Math 479 / 568
Casualty Actuarial Mathematics
Fall 2014
University of Illinois at Urbana-Champaign
Professor Rick Gorvett
Session 18:
Enterprise Risk Management
November 20, 2014
1
An Initial ERM Comment
• You don’t become a famous writer by…
– Reading a book
– Reading about other authors
– Watching someone else write
• Similarly, you don’t become an “Enterprise
Risk Manager” by…
– Reading a book
– Taking a course
– Listening to a presentation
2
Rather, ERM is…
A complex process…
… involving broad-based and in-depth
knowledge and understanding…
… requiring an appropriate corporate culture,…
… and creativity…
… born of a variety of experiences…
… and insatiable curiosity.
3
Enterprise Risk Management
• Or “Enterprise Risk and Assurance
Management” or…
• What is ERM?
– Concerned with a broad financial and operating
perspective
– Recognizes interdependencies among corporate,
financial, and environmental factors
– Strives to determine and implement an optimal
strategy to achieve the primary objective:
maximize the value of the firm
Other Possible Goals of ERM
• Create and increase company value
• Ensure business continuity
• Stabilize earnings
• Enhance opportunities for the company to
achieve its objectives
• Make risk management more cost-efficient
Evolution of ERM
• Historically: “risk silo” mentality
• Mid-1990s:
– First “Chief Risk Officer”
– First use of ERM terminology
• Late-1990s:
– Risk-related regulatory requirements (e.g., Turnbull)
– Earnings protection insurance debuts
• 2001:
– September 11
– Corporate scandals
– Beginning of efforts to improve corporate governance
Current State
• Findings from various surveys
– An acknowledged need to improve risk
management
– A recognition that a holistic approach is
appropriate and preferable
– ERM can improve overall capital management
and thus enhance corporate value and
competitiveness
– A variety of approaches to improving risk
management
– There are still problems to overcome
A Paradigm Shift
Traditional
Emerging
• Risks managed in silos
• Concentrates on
physical hazards and
financial risks
• Insurance orientation
• Ad hoc / one-off
projects
• Centralized mgt., with
exec-level coordination
• Integrated consideration
of all risks, firm-wide
• Opportunities for
hedging, diversification
• Continuous and
embedded
Types of Risks
• Operational
– Hazard
– Physical
• Strategic
– Capital / resource allocation
– Industry / competitors
• Technological
– Databases
– Security
– Confidential information
• Stakeholder
• Legal
– Compliance
– Regulatory
• Financial
– Capital markets
– Credit risks
– Taxes
• Human capital
– Retention
– Training
• Reputational
Issues in ERM Implementation
• Different corporate cultures require different
ERM approaches
• Who is going to be the ERM champion within
the company
– Among senior executives
– Among departments / functions
• How to embed a risk management culture and
responsibilities throughout the firm
Components of the ERM Process
• Determine corporate objectives
Likelihood
• Risk identification
– Goal: comprehensiveness
Impact
– E.g., self-assessment
– Volatility measures
– Value at Risk (VaR)
Likelihood
• Risk measurement
Size of loss
Components of ERM (cont.)
• Assessing the impact
– Stress or scenario testing
– Stochastic simulation
• Examine and select alternative risk
management tools and techniques
– Traditional risk transfer
– Natural hedging / diversification
– Integration of risks
E.g.,
“dynamic
financial
analysis”
Components of ERM
Copyright © 2004 by the Committee of Sponsoring Organizations of the Treadway
Commission.
Basel III, Solvency II, etc.
• Regulations concerned with corporate
management of risks
• Three pillars of Solvency II:
– Capital requirements for insurers
– Framework for corporate governance and risk
management
– Reporting and disclosure requirements,
transparency
Keys to Success in ERM
• Senior management commitment and
sponsorship
• Embed a “risk management culture” in the
corporation at the operational level
• Provide for accountability, both specific and
widespread
• Clearly defined responsibilities for
coordination and maintenance
• Adequate communication
15
ERM Tries to Avoid…
“A failure of imagination.”
- Frank Borman, in testimony to Congress,
responding to a question regarding the real
cause of the Apollo 1 fire and the resulting
three astronaut deaths, as dramatized in
HBO’s series From the Earth to the Moon
16
ERM Perspective:
Steps in the ERM Process
•
•
•
•
•
•
•
Determine the corporation’s objectives
Identify the risk exposures
Quantify the exposures
Assess the impact
Examine alternative risk management tools
Select appropriate risk management approach
Implement and monitor program
ERM Perspective: Risk Profile
Legal
Risks
Hazard
Risks
Market
Risk
Operational
Risks
Firm
Risk
Financial
Risks
Strategic
Risks
Regulatory
Risks
Credit Risk
Case Study: Honeywell
• One of the first uses of integrated risk
management
• Mid-1990s: traditional risk management
approach
– Widely separated activities
– Silo mentality: different areas / departments
responsible for different risk exposures
Honeywell (cont.)
• Nature of the firm
– Diversified technology and manufacturing
company
– Worldwide activities
– Key businesses:
•
•
•
•
Aerospace
Automation and control
Materials
Transportation
Honeywell (cont.)
• In 1997, company considered a new risk
management structure and approach
• Old approach:
– Separate annual insurance policies for each
hazard risk (each with its own deductible)
– Options to hedge FX risk
• New approach:
– Multiyear combined hazard-and-FX risk policy
Honeywell (cont.)
• Additional information:
– Based on simulations of aggregate risk portfolio,
a $30 million aggregate retention was proposed
for the new policy
Honeywell (cont.)
• Question 1:
– What do you think were some of the barriers that
Honeywell might have faced in switching to the
proposed multi-year, multi-line policy? How
might each of these barriers been addressed or
overcome?
Honeywell (cont.)
• Question 2:
– Does this new, proposed policy “add value” to
Honeywell? If so, how?
• Question 3:
– Why might the proposed, bundled policy be less
costly to Honeywell than the aggregate costs
associated with the unbundled risks?
The Challenge of ERM –
Beyond Honeywell
• “The Honeywell integrated insurance policy is a first
step, but a true integrated risk management strategy
must go beyond the scope of the Honeywell
contract: It must incorporate more of the firm’s
risks, shift the analysis from tactical to strategic, and
evaluate how the other ways to manage risk…
should be used.”
– Lisa Meulbroek, 2002, “The Promise and Challenge of
Integrated Risk Management,” Risk Management and
Insurance Review, Vol. 5, No. 1, 55-66.
UGG Case Study
• In 1999, a $200+ million (Canadian) revenue
firm, headquartered in Winnipeg, Manitoba
• Originally a farmer cooperative
• Business segments:
–
–
–
–
Grain handling
Crop production
Livestock
Business communications
UGG (cont.)
• Risk management committee + Willis
identified 47 areas of exposure
• Six key risks analyzed further:
–
–
–
–
–
–
Environmental liability
Weather
Counterparty
Credit
Commodity
Inventory
UGG (cont.)
• Analysis of each key risk
– Probability distributions of losses
– Impact on financial / corporate measures of
interest
• Main concern: weather risk
• Regressions of crop yields against
temperature and precipitation
UGG (cont.)
• Questions in case study
– 1 and 2: impact of ownership structure
– 3: constructing a weather derivative
– 4: constructing an insurance contract
– 5: integration with other risks and coverages
– 6: insurance versus derivative
– 7: loss control measures