In the face of the many recent failures of financial institutions, following market and asset crises, and in the context of mounting regulatory demands, including the impending SMR (Senior Managers Regime) which will now apply to asset managers, hedge funds and the Bank of England itself, risk management is a topic high on the executive agenda. In particular, much emphasis has been placed on risk appetite and the role it has to play in an enterprise risk management approach, as part of an overall strategy execution process.
Read MoreWhat is the Three Lines of Defence Model?
The Three Lines of Defence is a model that the Financial Services Authority (which became the Financial Conduct Authority) encourages firms to adopt to provide clarity of responsibilities and accountabilities in between the three lines, and ensures effective independent oversight and assurance activities take place covering key decisions and processes.
Read MoreBusinesses benefit from harnessing the opportunity in risk
"Businesses benefit from harnessing the opportunity in risk" - Originally posted HERE by Patricia O'Connell.
Risk has evolved over the last decade from “an exercise in ticking boxes” to an area of strategic focus that is an engine for corporate growth and profit as well as a force for societal change.
And corporations are directly profiting from changing their treatment of risk in their organizations. Linda Conrad, director of strategic business risk at Zurich North America told Advisen that two of its divisions saved 27 percent and 29 percent respectively on their risk-based capital (RBC) consumption as a result of reviewing the way it treated risk.
Conrad described the results of the insurer’s internal approach to risk with its focus on Enterprise Cost of Risk, which includes the risk expenses that derive from other business activities considered “less insurable.”
Using what it calls Total Risk Profiling, Zurich moved from an asset-based approach to a risk-based approach for operational risk quantification and capital allocation, Conrad said at the RIMS conference in Denver in April.
On a smaller but no less dramatic scale, a 2013 World Bank report describes how farmers manage risk profitably. Access to such tools as rainfall insurance means that they can invest in such necessities as fertilizer and seed rather than having to save their capital as a hedge against weather-related calamity.
On a more holistic level, Mangient CEO and author Andrew Smart notes that companies are increasingly looking at the relationship between risk and strategy.
One driver of this development was the global financial crisis of 2008-2009. “It was a failure of strategy and risk,” notes Smart, CEO of London-based Manigent and co-author of Risk-Based Performance Management: Integrating Strategy and Risk.
The nature of the crisis forced companies of all kinds around the world to look at the relationship between risk and strategy. Eventually, it escalated the movement from risk as loss prevention and mitigation to being seen, by necessity, as something that could enable growth.
And in turn, the increased scrutiny of risk led to regulation that aided the aggregation and harnessing of data that could be used in a different way. “Informed decisions impact the bottom line,” says Scott Addis, president and CEO of The Addis Group and Addis Intellectual Capital. “People typically tell a business leader what they want to hear rather than what they know to be true. Risk management based on knowledge leads to better decisions, which drives profit growth.”
Michael Christian, CEO of Risk Strategies Company observed that “organizations have more data at their fingertips than they did 10 years ago, as well as more tools to help risk managers and now CFOs analyze them and understand where risks are and how to address them.” The aggregation of the data puts risk more squarely in the C-Suite, he says. “The CFO will be looking at it more deeply, and the CFO should have a direct line to the CEO, making them more aware of risk’s impact on the bottom line.
“For smart companies, the establishment of minimum frameworks and ISO, COSO, and SOX have helped them identify the right path.”
The need for discipline and focus around data was “an unintended consequence” – a positive one — of the financial crisis, according to Todd Macumber, president of the risk services division of brokerage Hub International. “Some [companies] still take a ‘check the box approach’ to the requirements of regulation and others use it to their advantage to perform better.”
Michael Christian said: “Companies have been forced to focus on risk because you can’t afford to make a mistake. You can’t sweep it under a carpet. A positive byproduct of this, he believes, is a greater focus on product quality. “You don’t want it to come out in the news that you’ve had a major product or cyber failure or production problems.”
He cites the automobile manufacturers as a prime example of the dangers of not managing risk. “They’ve hidden some of their issues. And that hurts their brand, the whole enterprise, and their reputation.”
Finally, there needs to be alignment between risk and strategy, and according to Smart, that’s best achieved by assessing risk appetite.
“Companies need to decide how much risk they’re willing to take on to achieve their goals,” he said. “And often the most challenging conversations is ‘where are we not taking enough risk?’”
While risk has evolved to a strategic tool for some companies, its role will continue to grow as new risks emerge along with tools and techniques for management.
Yet both the greatest risk and the ability to overcome it is within the purview of any company, says Hub’s Macumber. “Whether you’re using Word and Excel or sophisticated risk-assessment tools, culture has to be part of the toolbox,” he said. “Without management and executive commitment and support, you won’t have the resources, the expertise, and the attitude to achieve the necessary results. Whether it’s risk prevention, risk management, or competitive advantage, it all begins with executive buy-in.”
StratexSystems "Shaping Your Culture via Risk Appetite" Webinar tomorrow!
|
StratexSystems Webinar 18th October!'Shaping Your Culture via Risk Appetite'Thursday Oct 18th 2012, 4pm-5pm GMTIt is almost time to join our CEO- Andrew Smart's live one-hour webinar, “Shaping Your Culture via Risk Appetite” The webinar begins this Thursday at 4 pm GMT. Don’t miss this rare opportunity to hear directly from Andrew Smart, CEO of StratexSystems.
He will briefly explain risk appetite and how it can be linked into the overall strategy and risk management process of an organisation. He will then go on to clarify how Risk Appetite statements work alongside Vision statements; creating the right ‘tone from the top’, and how that can be cascaded through the organisation in the form of Risk Tolerances and KRI's. The webinar will conclude with a demonstration of how to enable and embed change, leveraging your SharePoint investment.
To view the webinar, please click the link below which will take you to a registration page. Simply add your name and email into the 'Please Register Now' boxes and you will be sent a personalised link that you can use on Thursday. (We apologise for the 'double' registration process, but we had some technical difficulties for the last webinar and are currently trying to iron them out!)
http://w.on24.com/r.htm?e=531492&s=1&k=5FE74D2E75F94585F5F9505E1D3F2F8A
Do you know somebody else who should attend? Please send them the same link & they can register for free right now.
See you shortly! |
Great quote on Risk Appetite
One major problem that led to the current financial crisis was that although objectives had been created, there was no articulation of risk appetite or identification of those responsible when risks were incurred - COSO
Read the full COSO Thought-leadership paper; Enterprise Risk Management — Understanding and Communicating Risk Appetite
The CRO and Risk Management Function as an Enabler of Risk Taking – Aligning Risk Appetite and Strategy to Build Competitive Advantage
One of the key challenges for the CRO and the executive teams of many large financial services organisations to emerge over the last couple of years has been the alignment of risk appetite to strategy and ensuring that the business is ‘operating within appetite’. This means operating within the appetite of the board and by implication, the regulator. Meeting this challenge can have a transformational effect on the role of the CRO and the risk function, but also on the role of risk management – transforming it from a compliance driven activity to a source of competitive advantage.
On a continuing basis the CRO should seek to ensure that risk originators in individual business units within the entity are fully aware of and aligned with the board’s appetite for risk.
The Walker Review into corporate governance of UK Banks and other financial industry entities, completed in July 2009 raised risk appetite as a key issue for boards and executives within the financial services industry.
Section 6.17 explicitly states that the CRO has a duty to ensure that the risk takers are taking risks in alignment with the organisational strategy.
To quote directly from the Walker Review
Enhanced Appetite Alignment Matrix is available
Aligning risk taking to the business strategy is a challenge for many organisations but understanding where more risk can be taken to achieve higher returns is critical in today environment.
To support this decision-making, the Appetite Alignment Matrix has been enhanced in StratexPoint. The upgrade version is below.
Understanding and embedding Risk Appetite–Learning from Mastercard
This excellent presentation by Spencer Schwartz from Mastercard has a number of interesting points for any organisation looking to understand and embed risk appetite into their organisation.
Update from the NC State University ERM Initiative
The most recent newsletter from the North Carolina State University College of Management’s ERM Initiative includes a couple of particularly interesting articles from the perspective of the linkage between strategy, performance and risk management.
Linking ERM and Strategy: An Example from Target Corporation
Launching an ERM process can be a daunting task, especially in large, complex organizations. The importance of keeping the risk oversight process simple, but strategic, can be the key to realizing strategic value from ERM. Tony Heredia, Vice President of Corporate Risk and Responsibility at Target Corporation, shared insights from his experience in helping strengthen their organization’s integration of enterprise risk oversight and strategy. Creating opportunities for executive management dialogue about critical emerging risks is proving to be invaluable as the company navigates the highly competitive retail business in the new economy. Read about the Target experience
Panel of ERM Experts Discusses “The Value Proposition of ERM: Strategic or Compliance”
The ERM Initiative’s October 1, 2010 ERM Roundtable Summit featured a panel of executives responsible for ERM leadership at organizations including Advance Auto Parts, Standard & Poor’s, RTI International, and Public Service Enterprise Group that discussed the topic of positioning ERM for strategic versus compliance benefits. Among numerous practical suggestions was the overarching reality that, for ERM to be successful, leaders need to realize that there is no one-size-fits-all approach to ERM and that effective ERM is one that fully considers the culture of the organization and the importance of board and CEO support. Read more
