Presentation Title - College of Business
advertisement
Maximizing Value Through Enterprise Risk Management ERM Course May 3, 2005 James Lam President phone: 781.772.1961 Email: jameslam@comcast.net Website: www.jameslam.com Our president, James Lam, has spent 20 years in risk management Professional Industry Activities President, James Lam & Associates Founder and President, ERisk Partner, Oliver, Wyman & Company CRO, Fidelity Investments CRO, Capital Markets Services Inc., a GE Capital company PRMIA Blue Ribbon Panel Member GARP Inaugural Financial Risk Manager of the Year (1997) Published over 50 articles and book chapters Quoted in Wall Street Journal, Financial Times, Risk Magazine, and CFO Magazine Academic Client Solutions Senior Research Fellow, Beijing University Adjunct Professor, Babson College Lectured at Harvard Business School as the subject of a HBS case study MBA, UCLA School of Business BBA, Baruch College Consulting – ERM, strategic risk, financial risk, and operational risk Software – Operational risk (with OpenPages) and ERM Dashboard (CXO Systems) Training – board and management workshops 1 We are singularly focused on risk management Client Solutions Consulting services Software products • CXO Systems • OpenPages Training programs Areas of Expertise Enterprise risk management Market risk management Credit risk management Operational risk management KRIs and risk reporting 2 As discussed in James’ recent book, we define ERM as a value added function Definition of ERM: “An integrated framework for managing credit risk, market risk, operational risk, economic capital, and risk transfer in order to maximize firm value.” 3 Discussion outline Key trends and requirements Best practices and practical applications ERM in the future 4 ERM is useful because the risks faced by companies are highly interdependent Enterprise-Wide Risks Financial Risks FX risk in a new foreign market Financial Risk Business Risk IT and business process outsourcing Operational Risk Derivatives documentation and counterparty risk Credit Risk Associated with Investments Market Risk Liquidity Risk Funding Liquidity Asset Liquidity Credit Risk Credit Risk Associated with Borrowers and Counterparties 5 Traditionally, risks were managed within organizational “silos” Strategic Risk Who How Business Risk Financial Risk • Board of Directors • Business Managers • CEO • Project Managers • Strategic planning • Product plans • Country and credit limits • EVA • Business reviews • Trading and ALM Limits • Project management • Financial derivatives • Balanced scorecard Operational Risk • CFO • Internal Audit • Treasurer • Compliance • IT • Controls • Audits • Contingency planning • Insurance 6 ERM is widely recognized as the best practice approach Enterprise Risk Management Chief Executive Officer/Chief Fisk Officer Strategic Risk Business Risk Financial Risk Operational Risk Board Line managers CFO Internal Audit Treasurer Compliance CEO Project Managers IT Financial Institutions Barclays GE Capital JP Morgan Chase Fidelity Investments Non-Financial Corporations Microsoft Boeing Duke Energy Ford Benefits Broadens risk awareness Aligns risk profile and strategy Minimizes surprises and losses Rationalizes capital requirements Assures regulatory compliance Improves ROE and shareholder value 7 The growing acceptance of ERM is driven by four key forces • Banks • Asset Managers • Energy Firms • Corporations Best Practices Corporate Disasters • Enron • WorldCom • Adelphia • Mutual Funds Enterprise Risk Management Regulatory Actions • S.E.C. • Sarbanes-Oxley • Basel II • Treadway Report, US • Turnbull Report, UK • Dey Report, Canada Industry Initiatives 8 A proactive approach to ERM is based on best practices, not regulations Proactive Approach Reactive Approach Current state CEO ? ? ? SarbanesOxley ? ? • Benchmarking • Gap analysis • Recommendations Basel II Desired state (best practices or best-in-class practices) • Common themes • Unique standards Governance Requirements New industry standards SarbanesOxley Basel II Governance Requirements New industry standards 9 Early adopters of ERM have reported significant and tangible benefits Benefit Company Actual Results Market value improvement Top money center bank Outperformed S&P 500 banks by 58% Early warning of risks Large investment bank Global risk limits cut