SlideShare una empresa de Scribd logo

Amper ERM Presentation to FEI

J
jravi
1 de 34
Enterprise Risk Management ‐ Building the Business Case Building the Business Case ‐ Practical Implementation Tips Thomas Mulhare Thomas Mulhare Partner in Charge,  Financial Services and Business Risk Advisory Services Jerry Ravi Senior Manager,  Business Risk Advisory Services February 2, 2010
ERM Defined: “… a process, effected by an entity's board of  directors, management and other personnel, applied  in strategy setting and across the enterprise,  i i d h i designed to identify potential events that may  affect the entity, and manage risks to be within its  affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance  regarding the achievement of entity objectives.” Source:  COSO Enterprise Risk Management – Integrated Framework.  2004. COSO. 2
SHAREHOLDER VALUE DECLINES SHAREHOLDER VALUE DECLINES Common means by which Shareholder Value is Destroyed: Common means by which Shareholder Value is Destroyed: Strategic and Business Operational Financial Compliance 5% 15% 20% 60% 3
What CFO's Think What CFO's Think 52% • have formalized risk management  program 42% • do historic comparisons to avoid risk 32% • set specific risk thresholds 29% • create risk adjusted forecasts and  plans Source: The Global CFO Study 2008 4
Why ERM is Important  Wh ERM i I t t ERM supports value creation by enabling  Underlying principles management to: Every entity exists to realize value for its  Deal effectively with potential future  stakeholders. events that create uncertainty. Value is created, preserved, or  Respond in a manner that  Respond in a manner that eroded by management  reduces the likelihood of  decisions in all activities, from  downside outcomes and  setting strategy to operating the  increases the upside. enterprise day‐to‐day. 5
ERM Principles ERM Principles Skilled project leaders who can  think “outside the box” Talented  Talented People Sharing &  Sharing & Effective  Knowledge  Process Transfer Willingness to cross  Effective process to identify  and  boundaries posed by  manage risks  information silos 6
ERM – What went wrong? ERM What went wrong? • Risks ere not f ll nderstood Risks were not fully understood • Management overrides • Compensation focused on short term • Not enough Board involvement • Inadequate communication Inadequate communication 7
Other Risk Drivers for ERM Implementation Other Risk Drivers for ERM Implementation 60% of senior executives “lack high confidence” that their  60% f i ti “l k hi h fid ” th t th i company’s risk management practices identify and manage all  FEI Study  potentially significant risks Requires audit committee charter to include reference to the  NYSE committee’s responsibility to “discuss risk assessment and risk  management” “It is the board’s responsibility to ensure that management has  instituted processes to identify major risks and has developed  NACD plans to deal with such risks.  BOARDS WILL BE HELD  ACCOUNTABLE 8
ERM Challenge – More Than Audit Committee ERM Challenge More Than Audit Committee • Defining & Managing Expectations – Board – Who on Board is responsible for all Risk – Audit Committee – Monitoring  – Executive Management – Key Sponsor of ERM Executive Management  Key Sponsor of ERM • Coordinating with Other Risk Monitoring  & Assurance Groups: – Compliance – Legal l – Safety/OSHA – Loss Prevention – External Audit • Risk Committee? 9
ERM: Breaking Down Silos ERM: Breaking Down Silos Financial  Information  Underwriting Reporting Technology Reinsurance Claims Regulatory New Products / Lines of Business Human Resources Policies & Procedures 10
What benefits come from ERM? What benefits come from ERM? Better  Better Make more  Make more Better  information  informed  communication about risks decisions Strengthen  Increased  Reduce earning  governance  accountability volatility practices ti More  Help to meet  Help to meet comprehensive  strategic goals Stress Test 11
Managing Risk = Better Performance i ik f Align corporate goals with: g p g Understanding the sources of risk and their relevant  performance metrics help manage: Strategies People Objectives Processes Risks Information Performance metrics Assets or technology 12
A Practical ERM Approach A Practical ERM Approach • The ERM Continuum • Key Implementation Factors – Setting Expectations – Indentifying your first steps – Build the “ERM Engine” – Creating the Process Build the “ERM Engine” Creating the Process – Risk Identification, Assessment and Analysis – Monitoring and Reporting Monitoring and Reporting • Success Factors • EXAMPLES: RISK ASSESSMENT & TOOLS EXAMPLES: RISK ASSESSMENT & TOOLS 13
Evolution of ERM Methodology Evolution of ERM Methodology ERM is not a “One Size Fits All”  ERM is not a  One Size Fits All approach.  The key is  to remember this  t b thi is a PROCESS! Strategic View ”A Strategic Tool” Integrated Risk Integrated Risk “Managing  Risks Better” Compliance 14
Setting Expectations S i E i • Executive endorsement • Direct reporting is critical • Leverage existing risk functions Leverage existing risk functions • Develop a risk mindset, starting at the Top • Difference between Compliance (SOX) and ERM 15
Identifying your First Steps Identifying your First Steps • Determine what’s right for your company Determine what s right for your company • Determine your risk philosophy – Survey risk culture via a  Risk Health Check Survey risk culture via a “Risk Health Check” – Consider organizational integrity and ethical values • Decide on roles and responsibilities p – Identify sponsors and owners (i.e., Board, Management,  Risk Officers, Internal Auditor) • Assess where your are on the ERM Continuum • Create a process 16
Example: Risk Health Check (Culture & Alignment) E l Ri k H lth Ch k (C lt & Ali t) • To what extent is the “culture” supportive of advancing an enterprise view  of risk management?   of risk management? • How has the significance of risk governance been communicated (i.e.,  regular communications and documentation)? • How comfortable are our people in discussing risk? Are they afraid to raise  f bl l d k h f d difficult issues? How quickly do they raise issues?  • Is risk management built into decisions about capital allocation,  acquisition, succession planning, and other strategic initiatives?  acquisition succession planning and other strategic initiatives? • Would you describe the organization’s approach to risk management as: – Reactive to risks that occur – P Proactive about risk possibilities i b ik ibili i • How might our compensation programs encourage inappropriate short‐ term risk taking? How can we change these programs to encourage risk‐ taking instead? What mechanisms exist to recover compensation when  taking instead? What mechanisms exist to recover compensation when excessive risk‐taking occurs? 17
Building the "ERM" Engine – Creating the Process  Building the "ERM" Engine Creating the Process Identify  objectives  Build Consensus  Build Consensus Identify ERM Task  Identify ERM Task (strategic, financial,  around the process Force operational, etc.) Define the  Review and  Identify / discuss  corporate risk  corporate risk leverage existing  leverage existing scope of process appetite documentation Kickoff initial  Continuously  planning  Monitor the  workshops with  workshops with Process  Ask  Process – “Ask process owners Questions” 18
Kickoff  the Process Kickoff the Process • Identify preliminary risk language and categories yp y g g g • Develop risk inventory questionnaires • Develop materials and hold education / risk Develop materials and hold education / risk  awareness session(s)  • Initiate/schedule interviews Initiate/schedule interviews • Identify questionnaire recipients at the business  units 19
Mid‐Market Pharmaceutical Company Sample Risk Management Categories Contract  Bio Technology Pharmaceutical Corporate Management Competition Dependency on CRO / Contract  Competition (Pipeline, Generics,  Debt Obligation Manufacturing for Products New, Existing) Viability ROI / Optimization of Resources / Optimization of Resources Planning Liquidity Customer Needs (Long‐Term  Product Approvals Pricing Capital Requirements / Financing focus) Profitability y Vendors / Suppliers (licensing  / pp ( g Shareholder Value Agreements) Dependency of 3rd Party Royalty  Commitments / Contingencies Contracts Expansion of existing Products (IP  p g ( Protection) Incident Reporting Product Recalls Regulation R l ti IT Systems Personnel / HR Business Development Vendor Management / Customer Management Quality Procedures / SOPs
Risk Identification Risk Identification • In general, there are three kinds of risks your  g y institution faces: • Risk you know of and are working on to resolve  (Low Concern) (Low Concern) • Risk you know of and are not yet working on to  resolve  (Medium Concern) eso e ( ed u o ce ) • Risks you are not yet aware of but will find out  via complaints, litigation, examiners and/or  media attention  (High Concern) di tt ti (Hi h C ) • Map risks to agreed upon categories 21
Risk Identification Tools Risk Identification Tools • Assessments – External:  works best for small to mid‐sized companies – Continuous Internal Assessment: Via Full Time Risk  Management Department – Internal Assessments: Via Compliance, Audit, or Risk Owners – Self Assessment Surveys:  people involved in processes know  them the best • L Leverage Existing Risk Related Assessments  (i.e., Internal  E i ti Ri k R l t d A t (i I t l Audits, SAS70s, Compliance Reviews, Regulatory Reports) • Conduct risk assessment interviews or brainstorming Conduct risk assessment interviews or brainstorming  workshops with key members of management 22
Risk Assessment • Compile all results of the risk identification process • Quantification of risk exposure • Options available: ‐ Accept = monitor ‐ Avoid = eliminate (get out of situation) ‐ Reduce = institute controls ‐ Share = partner with someone (e.g. insurance) • Link Risk Assessment to the Strategic Objectives  (Example attached) 23
Impact vs. Probability Impact vs Probability Sample:  Financial Institution p Medium Risk High Risk High Credit Risk Regulatory Violations and  g The Loaning Process Fines System Outages I M Share Mitigate & Control P Low Risk Medium Risk A C Asset Management  Customer Complaints p Turnover Fee Receivables T Trade Errors Accept Control Low PROBABILITY High 24
Risk Analysis Ri k A l i • Assess and prioritize risks Assess and prioritize risks  • Assess the maturity of risk management  strategies for the top risks strategies for the top risks • Deploy mitigation strategy • Develop action plan 25
Monitoring and Reporting Monitoring and Reporting • Establish accountability for risks y • Summarize a risk assessment report • Create risk dashboards for high level board reporting Create risk dashboards for high‐level board reporting – Leverage technology tools (screen shots attached) • Develop a continuous monitoring program l – Ensure updates are reflected (i.e., changes in systems or  processes) ) 26
Success Factors Success Factors • Be brutally honest with your self assessment y y • Select the right people and approach • g Encourage constructive feedback • Make it clear who owns the process • Risk management is everybody s job Risk management is everybody’s job • Learn from losses • View it as a  Process not a Project View it as a “Process”, not a “Project” 27
Context of the Risk Assessment Context of the Risk Assessment Objectives provide the context for  the risk assessment … the risk assessment … E l Obj ti Example Objectives Strategic Objectives  Increase market share by 10% over the  Strategy y next 3 years. Supporting Objectives Business Unit  Deploy new line of business in San  (Region,   Francisco by May 2010. Location)) Functional Objectives  Functional  Improve availability  and continuity of IT  (IT,  Accounting) core applications by June 2010. Risk Management Objectives Risk Specific  Maintain profitability (Pricing, loss  (Profitability) (Profitabilit ) experience, etc…) experience etc ) 28
Example: Risk Model Example: Risk Model Which areas of risk might be identified, analyzed, and prioritized in  an ERM program? p g Environmental Risks • Capital Availability • Liquidity • Regulatory, Political, and Legal • Financial Markets and Shareholder Relations Process Risks P Ri k • Operations Risk • Empowerment Risk • Information Processing / Technology Risk • Integrity Risk • Financial Risk Information for Decision Making • Operational Risk • Financial Risk 29 • Strategic Risk
EXAMPLE: Credit Administration/Loan Review Potential Significant Risks and Overall Risk Rating:  High ♦ Ability to achieve the business plan for targeted markets/customers/products   Strategic Risk High ♦ Standardization of credit administration guidelines Reputation Risk High ♦ Consumer and commercial loan approval and underwriting  process is highly visible to the customer  Compliance Risk Low ♦ Risk of lawsuits, fines and penalties related to non‐compliance with lending laws and regulations ♦ Credit risk is inherently high especially during the current downturn in the market  ♦ The number of large loans ($5‐15 million) has increased significantly during the past year ♦ Nine independent bank credit cultures Credit Risk Credit Risk High ♦ Risk in wire transfer and ACH continues to increase Ri k i i t f d ACH ti t i ♦ Lack of consolidated credit information for banks and non‐bank affiliates ♦ Consumer credit judgment may be inconsistent  ♦ Financial risk is inherently high in a loan origination process ‐ loans are interest rate sensitive ♦ The Federal Reserve has been decreasing interest rates over the past year ♦ g y p ACME is in a highly competitive market Financial Risk Fi i l Ri k High Hi h ♦ Future Basel Accord implications ♦ ACME does not have a standard ALLL methodology that all banks follow ♦ Inconsistent application of non‐accrual and charge‐off policies ♦ No formal training for loan officers on regulation changes ♦ No standard guidelines for credit policies and procedures for loan origination and approval process ♦ Some banks  have specialty loan areas that  perform loan operations functions  Some banks have specialty loan areas that perform loan operations functions ♦ Missing quality assessment review at loan origination for compliance with ACME credit documentation and  Operational Risk High approval policy ♦ Administration of participated loans is managed by the lead affiliate bank and not centrally managed.  The  experience levels of credit officers vary within the affiliates ♦ No standardization and centralized approval of law firms used for loan closings ♦ IT system not fully utilized or may lack data integrity due to lack of standard credit administration policies ♦ IT system is the common platform for loan processing Technology Risk ♦ IT system does not interface with non‐bank subsidiary systems making it difficult to compile consolidated loan  Moderate information  ♦ Lack of a front end system to process consumer applications that enforces ACME’s credit policies Human Resources  ♦ In the event additional employees are needed or turnover occurs, ACME may have difficulty identifying an  I th t dditi l l d d t ACME h diffi lt id tif i Moderate employee internally or recruiting a candidate in a highly competitive job market  Risk Financial Impact High ♦ Combined loan portfolio is approximately $3.6 billion Risk Direction  ♦ Credit risk increasing as a result of current market conditions 30 Increasing Indicator
Risk Framework Tool  ALINE GRC: Risk Framework Tool – ALINE GRC: Accountability, Measurement, and Impact y, , p 31
Enterprise Risk Heat Map Enterprise Risk Heat Map 32
33
Thomas M. Mulhare Jerry R. Ravi y Amper, Politziner & Mattia, LLP Amper, Politziner & Mattia, LLP Tel:   (732) 287‐1000 x 1281  Tel:  (732) 287‐1000 x 1294 Cell:  (908) 930‐1435 C ll (908) 930 1435 Cell: (732) 770‐3519 C ll (732) 770 3519 E‐mail: mulhare@amper.com E‐mail: ravi@amper.com The material contained in this presentation is for general information and should not be acted upon  without prior professional consultation. 34

Recomendados

FRT - 110530 - BED - Why are some companies luckier than others - Frank Leenders
FRT - 110530 - BED - Why are some companies luckier than others - Frank LeendersFRT - 110530 - BED - Why are some companies luckier than others - Frank Leenders
FRT - 110530 - BED - Why are some companies luckier than others - Frank LeendersFlevum
 
Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Diane Christina
 
.credit-suisse Annual Report Part 4 Risk management
.credit-suisse Annual Report Part 4 Risk management.credit-suisse Annual Report Part 4 Risk management
.credit-suisse Annual Report Part 4 Risk managementQuarterlyEarningsReports2
 
Common Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAECommon Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAEWheelhouse Advisors LLC
 
Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management Surajit Datta
 
Risk Health Check
Risk Health CheckRisk Health Check
Risk Health CheckLjuba Bogdanovich
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk TransformationAndrew Smart
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...prosenzw69
 

Recomendados

FRT - 110530 - BED - Why are some companies luckier than others - Frank Leenders
FRT - 110530 - BED - Why are some companies luckier than others - Frank LeendersFRT - 110530 - BED - Why are some companies luckier than others - Frank Leenders
FRT - 110530 - BED - Why are some companies luckier than others - Frank LeendersFlevum
 
Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Diane Christina
 
.credit-suisse Annual Report Part 4 Risk management
.credit-suisse Annual Report Part 4 Risk management.credit-suisse Annual Report Part 4 Risk management
.credit-suisse Annual Report Part 4 Risk managementQuarterlyEarningsReports2
 
Common Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAECommon Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAEWheelhouse Advisors LLC
 
Common failures of risk management
Common failures of risk management Common failures of risk management
Common failures of risk management Surajit Datta
 
Risk Health Check
Risk Health CheckRisk Health Check
Risk Health CheckLjuba Bogdanovich
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk TransformationAndrew Smart
 
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...
UCI Exec. MBA & Forum for Corp. Directors July 2009 - Board Governance: E...prosenzw69
 
Jag Presentation V120601
Jag Presentation V120601Jag Presentation V120601
Jag Presentation V120601jagagnonconsultant
 
Tools &Techniques for Effective Risk Management V3.0
Tools &Techniques for Effective Risk Management V3.0Tools &Techniques for Effective Risk Management V3.0
Tools &Techniques for Effective Risk Management V3.0cgautam
 
Irm Risk Appetite
Irm Risk AppetiteIrm Risk Appetite
Irm Risk AppetiteHassan Zaitoun
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk AppetiteTowers Perrin
 
Not-For-Profit Risk Management & The 7 Deadly Sins
Not-For-Profit Risk Management & The 7 Deadly SinsNot-For-Profit Risk Management & The 7 Deadly Sins
Not-For-Profit Risk Management & The 7 Deadly SinsCBIZ, Inc.
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational riskDiane Christina
 
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08Wheelhouse Advisors LLC
 
IT Risk Management - the right posture
IT Risk Management - the right postureIT Risk Management - the right posture
IT Risk Management - the right postureParag Deodhar
 
Enterprise Risk Management Workshop (Singapore 2006)
Enterprise Risk Management Workshop (Singapore 2006)Enterprise Risk Management Workshop (Singapore 2006)
Enterprise Risk Management Workshop (Singapore 2006)simonffg
 
Managing Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryManaging Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk AppetiteHassan Zaitoun
 
Descriptor MetisGRC
Descriptor MetisGRCDescriptor MetisGRC
Descriptor MetisGRCOtbert de Jong
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...icgfmconference
 
Grant Thornton - Risk appetite: A market study UK 2012
Grant Thornton - Risk appetite: A market study UK 2012Grant Thornton - Risk appetite: A market study UK 2012
Grant Thornton - Risk appetite: A market study UK 2012Grant Thornton
 
AMXi Overview
AMXi OverviewAMXi Overview
AMXi OverviewAMX International, Incorporated
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMichel Rochette
 
Improving the application of risk management
Improving the application of risk managementImproving the application of risk management
Improving the application of risk managementKarl Davey
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
 
Clinical outsourcing
Clinical outsourcingClinical outsourcing
Clinical outsourcingCytel
 
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...Hospital Diagnostic services outsourcing- A great Opportunity for improving H...
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...TARA PRASAD MOHAPATRA
 

Más contenido relacionado

La actualidad más candente

Tools &Techniques for Effective Risk Management V3.0
Tools &Techniques for Effective Risk Management V3.0Tools &Techniques for Effective Risk Management V3.0
Tools &Techniques for Effective Risk Management V3.0cgautam
 
Not-For-Profit Risk Management & The 7 Deadly Sins
Not-For-Profit Risk Management & The 7 Deadly SinsNot-For-Profit Risk Management & The 7 Deadly Sins
Not-For-Profit Risk Management & The 7 Deadly SinsCBIZ, Inc.
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational riskDiane Christina
 
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08Wheelhouse Advisors LLC
 
IT Risk Management - the right posture
IT Risk Management - the right postureIT Risk Management - the right posture
IT Risk Management - the right postureParag Deodhar
 
Enterprise Risk Management Workshop (Singapore 2006)
Enterprise Risk Management Workshop (Singapore 2006)Enterprise Risk Management Workshop (Singapore 2006)
Enterprise Risk Management Workshop (Singapore 2006)simonffg
 
Managing Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryManaging Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryFindWhitePapers
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentationalygale
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Processregio12
 
Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...icgfmconference
 
Grant Thornton - Risk appetite: A market study UK 2012
Grant Thornton - Risk appetite: A market study UK 2012Grant Thornton - Risk appetite: A market study UK 2012
Grant Thornton - Risk appetite: A market study UK 2012Grant Thornton
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMichel Rochette
 
Improving the application of risk management
Improving the application of risk managementImproving the application of risk management
Improving the application of risk managementKarl Davey
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...Hassan Zaitoun
 

La actualidad más candente (20)

Jag Presentation V120601
Jag Presentation V120601Jag Presentation V120601
Jag Presentation V120601
 
Tools &Techniques for Effective Risk Management V3.0
Tools &Techniques for Effective Risk Management V3.0Tools &Techniques for Effective Risk Management V3.0
Tools &Techniques for Effective Risk Management V3.0
 
Irm Risk Appetite
Irm Risk AppetiteIrm Risk Appetite
Irm Risk Appetite
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk Appetite
 
Not-For-Profit Risk Management & The 7 Deadly Sins
Not-For-Profit Risk Management & The 7 Deadly SinsNot-For-Profit Risk Management & The 7 Deadly Sins
Not-For-Profit Risk Management & The 7 Deadly Sins
 
A brief overview of operational risk
A brief overview of operational riskA brief overview of operational risk
A brief overview of operational risk
 
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08
Shared Services for Finance & Accounting - Wheelhouse Advisors 7.15.08
 
IT Risk Management - the right posture
IT Risk Management - the right postureIT Risk Management - the right posture
IT Risk Management - the right posture
 
Enterprise Risk Management Workshop (Singapore 2006)
Enterprise Risk Management Workshop (Singapore 2006)Enterprise Risk Management Workshop (Singapore 2006)
Enterprise Risk Management Workshop (Singapore 2006)
 
Managing Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate RecoveryManaging Risk in Perilous Times- Practical Steps to Accelerate Recovery
Managing Risk in Perilous Times- Practical Steps to Accelerate Recovery
 
Risk Management ERM Presentation
Risk Management ERM PresentationRisk Management ERM Presentation
Risk Management ERM Presentation
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk Appetite
 
Descriptor MetisGRC
Descriptor MetisGRCDescriptor MetisGRC
Descriptor MetisGRC
 
Enterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management ProcessEnterprise Risk Management as a Core Management Process
Enterprise Risk Management as a Core Management Process
 
Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...
 
Grant Thornton - Risk appetite: A market study UK 2012
Grant Thornton - Risk appetite: A market study UK 2012Grant Thornton - Risk appetite: A market study UK 2012
Grant Thornton - Risk appetite: A market study UK 2012
 
AMXi Overview
AMXi OverviewAMXi Overview
AMXi Overview
 
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONSMITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
MITIGATING OPERATIONAL RISK: RISK TRANSFER SOLUTIONS
 
Improving the application of risk management
Improving the application of risk managementImproving the application of risk management
Improving the application of risk management
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...
 

Destacado

Clinical outsourcing
Clinical outsourcingClinical outsourcing
Clinical outsourcingCytel
 
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...Hospital Diagnostic services outsourcing- A great Opportunity for improving H...
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...TARA PRASAD MOHAPATRA
 
Connect Using Social Media
Connect Using Social MediaConnect Using Social Media
Connect Using Social MediaitsmeYO
 
G2 Financial Boot Camp - Laboratory Outreach
G2 Financial Boot Camp - Laboratory OutreachG2 Financial Boot Camp - Laboratory Outreach
G2 Financial Boot Camp - Laboratory OutreachRichard Ouellette
 
Why You Need Enterprise Backup
Why You Need Enterprise BackupWhy You Need Enterprise Backup
Why You Need Enterprise BackupDruva
 
Pushing forward the frontiers of Lean Healthcare
Pushing forward the frontiers of Lean Healthcare Pushing forward the frontiers of Lean Healthcare
Pushing forward the frontiers of Lean Healthcare Lean Enterprise Academy
 
Advanced Laboratory Analytics — A Disruptive Solution for Health Systems
Advanced Laboratory Analytics — A Disruptive Solution for Health SystemsAdvanced Laboratory Analytics — A Disruptive Solution for Health Systems
Advanced Laboratory Analytics — A Disruptive Solution for Health SystemsViewics
 
Debt Trends in the Capital Structure of European Insurers
Debt Trends in the Capital Structure of European InsurersDebt Trends in the Capital Structure of European Insurers
Debt Trends in the Capital Structure of European InsurersA.M. Best Company
 
European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...
European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...
European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...A.M. Best Company
 
Presentation_to_analysts_and_investors_June_2007
Presentation_to_analysts_and_investors_June_2007Presentation_to_analysts_and_investors_June_2007
Presentation_to_analysts_and_investors_June_2007Marianda Quadakkers
 
Insurance Market Briefing Europe- EMEA Overview
Insurance Market Briefing Europe- EMEA OverviewInsurance Market Briefing Europe- EMEA Overview
Insurance Market Briefing Europe- EMEA OverviewA.M. Best Company
 
Securization of Life-Related Traditional Premium Finance Loans
Securization of Life-Related Traditional Premium Finance LoansSecurization of Life-Related Traditional Premium Finance Loans
Securization of Life-Related Traditional Premium Finance LoansA.M. Best Company
 
Building the Insurance Market
Building the Insurance MarketBuilding the Insurance Market
Building the Insurance MarketA.M. Best Company
 
Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...
Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...
Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...Capgemini
 
Overview of A.M. Best's Stochastic Based BCAR for U.S. P/C Insurers
Overview of A.M. Best's Stochastic Based BCAR for U.S. P/C InsurersOverview of A.M. Best's Stochastic Based BCAR for U.S. P/C Insurers
Overview of A.M. Best's Stochastic Based BCAR for U.S. P/C InsurersA.M. Best Company
 
Dubai Customs Becomes the First Smart Government Department in Dubai with its...
Dubai Customs Becomes the First Smart Government Department in Dubai with its...Dubai Customs Becomes the First Smart Government Department in Dubai with its...
Dubai Customs Becomes the First Smart Government Department in Dubai with its...Capgemini
 
Solvency II, A Rating Agency Perspective
Solvency II, A Rating Agency PerspectiveSolvency II, A Rating Agency Perspective
Solvency II, A Rating Agency PerspectiveA.M. Best Company
 
Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...
Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...
Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...A.M. Best Company
 
State of the Global Reinsurance Market
State of the Global Reinsurance MarketState of the Global Reinsurance Market
State of the Global Reinsurance MarketA.M. Best Company
 
Integrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational StrategyIntegrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational Strategyhenrytk2
 

Destacado (20)

Clinical outsourcing
Clinical outsourcingClinical outsourcing
Clinical outsourcing
 
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...Hospital Diagnostic services outsourcing- A great Opportunity for improving H...
Hospital Diagnostic services outsourcing- A great Opportunity for improving H...
 
Connect Using Social Media
Connect Using Social MediaConnect Using Social Media
Connect Using Social Media
 
G2 Financial Boot Camp - Laboratory Outreach
G2 Financial Boot Camp - Laboratory OutreachG2 Financial Boot Camp - Laboratory Outreach
G2 Financial Boot Camp - Laboratory Outreach
 
Why You Need Enterprise Backup
Why You Need Enterprise BackupWhy You Need Enterprise Backup
Why You Need Enterprise Backup
 
Pushing forward the frontiers of Lean Healthcare
Pushing forward the frontiers of Lean Healthcare Pushing forward the frontiers of Lean Healthcare
Pushing forward the frontiers of Lean Healthcare
 
Advanced Laboratory Analytics — A Disruptive Solution for Health Systems
Advanced Laboratory Analytics — A Disruptive Solution for Health SystemsAdvanced Laboratory Analytics — A Disruptive Solution for Health Systems
Advanced Laboratory Analytics — A Disruptive Solution for Health Systems
 
Debt Trends in the Capital Structure of European Insurers
Debt Trends in the Capital Structure of European InsurersDebt Trends in the Capital Structure of European Insurers
Debt Trends in the Capital Structure of European Insurers
 
European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...
European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...
European Insurers: Pressures on Capital Efficiency and Expansion into Emergin...
 
Presentation_to_analysts_and_investors_June_2007
Presentation_to_analysts_and_investors_June_2007Presentation_to_analysts_and_investors_June_2007
Presentation_to_analysts_and_investors_June_2007
 
Insurance Market Briefing Europe- EMEA Overview
Insurance Market Briefing Europe- EMEA OverviewInsurance Market Briefing Europe- EMEA Overview
Insurance Market Briefing Europe- EMEA Overview
 
Securization of Life-Related Traditional Premium Finance Loans
Securization of Life-Related Traditional Premium Finance LoansSecurization of Life-Related Traditional Premium Finance Loans
Securization of Life-Related Traditional Premium Finance Loans
 
Building the Insurance Market
Building the Insurance MarketBuilding the Insurance Market
Building the Insurance Market
 
Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...
Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...
Boulanger Kick-Starts Its Big City Stores with Exciting New Concept: Virtual ...
 
Overview of A.M. Best's Stochastic Based BCAR for U.S. P/C Insurers
Overview of A.M. Best's Stochastic Based BCAR for U.S. P/C InsurersOverview of A.M. Best's Stochastic Based BCAR for U.S. P/C Insurers
Overview of A.M. Best's Stochastic Based BCAR for U.S. P/C Insurers
 
Dubai Customs Becomes the First Smart Government Department in Dubai with its...
Dubai Customs Becomes the First Smart Government Department in Dubai with its...Dubai Customs Becomes the First Smart Government Department in Dubai with its...
Dubai Customs Becomes the First Smart Government Department in Dubai with its...
 
Solvency II, A Rating Agency Perspective
Solvency II, A Rating Agency PerspectiveSolvency II, A Rating Agency Perspective
Solvency II, A Rating Agency Perspective
 
Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...
Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...
Criteria Review Seminar 2015 Stochastic-Based BCAR (Best’s Capital Adequacy ...
 
State of the Global Reinsurance Market
State of the Global Reinsurance MarketState of the Global Reinsurance Market
State of the Global Reinsurance Market
 
Integrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational StrategyIntegrating Enterprise Risk Management (ERM) with Organizational Strategy
Integrating Enterprise Risk Management (ERM) with Organizational Strategy
 

Similar a Amper ERM Presentation to FEI

Petrash Capital ERM Diagnostic2010
Petrash Capital ERM Diagnostic2010Petrash Capital ERM Diagnostic2010
Petrash Capital ERM Diagnostic2010bprivitt
 
Introduction To Risk Management Process
Introduction To Risk Management ProcessIntroduction To Risk Management Process
Introduction To Risk Management Processdavidcurriecia
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementAnu Damodaran
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk ManagementManoj Jain
 
03 integrated management system telkom 2016 dasar risiko
03 integrated management system telkom 2016 dasar risiko03 integrated management system telkom 2016 dasar risiko
03 integrated management system telkom 2016 dasar risikowisnu wardhana, i nyoman
 
2010 Soa.Nyc.Alm
2010 Soa.Nyc.Alm2010 Soa.Nyc.Alm
2010 Soa.Nyc.Almpinchung
 
Change and the Finance Function
Change and the Finance FunctionChange and the Finance Function
Change and the Finance FunctionMorgan McKinley
 

Similar a Amper ERM Presentation to FEI (20)

B322
B322B322
B322
 
Petrash Capital ERM Diagnostic2010
Petrash Capital ERM Diagnostic2010Petrash Capital ERM Diagnostic2010
Petrash Capital ERM Diagnostic2010
 
Introduction To Risk Management Process
Introduction To Risk Management ProcessIntroduction To Risk Management Process
Introduction To Risk Management Process
 
B322
B322B322
B322
 
B322
B322B322
B322
 
B322
B322B322
B322
 
People Risk Collateral
People Risk CollateralPeople Risk Collateral
People Risk Collateral
 
People Risk Collateral
People Risk CollateralPeople Risk Collateral
People Risk Collateral
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
Riskpro - Operational Risk Management
Riskpro - Operational Risk ManagementRiskpro - Operational Risk Management
Riskpro - Operational Risk Management
 
Riskpro orm
Riskpro ormRiskpro orm
Riskpro orm
 
03 integrated management system telkom 2016 dasar risiko
03 integrated management system telkom 2016 dasar risiko03 integrated management system telkom 2016 dasar risiko
03 integrated management system telkom 2016 dasar risiko
 
HIRimsISO311KandERMFINAL
HIRimsISO311KandERMFINALHIRimsISO311KandERMFINAL
HIRimsISO311KandERMFINAL
 
2010 Soa.Nyc.Alm
2010 Soa.Nyc.Alm2010 Soa.Nyc.Alm
2010 Soa.Nyc.Alm
 
Risk Management Certification
Risk Management CertificationRisk Management Certification
Risk Management Certification
 
Risk Management Certification
Risk Management CertificationRisk Management Certification
Risk Management Certification
 
Change and the Finance Function
Change and the Finance FunctionChange and the Finance Function
Change and the Finance Function
 
Risk management benchmarking 2013
Risk management benchmarking 2013Risk management benchmarking 2013
Risk management benchmarking 2013
 
Risk Management Benchmarking
Risk Management BenchmarkingRisk Management Benchmarking
Risk Management Benchmarking
 
B288
B288B288
B288
 

Amper ERM Presentation to FEI

  • 1. Enterprise Risk Management ‐ Building the Business Case Building the Business Case ‐ Practical Implementation Tips Thomas Mulhare Thomas Mulhare Partner in Charge,  Financial Services and Business Risk Advisory Services Jerry Ravi Senior Manager,  Business Risk Advisory Services February 2, 2010
  • 2. ERM Defined: “… a process, effected by an entity's board of  directors, management and other personnel, applied  in strategy setting and across the enterprise,  i i d h i designed to identify potential events that may  affect the entity, and manage risks to be within its  affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance  regarding the achievement of entity objectives.” Source:  COSO Enterprise Risk Management – Integrated Framework.  2004. COSO. 2
  • 3. SHAREHOLDER VALUE DECLINES SHAREHOLDER VALUE DECLINES Common means by which Shareholder Value is Destroyed: Common means by which Shareholder Value is Destroyed: Strategic and Business Operational Financial Compliance 5% 15% 20% 60% 3
  • 4. What CFO's Think What CFO's Think 52% • have formalized risk management  program 42% • do historic comparisons to avoid risk 32% • set specific risk thresholds 29% • create risk adjusted forecasts and  plans Source: The Global CFO Study 2008 4
  • 5. Why ERM is Important  Wh ERM i I t t ERM supports value creation by enabling  Underlying principles management to: Every entity exists to realize value for its  Deal effectively with potential future  stakeholders. events that create uncertainty. Value is created, preserved, or  Respond in a manner that  Respond in a manner that eroded by management  reduces the likelihood of  decisions in all activities, from  downside outcomes and  setting strategy to operating the  increases the upside. enterprise day‐to‐day. 5
  • 6. ERM Principles ERM Principles Skilled project leaders who can  think “outside the box” Talented  Talented People Sharing &  Sharing & Effective  Knowledge  Process Transfer Willingness to cross  Effective process to identify  and  boundaries posed by  manage risks  information silos 6
  • 7. ERM – What went wrong? ERM What went wrong? • Risks ere not f ll nderstood Risks were not fully understood • Management overrides • Compensation focused on short term • Not enough Board involvement • Inadequate communication Inadequate communication 7
  • 8. Other Risk Drivers for ERM Implementation Other Risk Drivers for ERM Implementation 60% of senior executives “lack high confidence” that their  60% f i ti “l k hi h fid ” th t th i company’s risk management practices identify and manage all  FEI Study  potentially significant risks Requires audit committee charter to include reference to the  NYSE committee’s responsibility to “discuss risk assessment and risk  management” “It is the board’s responsibility to ensure that management has  instituted processes to identify major risks and has developed  NACD plans to deal with such risks.  BOARDS WILL BE HELD  ACCOUNTABLE 8
  • 9. ERM Challenge – More Than Audit Committee ERM Challenge More Than Audit Committee • Defining & Managing Expectations – Board – Who on Board is responsible for all Risk – Audit Committee – Monitoring  – Executive Management – Key Sponsor of ERM Executive Management  Key Sponsor of ERM • Coordinating with Other Risk Monitoring  & Assurance Groups: – Compliance – Legal l – Safety/OSHA – Loss Prevention – External Audit • Risk Committee? 9
  • 10. ERM: Breaking Down Silos ERM: Breaking Down Silos Financial  Information  Underwriting Reporting Technology Reinsurance Claims Regulatory New Products / Lines of Business Human Resources Policies & Procedures 10
  • 11. What benefits come from ERM? What benefits come from ERM? Better  Better Make more  Make more Better  information  informed  communication about risks decisions Strengthen  Increased  Reduce earning  governance  accountability volatility practices ti More  Help to meet  Help to meet comprehensive  strategic goals Stress Test 11
  • 12. Managing Risk = Better Performance i ik f Align corporate goals with: g p g Understanding the sources of risk and their relevant  performance metrics help manage: Strategies People Objectives Processes Risks Information Performance metrics Assets or technology 12
  • 13. A Practical ERM Approach A Practical ERM Approach • The ERM Continuum • Key Implementation Factors – Setting Expectations – Indentifying your first steps – Build the “ERM Engine” – Creating the Process Build the “ERM Engine” Creating the Process – Risk Identification, Assessment and Analysis – Monitoring and Reporting Monitoring and Reporting • Success Factors • EXAMPLES: RISK ASSESSMENT & TOOLS EXAMPLES: RISK ASSESSMENT & TOOLS 13
  • 14. Evolution of ERM Methodology Evolution of ERM Methodology ERM is not a “One Size Fits All”  ERM is not a  One Size Fits All approach.  The key is  to remember this  t b thi is a PROCESS! Strategic View ”A Strategic Tool” Integrated Risk Integrated Risk “Managing  Risks Better” Compliance 14
  • 15. Setting Expectations S i E i • Executive endorsement • Direct reporting is critical • Leverage existing risk functions Leverage existing risk functions • Develop a risk mindset, starting at the Top • Difference between Compliance (SOX) and ERM 15
  • 16. Identifying your First Steps Identifying your First Steps • Determine what’s right for your company Determine what s right for your company • Determine your risk philosophy – Survey risk culture via a  Risk Health Check Survey risk culture via a “Risk Health Check” – Consider organizational integrity and ethical values • Decide on roles and responsibilities p – Identify sponsors and owners (i.e., Board, Management,  Risk Officers, Internal Auditor) • Assess where your are on the ERM Continuum • Create a process 16
  • 17. Example: Risk Health Check (Culture & Alignment) E l Ri k H lth Ch k (C lt & Ali t) • To what extent is the “culture” supportive of advancing an enterprise view  of risk management?   of risk management? • How has the significance of risk governance been communicated (i.e.,  regular communications and documentation)? • How comfortable are our people in discussing risk? Are they afraid to raise  f bl l d k h f d difficult issues? How quickly do they raise issues?  • Is risk management built into decisions about capital allocation,  acquisition, succession planning, and other strategic initiatives?  acquisition succession planning and other strategic initiatives? • Would you describe the organization’s approach to risk management as: – Reactive to risks that occur – P Proactive about risk possibilities i b ik ibili i • How might our compensation programs encourage inappropriate short‐ term risk taking? How can we change these programs to encourage risk‐ taking instead? What mechanisms exist to recover compensation when  taking instead? What mechanisms exist to recover compensation when excessive risk‐taking occurs? 17
  • 18. Building the "ERM" Engine – Creating the Process  Building the "ERM" Engine Creating the Process Identify  objectives  Build Consensus  Build Consensus Identify ERM Task  Identify ERM Task (strategic, financial,  around the process Force operational, etc.) Define the  Review and  Identify / discuss  corporate risk  corporate risk leverage existing  leverage existing scope of process appetite documentation Kickoff initial  Continuously  planning  Monitor the  workshops with  workshops with Process  Ask  Process – “Ask process owners Questions” 18
  • 19. Kickoff  the Process Kickoff the Process • Identify preliminary risk language and categories yp y g g g • Develop risk inventory questionnaires • Develop materials and hold education / risk Develop materials and hold education / risk  awareness session(s)  • Initiate/schedule interviews Initiate/schedule interviews • Identify questionnaire recipients at the business  units 19
  • 20. Mid‐Market Pharmaceutical Company Sample Risk Management Categories Contract  Bio Technology Pharmaceutical Corporate Management Competition Dependency on CRO / Contract  Competition (Pipeline, Generics,  Debt Obligation Manufacturing for Products New, Existing) Viability ROI / Optimization of Resources / Optimization of Resources Planning Liquidity Customer Needs (Long‐Term  Product Approvals Pricing Capital Requirements / Financing focus) Profitability y Vendors / Suppliers (licensing  / pp ( g Shareholder Value Agreements) Dependency of 3rd Party Royalty  Commitments / Contingencies Contracts Expansion of existing Products (IP  p g ( Protection) Incident Reporting Product Recalls Regulation R l ti IT Systems Personnel / HR Business Development Vendor Management / Customer Management Quality Procedures / SOPs
  • 21. Risk Identification Risk Identification • In general, there are three kinds of risks your  g y institution faces: • Risk you know of and are working on to resolve  (Low Concern) (Low Concern) • Risk you know of and are not yet working on to  resolve  (Medium Concern) eso e ( ed u o ce ) • Risks you are not yet aware of but will find out  via complaints, litigation, examiners and/or  media attention  (High Concern) di tt ti (Hi h C ) • Map risks to agreed upon categories 21
  • 22. Risk Identification Tools Risk Identification Tools • Assessments – External:  works best for small to mid‐sized companies – Continuous Internal Assessment: Via Full Time Risk  Management Department – Internal Assessments: Via Compliance, Audit, or Risk Owners – Self Assessment Surveys:  people involved in processes know  them the best • L Leverage Existing Risk Related Assessments  (i.e., Internal  E i ti Ri k R l t d A t (i I t l Audits, SAS70s, Compliance Reviews, Regulatory Reports) • Conduct risk assessment interviews or brainstorming Conduct risk assessment interviews or brainstorming  workshops with key members of management 22
  • 23. Risk Assessment • Compile all results of the risk identification process • Quantification of risk exposure • Options available: ‐ Accept = monitor ‐ Avoid = eliminate (get out of situation) ‐ Reduce = institute controls ‐ Share = partner with someone (e.g. insurance) • Link Risk Assessment to the Strategic Objectives  (Example attached) 23
  • 24. Impact vs. Probability Impact vs Probability Sample:  Financial Institution p Medium Risk High Risk High Credit Risk Regulatory Violations and  g The Loaning Process Fines System Outages I M Share Mitigate & Control P Low Risk Medium Risk A C Asset Management  Customer Complaints p Turnover Fee Receivables T Trade Errors Accept Control Low PROBABILITY High 24
  • 25. Risk Analysis Ri k A l i • Assess and prioritize risks Assess and prioritize risks  • Assess the maturity of risk management  strategies for the top risks strategies for the top risks • Deploy mitigation strategy • Develop action plan 25
  • 26. Monitoring and Reporting Monitoring and Reporting • Establish accountability for risks y • Summarize a risk assessment report • Create risk dashboards for high level board reporting Create risk dashboards for high‐level board reporting – Leverage technology tools (screen shots attached) • Develop a continuous monitoring program l – Ensure updates are reflected (i.e., changes in systems or  processes) ) 26
  • 27. Success Factors Success Factors • Be brutally honest with your self assessment y y • Select the right people and approach • g Encourage constructive feedback • Make it clear who owns the process • Risk management is everybody s job Risk management is everybody’s job • Learn from losses • View it as a  Process not a Project View it as a “Process”, not a “Project” 27
  • 28. Context of the Risk Assessment Context of the Risk Assessment Objectives provide the context for  the risk assessment … the risk assessment … E l Obj ti Example Objectives Strategic Objectives  Increase market share by 10% over the  Strategy y next 3 years. Supporting Objectives Business Unit  Deploy new line of business in San  (Region,   Francisco by May 2010. Location)) Functional Objectives  Functional  Improve availability  and continuity of IT  (IT,  Accounting) core applications by June 2010. Risk Management Objectives Risk Specific  Maintain profitability (Pricing, loss  (Profitability) (Profitabilit ) experience, etc…) experience etc ) 28
  • 29. Example: Risk Model Example: Risk Model Which areas of risk might be identified, analyzed, and prioritized in  an ERM program? p g Environmental Risks • Capital Availability • Liquidity • Regulatory, Political, and Legal • Financial Markets and Shareholder Relations Process Risks P Ri k • Operations Risk • Empowerment Risk • Information Processing / Technology Risk • Integrity Risk • Financial Risk Information for Decision Making • Operational Risk • Financial Risk 29 • Strategic Risk
  • 30. EXAMPLE: Credit Administration/Loan Review Potential Significant Risks and Overall Risk Rating:  High ♦ Ability to achieve the business plan for targeted markets/customers/products   Strategic Risk High ♦ Standardization of credit administration guidelines Reputation Risk High ♦ Consumer and commercial loan approval and underwriting  process is highly visible to the customer  Compliance Risk Low ♦ Risk of lawsuits, fines and penalties related to non‐compliance with lending laws and regulations ♦ Credit risk is inherently high especially during the current downturn in the market  ♦ The number of large loans ($5‐15 million) has increased significantly during the past year ♦ Nine independent bank credit cultures Credit Risk Credit Risk High ♦ Risk in wire transfer and ACH continues to increase Ri k i i t f d ACH ti t i ♦ Lack of consolidated credit information for banks and non‐bank affiliates ♦ Consumer credit judgment may be inconsistent  ♦ Financial risk is inherently high in a loan origination process ‐ loans are interest rate sensitive ♦ The Federal Reserve has been decreasing interest rates over the past year ♦ g y p ACME is in a highly competitive market Financial Risk Fi i l Ri k High Hi h ♦ Future Basel Accord implications ♦ ACME does not have a standard ALLL methodology that all banks follow ♦ Inconsistent application of non‐accrual and charge‐off policies ♦ No formal training for loan officers on regulation changes ♦ No standard guidelines for credit policies and procedures for loan origination and approval process ♦ Some banks  have specialty loan areas that  perform loan operations functions  Some banks have specialty loan areas that perform loan operations functions ♦ Missing quality assessment review at loan origination for compliance with ACME credit documentation and  Operational Risk High approval policy ♦ Administration of participated loans is managed by the lead affiliate bank and not centrally managed.  The  experience levels of credit officers vary within the affiliates ♦ No standardization and centralized approval of law firms used for loan closings ♦ IT system not fully utilized or may lack data integrity due to lack of standard credit administration policies ♦ IT system is the common platform for loan processing Technology Risk ♦ IT system does not interface with non‐bank subsidiary systems making it difficult to compile consolidated loan  Moderate information  ♦ Lack of a front end system to process consumer applications that enforces ACME’s credit policies Human Resources  ♦ In the event additional employees are needed or turnover occurs, ACME may have difficulty identifying an  I th t dditi l l d d t ACME h diffi lt id tif i Moderate employee internally or recruiting a candidate in a highly competitive job market  Risk Financial Impact High ♦ Combined loan portfolio is approximately $3.6 billion Risk Direction  ♦ Credit risk increasing as a result of current market conditions 30 Increasing Indicator
  • 31. Risk Framework Tool  ALINE GRC: Risk Framework Tool – ALINE GRC: Accountability, Measurement, and Impact y, , p 31
  • 33. 33
  • 34. Thomas M. Mulhare Jerry R. Ravi y Amper, Politziner & Mattia, LLP Amper, Politziner & Mattia, LLP Tel:   (732) 287‐1000 x 1281  Tel:  (732) 287‐1000 x 1294 Cell:  (908) 930‐1435 C ll (908) 930 1435 Cell: (732) 770‐3519 C ll (732) 770 3519 E‐mail: mulhare@amper.com E‐mail: ravi@amper.com The material contained in this presentation is for general information and should not be acted upon  without prior professional consultation. 34