Introduction to Enterprise Risk Management 1.15 In the financial risk quadrant, New Company would have exchange rate risk related to its European sales. It would also have price risk for raw materials and supplies. Strategic risks include competition, economic factors that could affect consumer demand, and the political risk arising from countries in which the company’s component suppliers are located. ERM Drivers The introduction of enterprise risk management (ERM) in the mid-1990s signaled a major expansion of risk management, changing the focus from a narrow approach to managing undesirable risk exposures to a firm-wide vantage point representing potential opportunity as well as loss. There are both internal and external drivers that influence an organization’s decision to establish an ERM program. Internal drivers include the desire for a comprehensive approach to managing risks that threaten an organization as well as recognition of ERM’s value in strategic planning. External drivers include legislation, regulatory requirements, risk management standards, credit rating agencies, investors, social responsibility, and catastrophic events. ERM programs should address both types of drivers. Some ERM programs focus on compliance with external requirements, but these programs are not as successful as ones that also consider internal drivers. Internal Drivers After some highly publicized corporate accounting scandals and the global financial crisis of 2008, many organizations realized that risk management failures could threaten their ability to survive at worst and present reputational risk exposures at best. For example, an AIG unit’s derivatives risk resulted in the organization’s dependency on the United States government for survival and a large loss in value for shareholders. Further, fraudulent trading at Societé Generale resulted in a large financial loss and reputational damage. These types of risk management failures at established firms increased many senior executives’ awareness of the importance of ERM. As ERM began to capture the interest of top management, some of these leaders started to understand that it was not limited to downside risk, as in traditional risk management. Rather, it could also be used to exploit risks for the opportunities they provide. That said, ERM implementation requires a major change in corporate culture supported by an organization’s senior management and board. Copyright 2013 American Institute For Chartered Property Casualty Underwriters 1.16 Enterprise Risk Management ERM’s greatest value is its use in decision making with a dual purpose: • Protecting an organization’s assets • Promoting future growth3 When global trade, financial markets, and supply chains are inextricably linked in a landscape of complexity and uncertainty, risks can come swiftly and unexpectedly—with significant potential effects on companies’ operations, reputations, and even survival. In response to greater complexity, interconnection, and uncertainty in global markets and operations, forward-looking companies are increasingly integrating risk management across business functions, according to a PwC survey of more than 1,000 executives from various organizations. The perspective of risk leaders is changing from operational to strategic.4 ERM in Practice DENTSPLY International Links ERM With Strategic Plan DENTSPLY International is a global provider of dental products. The organization’s strategic plan focuses on four key areas: financial, innovation, customer satisfaction, and internal talent. In 2005, the organization began its ERM program. DENTSPLY integrated risk management into all of its decisions and activities. For example, the organization implemented a global performance system to highlight and manage risks associated with innovation and product development.5 Many organizations have begun to include risk evaluation as an essential part of strategic planning and to realize the advantages of the broader view of risk management that ERM provides. For example, organizations that use ERM produce better-than-average financial results. Ernst & Young recently evaluated risk management practices through a survey. It found that risk management was consistent in top performers with mature ERM programs and that consistency was not evident in the bottom 20 percent of performers.6 ERM in Practice Panasonic Implements ERM to Achieve Profit Goals Panasonic began its ERM initiative to achieve challenging global business goals of 10 percent profit and 10 billion yen in sales turnover. The organization focused on implementing ERM into all of its business activities and operations to achieve these goals. Panasonic uses a combination top-down, bottom-up approach in its ERM program. The mission and objectives are established and communicated from the top, but risk assessment is performed in all areas of operations and reported up to each business unit head. The Copyright 2013 American Institute For Chartered Property Casualty Underwriters Introduction to Enterprise Risk Management 1.17 business unit heads then report them to senior management, who can evaluate the effects of risks on achieving strategic goals.7 By using ERM, an organization enhances its ability to select the most appropriate methods of deploying capital. Further, effective ERM can reduce the overall cost of capital and optimize capital allocation by evaluating the positive and negative aspects of risk in all major decisions. For example, Allstate began to consider ERM in 2002 for optimal allocation of capital based on risk and expected return. In 2004, the organization implemented ERM across all of its businesses and functions. Its program uses an interactive risk and capital visualization tool as part of its ERM program to explore various risk opportunities and guide strategic decisions.8 Another internal driver is the desire of organizations to manage volatility in their financial results. ERM enables an organization to analyze the effect of its risks on financial results and to select a level of risk based on its risk appetite and risk tolerance. External Drivers Initially, the increased focus on ERM at many organizations resulted largely from external forces and events. Although external factors should not be the sole, or necessarily even major, drivers for any one organization’s ERM program, they are inevitably significant. These are the major external drivers for ERM: • • • • • • • Legislation Regulatory requirements Risk management standards Credit rating agencies Investors Social responsibility Catastrophic events Risk appetite The total exposed amount that an organization wishes to undertake on the basis of risk-return trade-offs for one or more desired and expected outcomes. (Used with permission of RIMS.) Risk tolerance The amount of uncertainty an organization is prepared to accept in total or more narrowly within a certain business unit, a particular risk category or for a specific initiative. (Used with permission of RIMS.) In 2002, after the failure of Enron, the U.S. Congress passed the SarbanesOxley Act (SOX), which imposes numerous requirements on U.S. corporations. SOX requires both the chief financial officer (CFO) and chief executive officer (CEO) of a company to personally attest to their company’s results in financial statements. While the majority of the SOX regulations are concerned with accounting issues, there are several important aspects related to risk management. Section 404 requires organizations to provide an assessment of the company’s internal risk control measures. Additionally, SOX requires corporations to review their risk profiles using an enterprise-wide approach, rather than the traditional silo approach. Copyright 2013 American Institute For Chartered Property Casualty Underwriters
© Copyright 2024 ExpyDoc