by 1/3 prior to Russian crisis Loss reduction Top asset management company Loss-to-revenue ratio declined by 30% Regulatory capital relief Large commercial bank $1 billion regulatory capital relief Insurance cost reduction Large manufacturing company 20-25% reduction in insurance premium 10 Annualized total shareholder returns (19982003) for differing degrees of risk model sophistication and business application Source: PA Consulting Survey of Global Banks 11 Discussion outline Key trends and requirements Best practices and practical applications ERM in the future 12 The role of a chief risk officer Establish an ERM framework – policies, processes, and systems Manage risk interdependencies and aggregations Provide risk transparency to key stakeholders Ensure company practices meet or exceed regulatory requirements Balance business and risk requirements, and avoid “irrational exuberance” Optimize risk/return by integrating ERM into strategic planning and day-to-day business processes Attract, retain, and develop talented risk professionals 13 An ERM framework should encompass seven key building blocks 1. Corporate Governance Establish top-down risk management 2. Line Management Business strategy alignment 3. Portfolio Management Think and act like a “fund manager” 5. Risk Analytics Develop advanced analytical tools 4. Risk Transfer Transfer out concentrated or inefficient risks 6. Data and Technology Resources Integrate data and system capabilities 7. Stakeholders Management Improve risk transparency for key stakeholders 14 The enterprise risk management process ERM Foundations • Senior management and board participation (“tone from the top”) • Governance structure • Resource allocation • Culture, principles, and values • ERM framework and policies • Linkage to strategy, performance measurement and incentives • Organizational learning Risk Identification and Assessment • Top-down assessments – Barriers to strategic and financial goals – Executive team CSAs Bottom-up assessments – Barriers to business, customer, and product goals – Business unit CSAs – Functional unit CSAs Independent assessments – Internal audit – External audit – Regulators – Customers – Other stakeholders Risk Measurement and Reporting Risk Mitigation and Management • ERM dashboard – Earnings volatility – Key risk metrics – Policy compliance – Real-time event escalation – Drill-down capabilities • Policy enforcement • Scenario analysis – Historical – Managerial – Simulation-based • Event and crisis management • Value-based growth and restructuring strategies • Risk transfer strategies • Contingency planning and testing • Disclosure – Board reporting – External reporting 15 Characteristics and sources of effective key risk indicators 1 Reflect objective measurement Incorporate risk drivers: • Exposure • Probability • Severity • Correlation 2 3 4 5 Track in time series against standards or limits Balance of leading and lagging indicators 6 Tie to objectives, risk owners, and risk categories Be useful – support business decisions and actions 7 8 Can be benchmarked internally or externally Key Risk Indicators Be quantifiable – $, %, # Strategies/ Objectives • Business plans • Management goals • Performance metrics Regulations & Policies • Legal requirements • Regulatory standards • Policy limits Losses & Incidents • Actual losses • Incidents • Industry data 10 Timely and cost effective 9 Simplify risk without being simplistic Stakeholder Requirements • Customers • Vendors • Other 16 An ERM dashboard provides an integrated view of all risks, with drill-down capabilities Basic ERM applications: • Executive reporting • Key risk indicators ERM Dashboard • Loss/incident tracking • Control self assessments • Early warning indicators • Risk mitigation projects tracking CREDIT RISK Data Mining MARKET RISK BUSINESS RISK RISK “PILLARS” OPERATIONAL RISK • ERM content management Advanced ERM applications: • Risk transfer • Economic capital • Scenario analysis • Shareholder value management Internal and External Data 17 An ERM dashboard should address five key questions for senior management 1. Are any of our strategic, business, and financial objectives at risk? 2. Are we in compliance with policies, limits, laws, and regulations? 3. What risk incidents have been escalated by our risk functions and business units? 