The 10 th Annual Management Accounting Conference

Transcription

1 The 10 th Annual Management Accounting Conference Navigating Risk Management Frameworks as a Management Accountant Travellers Beach Hotel and Club, Mombasa Wednesday, 26 th July 2017 Uphold. Public. Interest

2 Contents

3 Introduction Risk Management Frameworks Top 10 Risks in 2016 Contribution/ Role of Management Accountants in ERM Value Add/Benefits and Barriers Recap

4 Objectives By the end of this unit, you should be able to: Understand the various ERM Frameworks. Appreciate the Top 10 Risks in 2016 Appreciate the Role of Management Accountants in ERM Understand the Value Add/Benefits of ERM

5 CONTEXT: In today's world, change and uncertainty are constants... Dynamic IT Industry Security of confidential Information Reputation All Risk types Transparency & Accountability Labour strikes Bad press reports

6 Risk comes from not knowing what you are doing. Warren Buffet

7 Introduction to RISK The possibility that an event will occur and adversely affect the achievement of objectives Committee of Sponsoring Organizations (COSO) Enterprise Risk Management Framework The chance of something happening that will have an impact upon objectives AS/NZS 4360:1999, Risk Management Events that may have a positive impact represent opportunities

8 Recap of definition of Risk, Risk Management and RM Framework Risk : Effect of uncertainty on objectives Risk Management: Coordinated activities to direct and control an organization with regard to risk. - Aim achieve best balance of risk and opportunity and not to eliminate risk RM Framework: A set of components that provide the foundations and organizational arrangements for designing, implementing, reviewing and continually improving risk management throughout the organization. ISO

9 ENTERPRISE RISK MANAGEMENT (ERM) a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.. Source: COSO Enterprise Risk Management Integrated Framework 9

10 Def. of Risk Risk was defined by the International Federation of Accountants (IFAC) (1999) as uncertain future events that could influence the achievement of strategic, operational and financial objectives. Risks have traditionally been defined by management accountants in terms of the possibility of danger, loss, injury or other adverse consequences Audit Committee Guidelines

11 Two Faces of Risk

12 RISK UNIVERSE Strategic Financial Operational Compliance Definition: All risk types and categories across all business lines, functions, geographical locations and legal entities that could affect an organization. Environmental

13 RISK GOVERNANCE 5. Governance Board, Audit & Risk committee, Exec Risk Committee(s), Risk appetite 2. Risk monitoring & reporting Management reporting 4. Organisation Structure Roles and responsibilities, Risk domains, Risk Mgr, HODs, Departmental risk champions Risk identification 1. Risk Universe (All Risk Types) Risks / Opportunities Risk assessment / measurement 6. Lines of Assurance Internal/ External audit Risk Register Risk mitigation & Treatment Risk Matrix 3. Tools, resources, policies & procedures, training, risk culture, systems

14 Objectives, Risk Management and Internal Controls - Relationship Objectives Risk Management Internal Control (mitigation measures

15 RM Frameworks ISO COSO Similarity Basel III Solvency II 1. Identify 2. Assess ANZAC FSA 3. Manage 4. Monitor Objectives 15

16 Most popular frameworks COSO 16

17 Culture Goal setting ERM Life Cycle Identify and prioritize risks Confirm Evaluate next options steps Evaluate Performance Implement Internal Environment Objective Setting Event Identification Risk Assessment Risk Response Control Activities Information & Communication Monitoring

18 Components of ERM Framework.. Authority and pledge to the ERM. RISK Management policy. Mixer of ERM in the institution. Risk Assessment. Risk Response. communication and reporting. Information and Communication. Monitoring.

19 Most popular frameworks ISO

20 ISO Framework Overview The Anti Silo Approach ISO is defined as a process that provides confidence that planned objectives will be achieved within an acceptable degree of residual risk.

