Beyond ERM - The Roles, Responsibilities and Costs of Risk Management March 28, 2012

Similar documents
Energize Your Enterprise Risk Management

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

Combined Assurance Approach

Enterprise Risk Management Integrated Framework

ก ก Tools and Techniques for Enterprise Risk Management (ERM)

Enterprise Risk Management Sources. Universe. Tolerance. Appetite

INTERNAL AUDIT AND OPERATIONAL RISK T A C K L I N G T O D A Y S E M E R G I N G R I S K S T O G E T H E R

Risk Review Committee

Applying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004

The Rating Agency View of Capital Modelling. Simon Harris Team Managing Director European Insurance

Session 7 Evolution of ERM Across Industries An ERM Practitioner s Perspective. Danielle Harrison, Chief Risk Officer, The Co-operators Group

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

OMB Update Enterprise Risk Management. April, 2018

Governance & Development: Views from G20 Countries

Amex Bank of Canada. Basel III Pillar III Disclosures December 31, AXP Internal Page 1 of 15

How Internal Audit Can Help Promote Effective ERM

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

Changes to auditor reporting standards in Canada: What to expect

Delivering Clarity to Credit Unions Through Expertise and Experience

Foreign Bank Enhanced Prudential Standards (FBEPS) Spotlight on Governance and Risk Management. Chris Spoth Deloitte & Touche LLP October 2013

Susan Schmidt Bies: Enterprise perspectives in financial institution supervision

Risk Management Policy Adopted by:

Launching ERM: Experiences from Progress Energy

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

Best Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]

Summary of Risk Management Policy PT Bank CIMB Niaga Tbk

SCCE 2012 COMPLIANCE & ETHICS INSTITUTE. Workshop Agenda

New Ideas in Enterprise Risk Management (ERM) Across Industries

GPC Financial Corporation. BASEL III PILLAR 3 DISCLOSURES September 30, 2014

IMPLEMENTATION NOTE. Corporate Governance Oversight at IRB Institutions

ENTERPRISE RISK MANAGEMENT (ERM) POLICY

Enterprise Risk Management (ERM) A Business Enabler or a Compliance Issue? Prepared by Nico Snyman MBA, FIRMSA, M.I.S) Chief Executive Officer (CEO)

Enterprise Risk Management

GPC Financial Corporation. BASEL III PILLAR 3 DISCLOSURES December 31, 2014

ERM/ORSA Training Thai General Insurance Association (TGIA)

MISSION VALUES. This Framework has been printed by:

Proportionality in Banking Regulations: The Case of the Philippines. CHUCHI G. FONACIER Deputy Governor Bangko Sentral ng Pilipinas

Risk and Growth: Thrive, Survive or Fail

Enterprise Risk Management Perspectives

Applying COSO s Enterprise Risk Management Integrated Framework

The Central Bank of Ireland Risk Appetite: A Discussion Paper

Regulation and risk The strategic response to insurance regulatory developments Alex Thomson, May 2013

Assessing the Adequacy of Risk Management Using ISO 31000

FIRMA Nashville Tennessee April 21, 2015

Draft Guideline. Corporate Governance. Category: Sound Business and Financial Practices. I. Purpose and Scope of the Guideline. Date: November 2017

Adoption of new auditor s reports

Global Enterprise Risk Management in Insurance

UBS Saudi Arabia (A SAUDI JOINT STOCK COMPANY) Pillar III Disclosure As of 31 December 2017

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Why your board should take a fresh look at risk oversight: a practical guide for getting started

UBS Saudi Arabia (A SAUDI JOINT STOCK COMPANY) Pillar III Disclosure As of 31 December 2014

GUIDELINES FOR THE INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS FOR LICENSEES

Risk Review Committee Charter

The Risky Business of. Risk Management

Working through Risk Appetite

Using Meaningful KRI s for Basel II Operational Risk Management

Office of the Superintendent of Financial Institutions Internal Audit Report on Insurance Supervision Sector

Operational Risk Management

PRESENTATION TO CLASS 2 CREDIT UNIONS, BY DIRECTORS GLOBAL & BY BPS RESOLVER

Reporting- The New Auditor s Report Presentation by: CPA Stephen Obock Associate Director, KPMG March 2018

ENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK

ENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.

Enterprise Risk Management (ERM)

2018 THE STATE OF RISK OVERSIGHT

Corporate Governance of Federally-Regulated Financial Institutions

SOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY

Sharing insights on key industry issues*

A.M. Best s New Risk Management Standards

Article from: Risks & Rewards. August 2014 Issue 64

Enterprise risk management: How are companies gaining value from their ERM strategies?

Presentation by: Nasumba Kizito Kwatukha CPA,CIA, CISA,CFE,CISSP,CRMA,CISM,IIK 6 th JULY 2017

Amidst such development, BPMB stays focused in fulfilling its mandated role whilst remaining steadfast in improving its asset quality.

Risk Architecture: Agenda. Leon Bloom, Partner, Deloitte & Touche LLP

Thirty-Second Board Meeting Risk Management Policy

Why a compliance knowledge center is the best approach for addressing the Dodd-Frank regulatory deluge


ENTERPRISE RISK MANAGEMENT Framework

On July 1, 2018, the Board of Governors of the Federal Reserve System (Board) and the

What Is Enterprise Risk Management?

PST Board Assurance Framework

RISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS

SESSION/SÉANCE : PS-1

Capturing Risk Appetite Through ERM - Implementation Challenges

Independent Loan Review An Essential Tool

Today s key challenge in Treasury Transfer Pricing & Treasury

WE TRAIN HIGH QUALITY TRAININGS, WORKSHOPS AND SEMINARS ON FINANCIAL SERVICES

The Treasury Mandate: Strategic. for. Unlocking Partner. Business. Value

11 th Annual International Seminar on Policy Challenges for the Financial Sector

Business Continuity Management and ERM

1st Capacity Building Seminar on Enterprise Risk Management

University Risk Management Policy

A Journey Towards True Enterprise Risk Management

The Global Village. Future of Risk Management. Ferma Risk Management Forum 2009 Prague, 4-7 October

Enterprise Risk Management (ERM) Module 3.0 (CERA/FSA)

RISK MANAGEMENT - CORPORATE COMPLIANCE & ETHICS

GPC Financial Corporation. BASEL III PILLAR 3 DISCLOSURES September 30, 2016

Harmonizing Risk Appetites within a Stress Testing Framework

American Academy of Actuaries Webinar: The Practice of ERM in the Insurance Industry. Enterprise Risk Management Committee November 19, 2013

Community Trust Company Basel III Pillar 3 Disclosures June 30, 2018

GPC Financial Corporation

Transcription:

Beyond ERM - The Roles, Responsibilities and Costs of Risk Management March 28, 2012 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS

Agenda Risk Appetite What s happening now? Risk Management Case Study Governance Regulatory Insight 2

Language Myth 3

Team Myth 4

The first step in the risk management process is to acknowledge the reality of risk. Denial is a common tactic that substitutes deliberate ignorance for thoughtful planning. Charles Tremper (author and risk management expert) 5

Risk Appetite Risk appetite is the amount of risk on a broad level an entity is willing to accept in pursuit of value. This allows the institution to differentiate good risks from bad risks Risk appetite is a measure of inherent risk 6

The level of thinking necessary to address today s problems must be greater then that which got us here. Albert Einstein 7

What s happening now? 8

Why is Risk Management Becoming More Important? The current financial environment has significant focus on credit risk management Operational risk management weaknesses have developed (e.g. vendor over-reliance) Risk Management governance is becoming a key factor for strategic success Dodd-Frank is ushering in a new rules over delivery of financial services The game has changed consolidation The new DNA of community banking 9

Drivers of Consolidation Drivers of Consolidation: The Game Has Changed U.S. Banking Companies by Assets 1 Excess capacity Total Cumulative All Banks 7,200 100% 100% Regulatory Oversight (Dodd-Frank) & Escalating Costs < $100M 2,566 35.6% 35.6% Lack of access to capital and net margin decreases $100M - $500M 3,370 46.8% 82.4% Slow / low growth economic environment $500M - $1B 635 8.8% 91.3% Management / Board fatigue $1B - $10B 531 7.4% 98.6% $10B - $100B 76 1.1% 99.7% Operational Costs $100B - $1T 18 0.3% 99.9% Source: SNL Financial, FDIC; European Central Bank; OSFI; World Bank (1) Source: SNL Financial, Top tier regulatory consolidated (Q1 2011 data) > $1T 4 0.1% 100.0% 10

How We Got Here 11

NJ Banking Companies by Assets Total Cumulative All Banks 115 100% 100% < $100M 9 7.8% 7.8% $100M - $500M 61 53.0% 60.7% $500M - $1B 21 18.2% 79.1% $1B - $10B 20 17.4% 96.5% $10B - $100B $100B - $1T 4 0 3.5% 100.0% > $1T 0 12

Efficiency Ratio Non- interest expenses as a proportion of operating revenue. Expenses Salaries Technology Buildings Supplies Administrative Expenses Revenue Net interest income interest revenue expense Fee income A cost ratio of 50% or below is admired 13

14

Key to Successful ERM Implementation Alignment Strategy Cost & Impact Reporting & Monitoring 15

Key Success Factors for an ERM Program 1. Define an assessment methodology with consistent measures that everyone performs 2. Build the program from the bottom up to ensure all Threats and Risks are considered. A Top Down approach considers Entity Level risks and is complimentary. 3. Keep it simple! ERM should be explainable to the Board and down to the most junior associates within your institution 4. Integrate the risk management tools into daily activities and operations 16

Risk Management Case Study 17

ERM Case Study Management s Objectives: What type of management program could we develop to provide meaningful reporting and meet regulatory requirements? What should we measure (beyond credit and liquidity), and why should we? Can we empower line management to drive better day-today decision making? 18