4. What key risk indicators and trends that require immediate attention? 5. What are the risk assessments that we should review? 18 Case study: Background • $1 trillion of assets under management 3-Year ERM Program • Organized Global Risk Forum • Implemented annual Global Risk Review • Automated loss accounting • Private company • Decentralized business culture • Developed ERM framework • Implemented intranet-based Global Risk MIS • Experienced significant reduction in loss ratio 19 Basic risk management processes can lead to significant improvements Education • • • • • New associates Management Business/Operational processes Best practices Lessons learned Risk Event Log Event Loss Root Causes Controls Needed Actual Loss Experience 100% 85% Decline 80% 60% 40% Risk Metrics 20% Goal 0% 1995 1996 1997 1998 MAP 20 ERM provides linkage between risk management and key value drivers Risk Management Impact Revenue Expenses ROE Losses Shareholder Value Equity New Business 1. Risk-based pricing 2. Target customer selection 3. Relationship management 4. Risk oversight costs 5. Insurance/hedging expense 6. Credit, market operational write-offs 7. Capital management 8. Risk transparency 9. New business development Growth M&A Risk Management by Silos (5, 6) Integrated risk management (4–7) 10. M&A/Diversification strategy Enterprise risk management (1-10) 21 Economic capital represents a common currency for risk Credit Risk Earnings volatility due to variation in credit losses Credit Risk Market Risk Operational Risk Market Risk Earnings volatility due to market price movements Enterprise-wide Risk Operational Risk Earnings volatility due to changes in operating economics (e.g. volume, margins or costs) or one-off events Probability Change in Value 22 Economic capital underpins risk-based profitability measurement and pricing Calculate ROE Calculate Pricing Exposure $100 mm $100 mm Margin 2.50% 2.20% Revenue $2.5 mm $2.2 mm Risk Losses <0.5 mm> <0.5 mm> Expense <1.0 mm> <1.0 mm> $1.0 mm $0.7 mm <0.4 mm> <0.3 mm> Net Income $0.6 mm $0.4 mm Economic Capital $2.0 mm $2.0 mm RAROC 30% 20% Pre-Tax Net Income Tax 23 Companies without risk-based pricing suffer adverse selection Will lose competitors who use risk-adjusted price Risk-Adjusted Price Price Non-RiskAdjusted Price AAA AA A Risk Rating Will win business from competitors but earn below hurdle rate return BBB 24 Business/risk reviews of major investments and projects Key Business Assumptions Volume Margin Losses Monitoring Systems What? By Whom? Trigger Points + Expected - Management Decision or Action Accelerate Maintain Exit 25 ERM requires balancing the hard and soft side of risk management Hard Side Soft Side Measures and reporting Risk awareness Risk oversight committees People Policies & procedures Skills Risk assessments Integrity Risk limits Incentives Audit processes Culture & values Systems Trust & communication 26 Case study: Background 2-Year ERM Program New capital markets business Established risk policies and systems Traders hired from foreign bank Instilled risk culture Aggressive business and growth targets Captured 25% market share with zero policy violations Survived “Kidder” disaster Recognized as best practice 27 Hallmarks of success in ERM Engaged senior management and board of directors Established policies, systems, and processes, supported by a strong risk culture Clearly defined risk appetite with respect to risk limits and business boundaries Robust risk analytics for intra- and inter-risk measurement, summarized in an “ERM dashboard” Risk-return management via integration of ERM into strategic planning, business processes, performance measurement, and incentive compensation 28 Discussion outline Key trends and requirements Best practices and practical applications ERM in the future 29 Ten predictions on the future of enterprise risk management 1. ERM will become the industry standard 2. CROs prevalent in risk-intensive companies 3. Audit committees will evolve into risk committees 4. Economic capital in; VaR out 5. Risk transfer executed at enterprise level 6. Advanced technologies key to advancement 7. A measurement standard will emerge for operational risk 8. Risk-based or economic reporting becomes standard 9. Risk becomes part of corporate and college programs 10. Salary gap among risk professionals continues to widen 30
