1st Capacity Building Seminar on Enterprise Risk Management

Similar documents
I would like to thank the following organizations for sponsoring the course, which allows their employees/members to have the registration fee waived:

Presentation by: Nasumba Kizito Kwatukha CPA,CIA, CISA,CFE,CISSP,CRMA,CISM,IIK 6 th JULY 2017

Best Practices in ENTERPRISE RISK MANAGEMENT. [ Managing Risks Holistically ]

An Overview of the Enterprise Risk Management Process

Understanding Enterprise Risk Management: An Overview

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework

Business Auditing - Enterprise Risk Management. October, 2018

Risk Evaluation, Treatment and Reporting

ก ก Tools and Techniques for Enterprise Risk Management (ERM)

Enterprise Risk Management for Water Utilities. Justin Carlton, CMA, MBA Financial Analyst Tualatin Valley Water District

Associate in Risk Management ARM 54 Chapter One. Understanding RM & Establishing a RM Program. Understanding RM & Establishing a RM Program

Applying COSO s Enterprise Risk Management Integrated Framework. September 29, 2004

Enterprise Risk Management Integrated Framework

An Introduction to Risk

ENTERPRISE RISK MANAGEMENT (ERM) GOVERNANCE POLICY PEDERNALES ELECTRIC COOPERATIVE, INC.

Applying COSO s Enterprise Risk Management Integrated Framework

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

Senior Director, Fire Life Safety & Risk Management

Enterprise Risk Management Policy Adopted by the AMP Limited Board on 2 February 2017

Enterprise Risk Management Sources. Universe. Tolerance. Appetite

Enterprise Risk Management Balancing Risks & Identifying Opportunities WEBINAR

INTEGRATING RISK MANAGEMENT AND BUSINESS CONTINUITY

RISK MANAGEMENT POLICY

CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY

Enhanced Cyber Risk Management Standards. Advance Notice of Proposed Rulemaking

Energize Your Enterprise Risk Management

Summary of Risk Management Policy PT Bank CIMB Niaga Tbk

Practical aspects of determining and applying a risk appetite for SMEs

Risk Management at Central Bank of Nepal

Client Risk Solutions Going beyond insurance. Risk solutions for Real Estate. Start

What Is Enterprise Risk Management?

How Internal Audit Can Help Promote Effective ERM

INTERNAL AUDIT AND OPERATIONAL RISK T A C K L I N G T O D A Y S E M E R G I N G R I S K S T O G E T H E R

Three Lines of Defense: Working Together to Enhance Business Performance

RISK MANAGEMENT FRAMEWORK OVERVIEW

7/25/2013. Presented by: Erike Young, MPPA, CSP, ARM. Chapter 2. Root Cause Analysis

ERM CB Seminar Hotel Sea Princes, Mumbai 10th Aug Application and Challenges

Enterprise Risk Management

Excellence in Risk Management via Enterprise Risk Management. Presentation to: Audit Committee Ashok K. Roy, Ph.D., CIA, CFSA, CBA September 18, 2015

Client Risk Solutions Going beyond insurance. Risk solutions for Financial Institutions. Start

Enterprise Risk Management Program

Client Risk Solutions Going beyond insurance. Risk solutions for Retail. Start

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

Risk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small

ERM/ORSA Training Thai General Insurance Association (TGIA)

Sections of the ORSA Report

Risk Management Framework

GOV : Enterprise Risk Management Policy

American Academy of Actuaries Webinar: The Practice of ERM in the Insurance Industry. Enterprise Risk Management Committee November 19, 2013

Bournemouth Primary MAT Risk Management Policy

Enterprise Risk Management

CORPORATE RISK MANAGEMENT POLICY

Risk Management Policy

Product Recall Risk Assessment By Tony Munns. Product recall is a key area of risk for today s company. With greater focus

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

University Risk Management Policy

Financial Risk. Operational Risk. Strategic Risk. Compliance Risk. Chapter 2 Risk management. What is risk?

