liquidity planning.
This document outlines the agenda and key topics for a panel discussion on law firm risk management. The panel will discuss how to define risk, common legal risk types like IT, financial, and practice management risks. They will also cover the business benefits of effective risk management, differences between the UK and US risk environments, evolving risk roles in law firms, and future directions for the field. The discussion aims to provide three next steps firms can take to improve their risk management and will conclude with a question and answer session.
This document discusses rethinking risk management for new market realities. It provides an overview of how 2011 marked a year of reckoning for risk management as the financial crisis and recession altered the global marketplace and how to think about risk. The document examines the top strategic and regional risks that lie ahead for companies in 2012 based on a global executive survey. It also discusses how leading companies have shifted their risk management focus to be more external, strategic, and top-down oriented in response to this new risk era.
This document provides an overview of risk management concepts and frameworks. It defines key risk types such as credit risk, operational risk, market risk, and enterprise risk. It also discusses important risk management standards and regulations such as Basel II, Solvency II, Sarbanes-Oxley, and MIFID. Additionally, it outlines the risk management process and covers topics like risk assessment, analysis, handling, and important risk terms and approaches.
Since the onset of the global financial crisis in 2008, businesses around the world have faced a barrage of new risk-related challenges.
The macroeconomic environment of recent years, marked by the global financial crisis, fiscal uncertainty in the US and sovereign debt problems in Europe, has also helped to make companies more riskaverse, leading them to swap bold investment decisions for more cautious behaviour and cash hoarding. The tide is turning, however, with most expecting 2014 to mark a return to growth...
Enterprise risk management involves identifying risks, evaluating their significance, developing risk management policies, and using techniques to mitigate risks. It is a key part of business management processes and helps organizations anticipate, prevent, monitor, and mitigate risks from sources like the financial markets, business operations, and the external environment. The goal is to optimize risk control, prevention, and retention to create shareholder wealth and manage risks proactively as uncertainties in the business environment continuously change.
I need a response to the discussion in APA format.docx4934bk
Enterprise risk management (ERM) is a process used by companies to plan for, manage, and mitigate risks that could impact earnings and capital. ERM addresses strategic, operational, financial, and accidental risks. Key elements of ERM include assessing significant risks and implementing appropriate risk responses such as risk acceptance, avoidance, transfer, or mitigation. The University of California adopted ERM to reduce overall risk and its Office of Risk Management regularly updates risk plans. Risk governance and culture are critical components of an effective ERM program.
Similar to Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April 2010 Volume 3 Number 2 (20)
3 Simple Steps To Buy Verified Payoneer Account In 2024SEOSMMEARTH
Buy Verified Payoneer Account: Quick and Secure Way to Receive Payments
Buy Verified Payoneer Account With 100% secure documents, [ USA, UK, CA ]. Are you looking for a reliable and safe way to receive payments online? Then you need buy verified Payoneer account ! Payoneer is a global payment platform that allows businesses and individuals to send and receive money in over 200 countries.
If You Want To More Information just Contact Now:
Skype: SEOSMMEARTH
Telegram: @seosmmearth
Gmail: seosmmearth@gmail.com
Top 10 Free Accounting and Bookkeeping Apps for Small BusinessesYourLegal Accounting
Maintaining a proper record of your money is important for any business whether it is small or large. It helps you stay one step ahead in the financial race and be aware of your earnings and any tax obligations.
However, managing finances without an entire accounting staff can be challenging for small businesses.
Accounting apps can help with that! They resemble your private money manager.
They organize all of your transactions automatically as soon as you link them to your corporate bank account. Additionally, they are compatible with your phone, allowing you to monitor your finances from anywhere. Cool, right?
Thus, we’ll be looking at several fantastic accounting apps in this blog that will help you develop your business and save time.
Taurus Zodiac Sign: Unveiling the Traits, Dates, and Horoscope Insights of th...my Pandit
Dive into the steadfast world of the Taurus Zodiac Sign. Discover the grounded, stable, and logical nature of Taurus individuals, and explore their key personality traits, important dates, and horoscope insights. Learn how the determination and patience of the Taurus sign make them the rock-steady achievers and anchors of the zodiac.
Discover timeless style with the 2022 Vintage Roman Numerals Men's Ring. Crafted from premium stainless steel, this 6mm wide ring embodies elegance and durability. Perfect as a gift, it seamlessly blends classic Roman numeral detailing with modern sophistication, making it an ideal accessory for any occasion.
https://rb.gy/usj1a2
The Genesis of BriansClub.cm Famous Dark WEb PlatformSabaaSudozai
BriansClub.cm, a famous platform on the dark web, has become one of the most infamous carding marketplaces, specializing in the sale of stolen credit card data.
❼❷⓿❺❻❷❽❷❼❽ Dpboss Matka Result Satta Matka Guessing Satta Fix jodi Kalyan Final ank Satta Matka Dpbos Final ank Satta Matta Matka 143 Kalyan Matka Guessing Final Matka Final ank Today Matka 420 Satta Batta Satta 143 Kalyan Chart Main Bazar Chart vip Matka Guessing Dpboss 143 Guessing Kalyan night
Navigating the world of forex trading can be challenging, especially for beginners. To help you make an informed decision, we have comprehensively compared the best forex brokers in India for 2024. This article, reviewed by Top Forex Brokers Review, will cover featured award winners, the best forex brokers, featured offers, the best copy trading platforms, the best forex brokers for beginners, the best MetaTrader brokers, and recently updated reviews. We will focus on FP Markets, Black Bull, EightCap, IC Markets, and Octa.
Unveiling the Dynamic Personalities, Key Dates, and Horoscope Insights: Gemin...my Pandit
Explore the fascinating world of the Gemini Zodiac Sign. Discover the unique personality traits, key dates, and horoscope insights of Gemini individuals. Learn how their sociable, communicative nature and boundless curiosity make them the dynamic explorers of the zodiac. Dive into the duality of the Gemini sign and understand their intellectual and adventurous spirit.
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
Storytelling is an incredibly valuable tool to share data and information. To get the most impact from stories there are a number of key ingredients. These are based on science and human nature. Using these elements in a story you can deliver information impactfully, ensure action and drive change.
SATTA MATKA SATTA FAST RESULT KALYAN TOP MATKA RESULT KALYAN SATTA MATKA FAST RESULT MILAN RATAN RAJDHANI MAIN BAZAR MATKA FAST TIPS RESULT MATKA CHART JODI CHART PANEL CHART FREE FIX GAME SATTAMATKA ! MATKA MOBI SATTA 143 spboss.in TOP NO1 RESULT FULL RATE MATKA ONLINE GAME PLAY BY APP SPBOSS
𝐔𝐧𝐯𝐞𝐢𝐥 𝐭𝐡𝐞 𝐅𝐮𝐭𝐮𝐫𝐞 𝐨𝐟 𝐄𝐧𝐞𝐫𝐠𝐲 𝐄𝐟𝐟𝐢𝐜𝐢𝐞𝐧𝐜𝐲 𝐰𝐢𝐭𝐡 𝐍𝐄𝐖𝐍𝐓𝐈𝐃𝐄’𝐬 𝐋𝐚𝐭𝐞𝐬𝐭 𝐎𝐟𝐟𝐞𝐫𝐢𝐧𝐠𝐬
Explore the details in our newly released product manual, which showcases NEWNTIDE's advanced heat pump technologies. Delve into our energy-efficient and eco-friendly solutions tailored for diverse global markets.
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April 2010 Volume 3 Number 2
1. Journal of Securities Law, Regulation & Compliance Volume 3 Number 2
Compliance risk: A critical business risk
for asset managers
Yvonne I. Pytlik* and Jennifer S. Myers**
Received (in revised form): 25th February, 2010
*Global Compliance Risk Management Corporation, 245 Park Avenue, 24th Floor,
New York, NY 10022, USA.
Tel: +1 781 835 8360; E-mail: ypytlik@GlobalRMC.com
**Global Compliance Risk Management Corporation, 245 Park Avenue, 24th Floor,
New York, NY 10022, USA.
E-mail: jmyers@GlobalRMC.com
Yvonne I. Pytlik is a Managing Partner at Global management and mitigation strategies’ of
Compliance Risk Management Corporation increasing compliance risk for asset managers.1–4
(GlobalRMC) in New York City. GlobalRMC, a The recent financial crises and cases of material
strategic advisory and compliance risk manage- compliance violations, Ponzi schemes, fraudulent
ment firm, focuses on Enterprise Risk activities, misappropriation of investors’ assets
Management principles, governance techniques and collapse of major financial firms have had
and cutting-edge compliance solutions. Yvonne significant, harmful impact on investors and
is a senior executive and one of the industry’s shareholders. Serious compliance violations, such
most highly regarded strategists in compliance as insider trading, have proven to be self-destruc-
risk management and corporate governance for tive to asset managers. No one is immune to
financial institutions. As a global head of risk these trends. ‘Enterprise Risk Management —
management at Deutsche Bank AG, she devel- 2010 and Beyond Forward Looking Approach
oped and implemented global risk management by Asset Managers’ is a series of papers dedi-
and governance oversight in the Americas, cated to regulatory developments and industry
Europe and Asia-Pacific regions. She is a com- best practices in the enterprise risk management
pliance subject-matter expert in CCO regula- with a focus on ‘compliance risk: a critical busi-
tions for global asset managers. ness risk for asset managers’.
Jennifer S. Myers is a Managing Partner at Keywords: risk management, compli-
GlobalRMC. She is a senior compliance and risk ance, compliance risk, governance,
management lawyer who provides analysis and chief compliance officer, SEC, FINRA,
strategic advice to financial institutions and FED, FDIC, FSA
asset managers on regulatory compliance, risk
management, and corporate governance issues.
She began her career at the New York City office INTRODUCTION
of Shearman & Sterling. Jennifer holds a JD The most recent financial crisis and major
degree from Harvard Law School and a BA from overhaul of financial services regulations are
Yale University. causing asset managers to challenge their
enterprise risk management infrastructure,
Journal of Securities Law, ABSTRACT governance, methodologies, standards and
Regulation & Compliance
Vol. 3 No. 2, pp. 180–189 2010 presents a historical moment to define the processes to further improve their risk man-
Henry Stewart Publications,
1758–0013 path forward to the ‘future of enterprise risk agement efforts. 2010 is a historical
Page 180
2. Pytlik and Myers
moment to define the path forward to the Management is a critical strategic and
‘future of enterprise risk management’ and business decision-making framework for
mitigation strategies of increasing compli- identifying, monitoring and managing risk
ance risk for asset managers. across the whole organisation.
The recent array of material compli- The recent financial crisis and material
ance violations, Ponzi schemes and fraud- compliance violations, in many cases,
ulent activities,5 misappropriation of resulted from inadequate risk management
investors’ assets and collapse of major functions and weaknesses in compliance
financial institutions have had significant, governance leading to business risks. These
harmful impact on investors and share- risks directly resulted in reputational
holders.6 damage for asset managers, a collapse of
Compliance is becoming a critical ele- financial institutions and significant capital
ment of an overall enterprise risk manage- losses for investors and shareholders.
ment framework. Leading asset managers In her 2010 Testimony Concerning the
are taking a proactive and comprehensive State of the Financial Crisis, US Securities
approach in identifying emerging risks, and Exchange Commission (SEC)
such as compliance and business risks. Chairman Mary L. Schapiro highlighted
Compliance risk is expected to increase the primary causes of the financial crisis
even further due to re-assessing post-crisis related to risk management:7
economic conditions, increasing complex-
ity of business offerings, global business • A siloed financial regulatory framework
expansions combined with increasing that lacked the ability to monitor and
complexity of the regulatory landscape, reduce risks across entities and markets.
cross-jurisdictional regulations and the • Insufficient risk management and risk
imposition of higher compliance standards oversight by boards and management.
by regulators and investors. • Perverse incentives and asymmetric
The challenge for most asset managers is compensation arrangements that
to effectively manage enterprise and com- encouraged significant risk-taking.
pliance risks, find efficiency in the way that • A widespread view that markets were
risk management protects and creates the almost always self-correcting resulted in
greatest value for asset managers, investors weaker standards and regulatory gaps.
and shareholders by balancing risk, cost • The proliferation of complex financial
and value across the enterprise. Asset man- products that was not fully transparent.
agers who effectively address this challenge
will not only protect their firm by creating The SEC and other regulatory agencies
sustainable values, but will also outperform will continue to address legal and regula-
their competitors. tory gaps that came to light during the
recent crises thus helping policymakers to
build better regulatory oversight across
2010 REGULATORY FOCUS financial services industry.
Regulators are urging board members and
senior managers to be more proactive in
setting risk ‘appetite’ for financial institu- COMPLIANCE RISK IS EMERGING AS
tions, establish effective risk governance CRITICAL BUSINESS RISK
oversight and compliance programmes, Enterprise Risk Management with com-
and in setting and maintaining a stated tol- pliance as a critical component to mitigate
erance for risk. Enterprise Risk business risk is a forward-looking
Page 181
3. Compliance risk: A critical business risk for asset managers
approach that regulators will enforce and business risk, equally, material compliance
pro-active asset management embrace violations lead to serious consequences for
going forward to protect their firms, asset managers, which in turn, become
investors and shareholders.8–10 business risk.13
Regulators and leading asset manage- The recent cases of insider trading,
ment firms strive to improve their risk Ponzi schemes, fraud and other compli-
management efforts and aspire towards the ance violations have had a tremendous
integration of risk management infrastruc- impact on the industry. Serious compli-
ture, methodologies and standards with ance violations impact investors, share-
compliance as a critical component of a holders and are self-destructive to asset
‘single view of risk’ across the organisation. managers themselves. No one is immune
The US Federal Reserve Board to these trends.14
Chairman Ben S. Bernake has explicitly As the recent demise of Galleon
stated that ‘policy makers must insist that Management LP clearly shows, one of the
the large financial firms be capable of mon- most significant business risks that asset
itoring and managing their risk in a timely managers face today is compliance risk.
manner and on an enterprise-wide basis’. Perhaps, a better word might be ‘vaporisa-
In October 2009, a group of senior tion’ — in the face of parallel civil and
financial supervisors from five major criminal cases brought by the SEC against
nations reported that financial firms still Galleon, the former high-flying hedge
need ‘full and ongoing commitment to fund went out of business in a matter of
risk control by management, as well as days.
dedication of considerable resources As Robert Khuzami, Director of the
toward developing the necessary informa- SEC’s Division of Enforcement,15 point-
tion technology infrastructure’ to imple- edly stated in announcing the Galleon
ment the best practices for pro-active risk indictments: ‘We [SEC] are developing a
management in their firms.11 variety of initiatives to do that involve
President Obama’s ‘Financial greater specialisation and expertise,
Regulatory Reform’ and other regulatory improved technological tools to track and
initiatives currently before the US Senate, analyse trading, better coordination
also impose higher regulatory standards among regulators and law enforcement,
and implies best practices that will guide new legislative initiatives, and other
the financial services industry in imple- means to address these areas. It would be
menting effective risk management and wise for investment advisers and corpo-
compliance programmes. This new regula- rate executives to closely look at today’s
tory framework clearly positions case, their own internal operations, and
Enterprise Risk Management as the best the increasing focus and scrutiny on
practice for financial institutions to recali- hedge fund trading activity by the SEC
brate in a post-crisis global financial and others, and consider what lessons can
system.12 be learned and applied to their own
operations.’16
COMPLIANCE VIOLATIONS ARE
DETRIMENTAL TO ASSET REGULATORY ENFORCEMENT
MANAGERS Regulatory agencies clearly will enforce
As economic turmoil leads to compliance non-compliance and vigorously prosecute
risk, reputational damage and eventually to firms for violations. The SEC has histori-
Page 182
4. Pytlik and Myers
cally combated fraud in the financial mar- In her testimony concerning the state
kets as one of its key missions.17 of the financial crisis, SEC Chairman
From fiscal year (FY) 2007 through FY Mary L. Schapiro stated: ‘Consistent and
2009, the SEC opened 2,610 investiga- vigorous enforcement is a vital part of risk
tions and brought 1,991 cases charging a management and crisis avoidance — par-
variety of securities laws violations includ- ticularly in times and areas of substantial
ing, and beyond, those related to the causes financial innovation’ highlighting major
of the financial crisis.18 Major recent regu- future regulatory initiatives:19
latory enforcement actions include:
• The vital importance that vigorous
• October 2009, Galleon Group founder enforcement of existing laws and regu-
is arrested along with five others for lations plays in the fair and proper func-
US$20m insider trading scheme involv- tioning of financial markets.
ing IBM, Intel and McKinsey; • Vigorous enforcement is essential to
• December 2008, Bernard L. Madoff, restoring and maintaining investor con-
who is currently serving a 150-year fidence.
sentence in federal prison, orchestrated • Through aggressive and even-handed
a multi-billion dollar Ponzi scheme that enforcement, we deter others from
swindled money from thousands of engaging in wrongdoing.
investors; • Enforcement agencies should continue
• September 2009, the SEC accuses Reza to work together to address financial
Saleh for making US$8.6m in illegal crimes.
profit, which he agreed to return in set- • Large financial crimes can often involve
tlement with the SEC; multiple jurisdictions and legal frame-
• February 2008, Hong Kong banker and works making it essential for different
two others paid 24 million US Dollars agencies to work closely together.
to settle civil charges.
Even aside from the Galleon and Madoff LEADING ERM AND COMPLIANCE
cases, this is a critical moment for asset INDUSTRY BEST PRACTICES
managers to reassess their compliance risk Looking forward, a ‘single view across the
management programmes. Both Congress organisation towards the future of enter-
and the SEC have identified a need for prise risk management’ becomes a neces-
more rigorous risk management practices sary response to the evolution of risk.20–22
for the financial institutions, and hedge Enterprise Risk Management practices
fund regulation as key goals of an ambitious that ‘demonstrated a comprehensive
financial regulatory reform programme. approach to viewing firm-wide exposures
and risks’ were cited by the Senior
Supervisory Group as differentiating fac-
REGULATORY REFORMS tors to more effectively mitigate overall
The SEC’s enforcement initiatives to date business risks.
in 2010 reflect the broader scope of the Enterprise Risk Management, a firm-
pending regulatory reform. The SEC con- wide integrated risk management
siders much more aggressive enforcement approach allows financial firms to analyse
a ‘vital part of risk management and crisis current, evolving and emerging risks
avoidance’ to restore investor confidence across the whole firm. Compliance and
and hold market participants accountable. regulatory risk management is a vital
Page 183
5. Compliance risk: A critical business risk for asset managers
component to prevent compliance viola- The compliance programme should
tions thus to mitigate significant business generate a comprehensive and timely
risk to financial firms, banks, hedge funds, report for senior management and govern-
and asset managers. ance boards that provides current industry
This is a critical moment for asset man- ‘hot topics’, emerging regulatory, business
agers to reassess their compliance risk strategic, operational, financial, and market
management programmes and take much risks. Both qualitative and quantitative
more proactive actions to address compli- measures of internal controls’ effectiveness
ance risk as a critical business risk. and mitigation strategies of high risks for
There are several areas where proactive each business and compliance unit should
asset managers may protect their firms and be an integral part of corporate risk gover-
investors: first and foremost, having a nance and oversight.
single view across the organisation and
truly identifying in a systematic and
methodological way the highest risk across CORPORATE RISK GOVERNANCE
the organisation. One of these risks is In December 2009, the SEC adopted rule
insider trading which should be on the amendments that will significantly
agenda for boards and senior management improve disclosure in the key areas of risk,
and executive committees.23 compensation, corporate governance and
director qualifications, including:
COMPLIANCE RISK MITIGATION • Management and Boards of Directors
STRATEGIES to be more accountable. The quality of
As an integral part of an enterprise risk a board’s oversight of risk management
management strategy, financial firms can make an enormous difference in
should be looking at their internal envi- our economy, and particularly in finan-
ronments and achieving a greater under- cial markets.
standing as to how compliance violations • A fundamental concept underlying cor-
can be prevented, monitored and resolved porate law is that a company’s board of
in a timely manner. directors, while charged with oversight
Having a strong governance, escalation of the company, is accountable to its
process and remediation strategy is critical shareholders, who in turn have the
in mitigating compliance and business power to elect the board.
risks. From that perspective, asset managers • Thus, boards are accountable to share-
need strong methodologies and standards. holders for their decisions concerning,
The second area to be evaluated in light among other things, executive pay, and
of insider trading and other serious com- for their oversight of the companies’
pliance violations is companies’ compliance management and operations, including
programmes across the organisation. What the risks that companies undertake.
types of policies are in place to address • Enhanced disclosure about the deci-
serious compliance violations, including sions and performance of directors will
insider trading and other critical regulatory help shareholders make informed deci-
rules and laws? What kinds of procedures sions about the election of directors.
and control infrastructure are in place on • Short-term compensation incentives
the business side, and what supervision is in can drive long-term risk. Another
place to effectively identify insider trading lesson learned from the crisis is that
and serious compliance violations?24 there can be a direct relationship
Page 184
6. Pytlik and Myers
between compensation arrangements The Chief Compliance Officer should
and corporate risk taking. be empowered with full responsibility and
• Financial institutions created asymmet- authority to develop and enforce appro-
ric compensation packages that paid priate policies and procedures for the firm.
employees enormous sums for short-
term success, even if these same deci-
sions result in significant long-term GUIDING PRINCIPLES FOR
losses or failure for investors and tax- COMPLIANCE RISK MANAGEMENT
payers.25 According to the SEC Rules, a compli-
ance programme should be reasonably
designed to ensure compliance with fed-
FIDUCIARY RESPONSIBILITIES eral securities laws, including the follow-
In addition, the SEC is focusing on asset ing key components:30–35
managers’ fiduciary standard of conduct as
part of a heightened regulatory regime • Corporate governance with clearly
when providing services to their defined accountabilities and responsibil-
clients:26–28 ities for compliance programme;
• ‘Tone at the Top’ and a strong compli-
• Regulation should be rationalised for ance culture should be established
broker-dealers and investment advisers, through senior management commit-
particularly with respect to the services ment and partnership with compliance;
they provide to retail investors. • Enterprise risk assessment and manage-
• Investment advisers are fiduciaries to ment to properly identify systematic
their clients with a fundamental obliga- risks and mitigation strategies across an
tion to act in the best interests of clients organisation;
and to provide investment advice in • Appropriate oversight committees as a
clients’ best interests. forum for the business to raise its con-
• They have a duty of undivided loyalty cerns with Compliance and Legal
and utmost good faith and must not should be in place and meet regularly;
engage in any activity in conflict with • A high awareness level of compliance
the interest of any client. issues, including developing regulatory
• Fiduciary obligations mandate reason- trends, should be established;
able care to avoid misleading clients and • A risk assessment methodology and
to provide full and fair disclosure of all risk-based compliance programme,
material facts to clients and prospective including compliance audits, reviews
clients, including conflicts of interests. and testing, and service provider over-
Generally, facts are ‘material’ if a reason- sight should be in place;
able investor would consider them to be • A ‘global view’ on compliance and
important. regulatory requirements should be
• Departure from fiduciary standards may extended to encompass all relevant
constitute ‘fraud’. business activities and regions globally.
Registered investment companies and
registered investment advisers must have BUILDING AN EFFECTIVE
effective compliance programmes29 to COMPLIANCE PROGRAMME
prevent, detect and promptly correct com- The Chief Compliance Officer should
pliance violations. have a position of sufficient seniority and
Page 185
7. Compliance risk: A critical business risk for asset managers
authority within the organisation to ment methodology to ensure that the
compel others to adhere to the compli- identification and evaluation of compli-
ance policies and procedures:36–38 ance risks is a proactive and dynamic
process.
• Written compliance policies and proc- Asset managers should consider estab-
edures should be reasonably designed lishing a disciplined compliance risk
and implemented to prevent, detect and assessment methodology for identifying,
promptly correct any violation of the measuring and mitigating compliance
federal securities laws. risks.
• Comprehensive compliance monitor-
ing, surveillance programmes and foren-
sic testing over regulatory requirements ANNUAL RISK-BASED REVIEW AND
should be established. TESTING PROGRAMME
• Training should be regularly provided The review and testing programme is a
by Compliance and Legal to business robust process to validate key infrastruc-
personnel so they are aware of and may ture supporting the compliance pro-
properly supervise compliance with gramme requirements in place, to identify
regulatory requirements. potential conflicts of interest within the
• Regular management reporting of organisation and to identify compliance
standing compliance/legal issues and risk ‘trigger events’. The review and test-
open audit points should be in place to ing programme should encompass an
ensure accountability and expedient evaluation of the adequacy of the policies
resolution of compliance issues. and procedures and an assessment of the
• Open communication and escalation of effectiveness of their implementation,
compliance matters and issues to invest- supervisory controls, existence and evi-
ment company boards should be estab- dence of supervision, training and moni-
lished. toring programmes by asset managers in
• Compliance issues should be effectively connection with complying with federal
resolved and business groups should securities laws.
take responsibility for addressing areas
identified for improvement.
COMPLIANCE AND SURVEILLANCE
MONITORING, FORENSIC TESTING
COMPLIANCE RISK ASSESSMENT Asset managers should have a comprehen-
METHODOLOGY sive on going compliance programme for
A compliance risk assessment is an integral monitoring, surveillance and testing of
part of a compliance programme, guiding business activities to prevent, detect and
the allocation of compliance resources, promptly correct violations of federal
assisting in the development of compli- securities laws.
ance monitoring surveillance programmes, A comprehensive compliance pro-
and testing activities for those areas that gramme should monitor the following key
pose the greatest potential risks to asset regulations:
managers and their clients.
Because regulatory, economic, industry • Insider trading and Chinese walls, con-
and operating conditions will continue to flicts of interests, portfolio management
change, regulatory and market risk moni- — investment guidelines and restric-
toring should be built into the risk assess- tions monitoring;
Page 186
8. Pytlik and Myers
• Portfolio trading monitoring, cross- whether to implement these changes but
trade activity, trade allocation and what approach to take in implementing
bunching, trading with affiliates, soft them. As the business and regulatory envi-
dollars, insider trading, and personal ronment continues to evolve, asset man-
trading monitoring; agers that succeed will be those that can
• Gifts and entertainment monitoring; demonstrate the ability to drive business
• Code of Ethics, proxy voting, conflicts performance and achieve regulatory com-
of interests; sales practices, licensing and pliance by strategically aligning risk man-
registration, disclosures, marketing agement and business strategies.
materials review; One central mechanism for reducing
• Anti-money laundering review and systemic risk and pro-actively manage
monitoring. avoiding future crises as well as achieving
regulatory compliance is to ensure the
An asset manager’s goal should be to same rules apply to economically equiva-
develop and implement system-based lent asset managers globally. Asset managers
compliance monitoring, surveillance pro- should ensure that risk for similar products
grammes and forensic testing with a max- and asset classes are mitigated similarly.
imum level of automation.
CONCLUSION
CORPORATE OVERSIGHT AND Enterprise risk management is set to be on
ESCALATION REPORTING regulatory authorities, boards, investors,
The compliance programme should gen- shareholders and asset managers’ agendas
erate a comprehensive and timely report for some time to come. As asset managers
for senior management and investment seek the right enterprise risk management
governance boards. These reports typically approaches, there is a clear need in the
provide current industry ‘hot topics’ and financial services industry for more proac-
emerging enterprise-wide risks, including: tive, leading practice toward the ‘future of
business strategic, regulatory compliance, enterprise risk management’. A strategic
operational, financial, credit and market enterprise risk management approach can
risks. The qualitative and quantitative help asset managers to navigate and
measurements of internal controls effec- develop a more forward-looking approach
tiveness and mitigation strategies of high to effectively manage increasing compli-
risks should encompass each business and ance risk as a critical business risk.
compliance unit across an organisation. An effective compliance programme
across the organisation is a critical compo-
nent of business stability and success.
FORWARD-LOOKING RISK
MANAGEMENT AND COMPLIANCE
The current economic and business envi- References
ronment is forcing a fundamental change
(1) Schapiro, M. L. (2010) ‘Testimony
in the regulatory landscape, organisational Concerning the State of the Financial
culture, corporate governance and compli- Crisis’, SEC, Before the Financial Crisis
ance oversight of asset managers, and is Inquiry Commission, 14th January,
moving the industry towards a holistic http://www.sec.gov/news/testimony/20
view of enterprise risk management.39–41 10/ts011410mls.htm.
The choice facing asset managers is not Of the 1,991 cases, 519 (over 26 per
Page 187
9. Compliance risk: A critical business risk for asset managers
cent) involved financial fraud or public 15th March, 2010, and predecessor drafts.
company reporting violations; 511 (over (5) See ref. 3.
25 per cent) involved fraud or other (6) Ibid.
misconduct by broker-dealers, (7) See ref. 1.
investment advisers, or transfer agents; (8) Ibid.
330 (over 16 per cent) involved (9) See ref. 2.
fraudulent or unregistered offerings; and (10) See ref. 3.
272 (over 13 per cent) involved insider (11) October 2009, Senior Supervisors Group
trading or market manipulation. Other issued the ‘Risk Management Lessons
traditional programme areas include from the Global Banking Crisis of
delinquent filings and municipal 2008’, which concludes that there are
offerings. As part of these cases, the SEC four risk practices critical to achieve a
has sued among others, public balance of the effective enterprise risk
companies, corporate officers, auditors management and banks performance in
and audit firms, attorneys, the financial crisis: Effective firm-wide
broker-dealers, investment advisers, and risk identification and analysis;
self-regulatory organisations under the Consistent application of independent
SEC’s purview. and rigorous valuation practices across
(2) Khuzami, R. (2009), Speech by SEC the firm; Effective management of
Staff: Remarks at Press Conference, SEC funding liquidity, capital, and the balance
Division of Enforcement, SEC, 16th sheet; and Informative and responsive
October. http://www.sec.gov/news/ risk measurement and management
speech/2009/spch101609rk.htm. reporting, http://www.sec.gov/news/
(3) Rodier, M. ‘Insider Trading — Can press/2009/report102109.pdf.
Insider Trading Be Stopped’, Wall Street (12) See ref. 4.
and Technology. In what has been (13) See ref. 3.
termed the biggest insider trading ring (14) Ibid.
in a generation, the SEC recently (15) See ref. 2.
brought cases against the founder of the (16) Ibid.
Galleon Group hedge fund and former (17) Litigation Release No. 21407/4th
directors at a Bear Stearns hedge fund. February, 2010. Securities and Exchange
In a series of interviews, Senior Editor Commission v. Bank of America
Melanie Rodier spoke with Larry Tabb, Corporation, Civil Action Nos. 09-6829,
founder and CEO of TABB Group, and 10-0215 (S.D.N.Y). Bank Of America
Yvonne Pytlik, managing partner, Global Agrees to Pay US$150m to Settle SEC
Compliance Risk Management Corp., Charges. SEC Charges State Street for
about what processes and technology ‘Misleading Investors About Subprime
financial firms can use to stop insider Mortgage Investments’. Boston-Based
trading. http://www.globalcompliance Firm to Settle Charges by Repaying
risk.com/index.php/news. Fund Investors More Than US$300m.
(4) President’s Obama ‘Financial Regulatory ‘The Securities and Exchange
Reform’ and the US Regulators are Commission today charged
further imposing higher regulatory Boston-based State Street Bank and
standards and best practices to guide Trust Company with misleading its
‘Financial Services Industry in investors about their exposure to
implementing Risk Management and subprime investments while selectively
Compliance Programs’. President disclosing more complete information to
Obama’s Plan for Financial Regulatory specific investors’, http://www.sec.gov/
Reform. See generally, Draft of the litigation/litreleases/2010/lr21407.htm.
Restoring American Financial Stability (18) See ref. 2.
Act, as introduced to the US Senate on (19) See ref. 1.
Page 188
10. Pytlik and Myers
(20) Ibid. Principles and Practices for Hedge Fund
(21) See ref. 2. Investors, http://amaicmte.org/Public/
(22) See ref. 3. Investors%20Report%20-%20Final.pdf.
(23) Ibid. (29) ‘2010 and Beyond — Chief Compliance
(24) Ibid. Officer Compliance Programme’ —
(25) President’s Working Group on Financial New Regulatory Requirements and
Markets (PWG) (2008) The Asset Best Practices, http://www.global
Management Committee (‘AMC’) compliancerisk.com/pdfs/PytlikAuthor
released best practices for Hedge Fund September2009F.pdf.
Industry (‘AMC Report’), (30) See ref. 1.
http://amaicmte.org/Public/AMC%20 (31) See ref. 2.
Report%20-%20Final.pdf. (32) See ref. 3.
(26) Managed Funds Association (2009), (33) See ref. 26.
‘Sound Practices for Hedge Funds’, (34) See ref. 25.
released 31st March, http://www. (35) See ref. 28.
managedfunds.org/mfas-sound-practices (36) See ref. 1.
-for-hedge-fund-managers.asp. (37) See ref. 2.
(27) See ref. 25. (38) See ref. 3.
(28) President’s Working Group on Financial (39) See ref. 1.
Markets (PWG) (2008) Investors (40) See ref. 2.
Committee (‘IC Report’) issued (41) See ref. 3.
Page 189