21 Other Frameworks (cont d) Below is a diagram of the ASNZS framework:

22 Building a RM system Initial study of risks Decision, Risk Manager Risk measurement system Responsibilities and structure Testing Active Risk Management Staff training and maintenance Feb-2001 slide 22

23 Risk Management System Can NOT Predict future Identify business opportunities Be always right! Risk Management System Can Predict loss, given event Identify most dangerous scenarios Recommend how to change risk profile Feb-2001 slide 23

24 Top 10 risks in Data Privacy 2. Cyber Security (30% - KPMG) 3. Third Party Relationships 4. Strategic Change Management (25% -KPMG) 5. Business Continuity and Disaster Recovery 6. Competitive Environment 7. Talent Management 8. Macro Economic Volatility 9. International tax Planning 10. GOVERNANCE 4

25 Treatment of Risk in Management Accounting

26 Risk Management in Accounting 1. Decision Trees:- decision making under Risk 2. Cost-Volume-Profit (CVP) Analysis: Can be used in many situations, including; performing break-even analysis (BEP=FC/SP-VC), evaluating pricing strategy, determining special order/booking acceptance or choice of sales mix Audit Committee Guidelines

27 Risk Management in Accounting (Conti.) 3. Discounted Cash Flow (DCF) Analysis Net Present Value (NPV) Internal Rate of Return (IRR) Weighted Cost of Capital (WCC) should be adjusted for Market Risk; risk free rate + a Risk Premium; The Discount Rate should include; Project risks Market risks (sales and revenue streams) Time dependent value of money 4. Budgeting: management tools to portray in quantitative terms the environment-organizational interface risk is considered in the budgeting process, budget document is risk-excluded and only considers Audit Committee Guidelines consequences of risk.

28 Risk Management in Accounting (Conti.) 5. Strategic Management Accounting: Focus on Market changes; generate Strategic Options; Rational Economic Principles: Internal Rate of Return (IRR) Net Present Value (NPV) Conventional Financial and Risk analysis {Strategic aspects in Risk Analysis} Balanced scorecard, Strategic cost management analysis and Technology roadmapping Audit Committee Guidelines

29 Value Add/ Benefits of ERM

30 Role of M/Accountants M/A shld be concerned with information used in; 1. Formulating business strategy - guidelines/procedures, 2. Planning and controlling activities, 3. Decision-making (Reports/internal & external), 4. Efficient resource usage, 5. Performance improvement and value enhancement, 6. Safeguarding tangible and intangible assets and 7. Corporate governance and internal control; 8. Integrating the Model; and 9. Training. Audit Committee Guidelines

31 Role of Accountants M/A could also; provide useful information to the BoD, risk managers and financial directors in the risk identification and risk assessment process. Audit Committee Guidelines

32 Benefits of Effective ERM Adequate policies, procedures and limits More effective communication with stakeholders on risk and return issues Fewer Surprises: Clarity on Opportunities & Threats Better management reporting Articulation of risk appetite - and embedded process to manage this Common risk language Regulatory data management Accountability and Proactive Management Adequate risk monitoring and MIS Systems integration finance and risk data Lower risk-related costs Risk based allocation of resources & Performance Management 32

33 Benefits of Effective ERM Better outcomes on corporate objectives Reduced Cash Flow Volatility (Insurance, derivatives or controls) Delivery of innovative projects Protection of reputation Better outcomes for service users 33

34 Best Practices in ERM - Results of Global 2012 ERM Survey 34

35 Best Practices in ERM Risk Institute Survey on ERM impact 35

36 Barriers to Effective ERM requirements are NOT connected to corporate strategy Leadership from the top is lacking structures are positioned as compliance Use of emotion vs. facts No clear roadmap for improvement Soft issues of behavior and attitude are ignored-focus on policy, quantification, etc. a backroom exercise / taboo subjects The silo mentality The Golden Boy Mentality Shooting the messenger Organizational confusion too many mgt improvement efforts at once RM approached like a project The scope of intensity and leadership is underestimated Past mistakes are overlooked-no corporate learning from previous risk events

37 Lest we forget. We must become the change we want to see Mahatma Gandhi (Mohandas Karamchand Gandhi 2 October January 1948)

38 Objectives By the end of this unit, you should be able to: Understand the various ERM Frameworks. Appreciate the Top 10 Risks in 2016 Appreciate the Role of Management Accountants in ERM Understand the Value Add/Benefits of ERM

39 CPA KIMEU, Jones MBA,Bcom(Hons), CISA, CPAK,FCCA