Case Study Opposing Forces CEO sees no potential value of ERM to the franchise Board not asking for more information; already overwhelmed with new reporting requirements Regulators expecting an ERM program but no explicit requirement or specific guidance on how to implement 19

ERM Case Study 20

The Cost of Risk Management 21

The Cost of Risk Management 22

What Did Senior Management Do? One senior manager opted in as CRO Centralized day-to-day oversight of risk assessment activities with the CRO CRO given authority to override line managers 23

Initial Results Risk assessment forced a discussion on how we do business We learned so many things about the institution we did not like Areas where P&P were inadequate or did not exist Areas for potential operating losses Senior management believed better outcomes from the risk management discussions would result IT, VR, CO, OR threats Proactive decision making vs. reactive fire drills 24

Ongoing Results CRO reports to the CEO (implied authority) CRO maintains ongoing authority to override line management s assessment of risk Risk management is not a democracy Board can govern better with the knowledge it now has What else don t we know? Final Conclusion: If there are no red categories there are no profits. 25

Governance 26

Traditional Governance Structure Audit Committee Board of Directors Credit Committee Compensation Committee Nominating Committee Audit Internal Audit External CPAs Communication Asset Liability Committee Finance Committee Executive Management Investment Committee Tech & Ops Committee Compliance Committee 27

Internal Audit s Role in ERM Source: Position paper by IIA: The Role of Internal Audit in Enterprise-wide Risk Management - September2004 28

Core Internal Audit Roles Reviewing the management of key risks Evaluating the report of key risks Evaluating risk management processes Giving assurance on the risk management process 29

Internal Audit Roles with Safeguards Facilitating identification & evaluation of risks Coordinating ERM activities Maintaining & developing the ERM framework Developing risk management strategy for board approval 30

Non-Internal Audit Roles Setting the risk appetite Management assurance on risk Taking decisions on risk responses Implementing risk responses on management s behalf Accountability for risk management 31

Risk Based Governance Structure Audit Committee Board of Directors Credit Committee Compensation Committee Nominating Committee Audit Internal Audit External CPAs Enterprise Risk Committee (Joint Board and Exec. Mgmt.) Action Items Asset Liability Committee Executive Management Finance Investment Tech & Ops Committee Committee Committee Compliance Committee 32

ERM: What NOT to do ERM is used to upload risk (a.k.a the all work / no results strategy) Line managers jointly develop strategy Strategy then drives ERM (i.e. here it is, now go monitor it) All Risk is owned by ERM or the Risk Committee Risk appetite is static 33

ERM: What NOT to do (continued) View the ERM Program has a quick hit Management by checklists No discernible change in how decisions are made ERM is a compliance requirement (and nothing else) No interaction by the Executive Management Team & Board 34

Well-designed ERM Program Begins with risk assessment process Select optimal profile Gap / Results suggest a strategy Risk appetite drives the institution Shareholder value is pursued via integration of Risks Risks are owned by lines of business; separately monitored by ERM 35

Well designed ERM Program (continued) Communication among all stakeholders of risk appetite, backed by transparency ERM plan implementation is strategic in nature; process evolves over time A CRO or other executive wearing the CRO hat owns the ERM management function Communication and buy in from the Executive Management team & BOD Take action - Treat risks 36

Regulatory Insight 37

Regulatory Insight Why is risk management a key driver for efficiency and profitability? Interest Rate Risk continues to be a challenge Dodd-Frank /regulatory focus on risk management Bank earnings are in focus and will remain challenging Net Interest Margins remain under pressure and are heading lower Asset Yield on a downward trend Regulatory burden is a contributing factor but low interest rates drive weak earnings 38

Regulatory Insight Banks must figure out methods to be more efficient ERM is a vehicle to sustain in climate of weak earnings Effective RM practices affects efficiency, yield and protects capital Investment in technologies is critical to success Maximize net interest margins through smart lending and investment decisions Practical & effective risk management programs provide the framework 39

Looking forward Enterprise risk management programs will continue to emerge and develop over the next 3 years Operational risk management programs will require the same level of sophisticated management and Board oversight as credit risk programs do today Board Monitoring and Involvement Financial services supply chain practices will emerge, starting with tracking customer s private information 40

Thank you! Scott Baranowski Director Internal Audit Services Wolf & Company, P.C. 617 428-5413 Email: sbaranowski@wolfandco.com www.wolfandco.com 41

Regulators ERM Resources www.federalreserve.gov, www.occ.treas.gov, www.fdic.gov More to follow Consumer Financial Protection Bureau Basel Committee on Bank Supervision 2004 - Basel II - International Convergence of Capital Measurement and Capital Standards 2008 - Principles for Sound Liquidity Risk Management & Supervision www.bis.org/bcbs International Organization for Standardization (ISO) 2009 - ISO 31000: Risk Management - Principles and Guidelines 2009 - ISO Guide 73: Risk Management Vocabulary www.iso.org COSO Enterprise Risk Management Integrated Framework Institute of Internal Auditors www.theiia.org 42

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback