Enhancing Capabilities Taking It To The Next LevelWhat steps does management take to enhance risk management capabilities?. apply to those priority risks for which management has decide
Trang 1Enterprise Risk Management (ERM)
‘Integrated Framework’
IMPLEMENTATION Enhancing Capabilities Taking It To The Next Level
Trang 2FUNDAMENTALS & ROLES
• The Fundamentals
• COSO Enterprise Risk Management
• Role of Executive Management
• Role of the Director
• Role of the Chief Risk Officer
• Risk Management Oversight Structure
• Role of Internal Audit
Trang 3• Risk Management Vision and Objectives
• Conducting Risk Assessments
• Getting Started – Set the Foundation
• Building & Enhancing Capabilities
• Building a Compelling Business Case
• Making it Happen
• Relevance to Sarbanes-Oxley Compliance
• Other Questions
Trang 5Enhancing Capabilities Taking It To The Next Level
What steps does management take to enhance risk
management capabilities?
apply to those priority risks for which management has decided to attain a “managed” or an “optimized”
state of capability - three steps:
quantify risk enterprise wide
improve enterprise performance
establish sustainable competitive advantage
Trang 6Enhancing Capabilities Taking It To The Next Level
How does management decide on the
appropriate enhancement capabilities?
Market/investment community expectations:
institutional investors
rating agencies
regulatory authorities
industry standards
Trang 7Enhancing Capabilities Taking It To The Next Level
What is a “portfolio view” of risks and how is it practically applied?
Risks in different units may be within the risk
tolerances of the individual units
taken together, the risks might exceed the
enterprise wide risk appetite
risks may naturally offset across the entity
Trang 8Enhancing Capabilities Taking It To The Next Level
Portfolio view makes sense for activities directed at
achieving a common enterprise wide purpose
• Risks add up whether evaluated piecemeal or in total
• Increased efficiency and better decisions
• Improved reporting and capital allocation
• Simplicity
Trang 9Enhancing Capabilities Taking It To The Next Level
How does management quantify risks enterprise wide? At what level are risks aggregated for
quantification purposes?
Centralized vs decentralized
• aligning enterprise wide goals and operating unit incentives
• delineating risk management tasks that must
be executed centrally from tasks that must be executed locally
Trang 10Enhancing Capabilities Taking It To The Next Level
Ways to aggregate multiple risk measures
Risk-pooling approaches (hedging)
Enterprise wide risk appetite/specific risk tolerances
Hurdle rates (industry risk adjusted)
At risk frameworks (VaR, EaR, GMaR & CFaR)
Risk-adjusted performance measurement
Trang 11Enhancing Capabilities Taking It To The Next Level
Enhanced capabilities achieve four things
More robust risk reporting – aggregated at multiple
levels by specific investments and projects
Greater investment confidence
Greater integration and alignment of risk responses
Higher valuation - higher price/earnings multiples in
share valuations
Trang 12Enhancing Capabilities Taking It To The Next Level
How does management use ERM to improve business
performance? helps managers make better choices in
protecting and enhancing enterprise value
Evaluate the key underlying variables in the business plan that are exposed to performance variability and that require specific risk responses
Understand the loss exposures or drivers inherent in the
enterprise’s business model that require specific risk responses Identify incongruities inherent in the business model where
management has, either knowingly or unknowingly, accepted
Trang 13Enhancing Capabilities Taking It To The Next Level
Critical risk management tasks
• identify events
• assess risk
• formulate risk response
• implement control activities
• inform/communicate and monitor
provides a flexible framework for addressing these
three strategically important issues
Trang 14Enhancing Capabilities Taking It To The Next Level
Identify value drivers
value drivers are linked to the variables that
influence the achievement of the business
plan
they may be defined in terms of the key
underlying variables that cause revenues and expenses to go up and down (increase and
Trang 15Enhancing Capabilities Taking It To The Next Level
Key performance indicators are developed
metrics by which performance against plan is
evaluated and ultimately rewarded
converted into reports and are used to monitor
performance over time
managing and monitoring the business will surface opportunities to improve processes, products
and services to enhance enterprise value (EVA)
Trang 16Enhancing Capabilities Taking It To The Next Level
EVA = NOPAT less WACC (NPV>0)
Create new opportunities - new business activities
Improve performance - policies, processes,
competencies, reporting, technology and/or
Trang 17Enhancing Capabilities Taking It To The Next Level
EVA
Create new opportunities – change core business risk? Improve performance – insights into soft spots in the
enterprise’s or unit’s business strategy as well as
opportunities to improve performance
Harvest existing value - understand “relative riskiness”
of different units, geographies, products or markets
Adjust and align cost of capital - specific WACC for
specific core businesses
Trang 18Enhancing Capabilities Taking It To The Next Level
Linkage of ERM to improved enterprise performance - altering risk by increasing/decreasing:
enterprise’s net exposure (materiality)
variability of the enterprise’s expected returns caused
by specific sources of uncertainty (such as exposure
to fluctuating currency rates)
probability of financial distress in the event of realized changes in key variables (such as changes in interest
Trang 19Enhancing Capabilities Taking It To The Next Level
How should we integrate our ERM approach with our strategic planning process?
integrate specific ERM capabilities with the various
phases of the strategy-setting process
Strategic assessment Internal environment, event
identification and risk assessment
Strategy development Risk response
Formulate plan Control activities, information/
communication and monitoring
Trang 20Enhancing Capabilities
Taking It To The Next Level
Trang 21Enhancing Capabilities Taking It To The Next Level
Determine critical value drivers and define the sources of
uncertainty associated with each of those drivers
Shareholder Value cash flow earnings
e.g revenue drivers: predictable volume, price competitiveness,
customer liquidity, customer diversification, entry barriers and
growth industry
predictable volume sub drivers: segmented market, scalable
productive capacity and effectively functioning distribution channel
prioritize value drivers based upon their contribution
select the priority drivers for purposes of event identification and risk assessment
Trang 22Enhancing Capabilities Taking It To The Next Level
Should we complete our strategic planning process
prior to conducting our first enterprise wide risk
assessment, or vice versa? NO
incorporate risk appetite and risk management into
strategy-setting
Trang 23Enhancing Capabilities Taking It To The Next Level
Is it possible to successfully merge together the risk assessments that companies perform as a result of ERM, Sarbanes-Oxley compliance, business
continuity planning, internal audit and various
compliance activities related to workplace,
environmental and other regulations? YES
Must develop common language and uniform process
Trang 24Enhancing Capabilities Taking It To The Next Level
How does management use ERM to establish a sustainable
competitive advantage?
Integrate risk management with business & strategic planning Implement more rigorous risk assessment process
Improve management of common risks across the enterprise
Improve capital deployment and resource allocation
Configure the enterprise’s risk taking with its core competencies Seize opportunities through rational assumption of risk