SOLID GROUP INC. ENTERPRISE RISK MANAGEMENT POLICY

The Proactive Quality Guide to. Embracing Risk

Fraud Investigation & Dispute Services Corporate misconduct individual consequences

VCIA 2013 App. vcia. To get QR Code Scanner, download one from the apps store on your device

Chapter 7: Risk. Incorporating risk management. What is risk and risk management?

ERM Implementation and the Own Risk and Solvency Assessment (ORSA)

Information security management systems

Achieving integrated risk management

Enhancing Our Risk Appetite Framework. A Case Study

BERGRIVIER MUNICIPALITY

EFFECTIVE TECHNIQUES IN RISK MANAGEMENT. Joseph W. Mayo, PMP, RMP, CRISC September 27, 2011

POLICY ON RISK MANAGMENET

BBK3253 Risk Management Prepared by Khairul Anuar

USF System Compliance & Ethics Program. Risk Assessment Process. Enterprise-Wide Risk Assessment

Jeffrey A. Slotnick CPP, PSP Ron Worman, The Sage Group The ESRM Commission

Risk Management Policy

Risk Management. Webinar - July 2017

ERM Concepts and Framework. Paul Duffy

Enterprise Risk Management (ERM) A Business Enabler or a Compliance Issue? Prepared by Nico Snyman MBA, FIRMSA, M.I.S) Chief Executive Officer (CEO)

FERMA European Survey 2012 ERM Maturity Key Findings Dominique Pageaud Ernst & Young. In collaboration with

Risk Management (A brief introduction with 2 case study examples)

The Changing face of ERM: The Insurance Company s Perspective

POLICY. Policy Title: Integrated Risk Management. Director, Strategic and Governance Services Centre

FERMA European Risk Manager Survey 2018

Risk Management: Principles, Methodologies and Techniques. Peter Getugi Internal Audit Manager ILRI

RISK MANAGEMENT FRAMEWORK

Section Defining Risk Management. 11. Principles of Risk Management

DRAFT 3/18/14 Financial Analysis Handbook 2014 Annual/2015 Quarterly

2018 THE STATE OF RISK OVERSIGHT

CERA Module 1 Exam 2015

Approved by: Diocesan Council 17 December 2015

Journey of a Compliance Officer in ERM Implementation. SCCE Regional Conference September 8, Introduction

Bob Bowman Director of Risk Management The Wendy s Company. Presentation Management sponsored by

Managing And Mitigating Risk In PT Pertamina (Persero) to balance Aggressive Growth Strategies with Prudent Risk Management Frameworks

There are many definitions of risk and risk management.

Escorts Limited. Risk Management Policy

Enterprise Risk Management by Many Other Names is Still Enterprise Risk Management David K. Whatley UTH Advisors April 15,2008

CERA Module 1 Exam 2016

Alexander Hamilton Best Practices Summit. USAA Enterprise Risk Management

Enterprise Risk Management

Thirty-Second Board Meeting Risk Management Policy

Transcription:

1st Capacity Building Seminar on Enterprise Risk Management Hotel Sea Princess, Mumbai 10 th August 2018 ERM as a Business Enabler N K V Roop Kumar, EVP, Chief of Risk, Info & Cyber Security Management, SBI Life Insurance Co. Ltd.

Contents How does ERM add Value Roles & Responsibilities of ERM How does 3 Lines of Defense interact Risk Assurance to the Stakeholders

How does ERM add Value

How ERM adds Value to the Organization Reduce Cost of Hazard Risk Reduce Deterrence Effects of Hazard Risks Reduce & Manage Downside Risk Intelligent Risk Taking Maximize Profitability Holistic Risk Management Legal and Regulatory Requirements

How ERM adds Value to the Organization Reduce Cost of Hazard Risk Risk management aims to reduce the long-term overall cost of risk for the organization The reduction in the overall cost of risk can increase the organization s profits Reduce Deterrence Effects of Hazard Risks The fear of possible future losses tends to make senior management reluctant to undertake activities they consider too risky Risk management reduces the deterrence effects of uncertainty about potential future accidental losses by making these losses less frequent, less severe, or more foreseeable Reduce & Manage Downside Risk Downside risks, including losses and failures, are an inevitable aspect of any type of business or speculative risk Reducing downside risk provides similar organizational benefits as reducing the deterrence effects of hazard risks. 5

How ERM adds Value to the Organization Intelligent Risk Taking Providing the organization with a framework to analyze the risks associated with an opportunity and then to manage those risks Decisions regarding new opportunities should be based on the organization s risk appetite Maximize Profitability Risk management provides an organization information to evaluate the potential risk-adjusted return on its activities and to manage the risks associated with those activities Risk managers can help the organization evaluate the risks and potential return of each option and their effects on the organization meeting its objectives 6

How ERM adds Value to the Organization Holistic Risk Management Traditional risk management was conducted in silos within an organization, whereas ERM talks of managing Risks enterprise wise. An integrated, holistic approach that manages risk across all levels and function within an organization presents a more complete picture of an organization s risk portfolio and profile Legal and Regulatory Requirements Organizations with effective risk-management programs will be able to comply with the various Indian & Global regulatory requirements. 7

How ERM adds Value to the Economy Reduced Waste of Resources Improved Allocation of Productive Resources Reduced Systemic Risk

How ERM adds Value to the Economy Reduced Waste of Resources When a fire or an earthquake demolishes a factory or destroys a highway, that economy s overall productive resources are reduced. Risk management prevents or minimizes the waste of these productive resources. Improved Allocation of Productive Resources Risk management also improves the allocation of productive resources because, when economic uncertainty is reduced for individual organizations, allocating productive resources is improved. Risk management makes those who own or run an organization more willing to undertake formerly risky activities because they are better protected against the downside of risk. Reduced Systemic Risk Systemic Risks are those risks who have the potential to do major disruption in the function of an entire market or financial system. If organization does not have an effective risk-management program, that organization s risks can result in failure not only for the organization but also for the economy 9

What is Risk Framework? Risk Management Framework prepares the organization to achieve long term goals, effective use of resources, dependable reporting and compliance with regulations/norms/guidelines. A good risk framework should have a strong governance structure so that the board and the management should know how risks are being managed. To ensure this, there are a few well-known frameworks available such as ISO 31000 : 2018 Risk Management Standard and the COSO ERM 2017

COSO ERM 2017 Framework COSO ERM 2017 Integrating with Strategy and Performance clarifies the importance of enterprise risk management in strategic planning and embedding it throughout an organization because risk influences and aligns strategy and performance across all departments and functions. 11

ISO 31000:2018 Process ISO 31000 ERM- coordinated activities to direct and control an organization with regard to risk

Risk Monitoring Mechanism Risk Analytics & Dashboard Risk Appetite Top Risk Identification Infosec Management Incident Reporting Risk Monitoring Mechanism Risk Control Self Assessment Risk Register Risk & Fraud Control Unit Business Continuity Management

Roles & Responsibilities of ERM

Roles & Responsibilities of ERM Tolerable Uncertainty Legal and regulatory compliance Survival Business continuity Earnings stability Profitability and growth Economy of risk management operations

Roles & Responsibilities of ERM Tolerable Uncertainty Aligning risks with the organization s risk appetite Managers want to be assured that whatever might happen will be within the bounds of what was anticipated and will be effectively addressed by the risk management program. Legal and Regulatory Compliance An important goal for risk management programs is to ensure that the organization s legal obligations are satisfied A risk management professional has an essential role in helping the organization manage regulatory risk and the potential for liability Survival Many risks can threaten the survival of an organization. Survival of an organization depends on identifying as many risks as possible that could threaten the organization s ability to survive It also depends on anticipating and recognizing emerging risks, such as those related to Bitcoins

Roles & Responsibilities of ERM Business Continuity Survival requires that no risk occurrence (no matter how severe) permanently shut down an organization, the goal of continuity of operations is to become resilient. These are the steps an organization should take to provide business continuity and, therefore, resiliency: Identify activities whose interruptions cannot be tolerated Identify the types of accidents that could interrupt such activities Determine the standby resources that must be immediately available to counter the effects of those accidents Ensure the availability of the standby resources at even the most unlikely and difficult times Earnings Stability Rather than strive for the highest possible level of current profits in a given period, some organizations emphasize earnings stability over time. Striving for earnings stability requires precision in forecasting fluctuations in asset values; liability values; and risk management costs, such as costs for insurance.

Roles & Responsibilities of ERM Profitability and Growth An organization s senior management might have established a minimum amount of profit that no event should reduce. To achieve that minimum amount, risk management professionals must identify the risks that could prevent this goal from being reached, as well as the risks that could help achieve this goal within the context of the organization s overall objectives. Economy of Risk Management Operations Risk management should operate economically and efficiently; that is, an organization generally should not incur substantial costs for slight benefits gained. Risk management programs should be operated economically and efficiently. Trade offs among Goals

How 3 Lines of Defense interact with each other

Three Lines of defence Model 2 nd Oversight (Control) Functions Risk Management, Compliance, Legal, Finance 3 rd Independent Assurance Internal / External Audit, Other assurance providers Board, Audit Committee & Excom First Line The first level of control environment is the business operations which perform day to day risk management activity. Second Line Oversight functions in the Company such as Risk Management, Compliance, Legal & Finance set directions, define policy, and provide assurance. Third Line Internal and external audit are the third line of defense, offering independent challenge to the levels of assurance provided by business operations & oversight functions.

First Line of Defense & Second Line of Defense Business Units Business Units are responsible for managing their own units. Responsible for identifying & controlling risks by using control frameworks, implement internal control processes and adequate controls. Risk Management Responsible for ERM Independent reporting to the Management, Board, Audit Committees. Advisor consultant to 1 st Line of Defense

Second Line of Defense & Third Line of Defense Risk Management Design and implementation of the risk management plan, including the choice of appropriate tools and responses to risk, in accordance with board guidance. Defining Risk Appetite & Tolerance levels & establishing Internal Risk Management Controls Risk Assessment and monitoring the Risk levels Internal Audit Reviews and critiques the implementation of the Risk Management Plan Auditing the internal controls implemented by the risk management team. Evaluating the effectiveness of the controls to determine whether the intended 23 RM goal is being Achieved Providing alternatives & recommending solutions

Assurance to various Stakeholders

Assurance to the Stakeholders What? How? Why? Risk assurance refers to the level of confidence in the effectiveness of the organization's risk management culture, practices, and procedures Both within the organization and with outside stakeholders High levels of risk assurance result in lower costs to the organization, enhancing its long-term value.

Assurance to the Stakeholders- High Level Assurance Characteristics Risk reporting systems are providing information up the management chain to the board of directors, as well as down the management chain to the operating units. Risk Aware Culture The board of directors is certain that key risks have been properly identified, quantified, prioritized, and managed in an effective and costefficient manner.

Assurance to the Stakeholders- Risk Assurance Sources Policy and procedures documentation Risk management reports and documentation Internal Sources Business unit and department operating reports Internal audit reports of operations and processes, internal controls, and risk monitoring

Assurance to the Stakeholders- Risk Assurance Sources External audits reports Surveys of customers and suppliers External Sources Favorable press reports Reports and rankings from legal and regulatory authorities

Assurance to the Stakeholders- Benefits Confidence The board of directors & Regulatory Authorities will have greater confidence in management effectiveness Culture of Risk Management Employees have greater job security, which itself reinforces a culture of risk management Customers and Suppliers Customers and suppliers are more confident in the financial health and well-being of the organization

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback