Asset Acceptance Capital Corp. A Practical Approach to Enterprise Risk Management Detroit Chapter IIA September 14, 2010 1
Presenters Jeffrey S. Bankowski, CIA, CPA, CFF Jeff is currently the Vice President of Strategy, Analytics, and Shared Services for Asset Acceptance Capital Corp. In his current role, Jeff is responsible for Corporate Strategy, Portfolio Management, M&A, Analytics, Direct Marketing, and Shared Service operations. Previously, Jeff was the Director of Internal Audit for Asset Acceptance. Jeff has also served as the Chief Accounting Officer and Director of Worldwide Accounting Operations for Teksid Aluminum and has held financial and operational roles with BP, KPMG, and the Chicago Mercantile Exchange. He currently serves on the Board of Governors for the Detroit Chapter IIA. Keith Carlson, CIA Keith is the Internal Audit Manager for Asset Acceptance Capital Corp., which is a leading purchaser and collector of charged-off consumer debt. In his current role, Keith is responsible for ensuring that the day to day activities of the audit department are completed to goal. More specifically, he is responsible for ensuring that the Sarbanes-Oxley initiative as well as the Company s process improvement audits are completed for the audit year. Keith has 16 years of internal audit experience and prior to his current position, Keith has worked in an internal capacity at Credit Acceptance Capital Corporation, General Motors, Conseco and Allstate. Keith has experience with Enterprise Risk Management, risk-based auditing, and data mining techniques. 2
Company Overview Profile Collections Portfolio Summary Company Strategy Agenda and Table of Contents Enterprise Risk Management at AACC ERM Discipline Internal Audit s Role Tools Used Successes Challenges Next Steps How to use? 3
AACC - Company Profile Leading purchaser and collector of charged-off consumer debt with roots dating to 1962 Unpaid obligations originating at credit card issuers, consumer finance companies, healthcare providers, retail merchants, telecommunications and other utility providers From January 1, 2000 through December 31, 2009, purchased 1,090 portfolios with face value of $40.4 billion, investing $998.0 million for an average of 2.47 percent of face value Headquartered in Warren, Michigan Public Company since February 2004 Nasdaq: AACC Credit Facility required to be rated by Moody s and S&P 4
Company Collections Overview Collection Channels at Asset Acceptance Capital Corp. FY2009 Call Center Collections 42.6% of Cash Collections FY2009 Legal Collections 42.4% of Cash Collections FY2009 Other Collections 15.0% of Cash Collections 1,009 Total Account Representatives Call Center Collections in MI, OH, FL, TX, AZ, IL, India Legal Collections In-house in MI, OH, FL, TX, AZ, IL, MD, NJ, VA Forwarding network Other Collections Primarily Agency network which is used to manage capacity 5
Portfolio by Industry Portfolio Summary Other Installment Loans, 3.4% Auto Deficiency, 3.4% Health Club, 4.0% Other(1), 8.8% Healthcare, 6.4% Telecommunicatio ns/utility/gas, 7.9% Private Label Credit Cards, 14.4% General Purpose Credit Cards, 51.7% Total Face Value: $40.4 Billion 6
AACC Corporate Strategy Positioning the company for growth Drive additional capacity through off-shore initiative Increase purchasing - expect 2010 levels to exceed historical levels Improving our competitive positioning Improved operational efficiencies Improved analytics Optimizing our capital structure Amended credit facility Review capital markets Enhancing our financial discipline Cost optimization ABM and Business Intelligence applications 7
Enterprise Risk Management Why? AACC Senior Management determined that an approach to identify, assess, and evaluate critical risks that could be detrimental to the Company was essential to its long term growth and prosperity. 8
What is ERM to AACC? ERM is about establishing the oversight, control and discipline to drive continuous improvement of an organization s risk management capabilities in a constantly changing operating environment Ensuring Asset has the right capabilities for managing the most important risks, and getting away from managing risk through pure brute force 9
What ERM Provides to AACC Proactively identify and better manage Asset s risks Distribute resources to better seize opportunities and improve risk mitigation Minimize unacceptable variability and losses Respond systematically to our changing business environment Clarify responsibility and accountability for managing risk Improve Executive and Board communication including reporting Protect Asset s reputation in the marketplace 10
Progression of ERM at AACC 2004...2008.Current Sarbanes- Oxley Business (Unit) Risk Management Enterprise Risk Management Financial risks, hazards and internal controls Protect enterprise value Treasury, insurance and operations Business risk and internal controls, taking a risk-by-risk approach Protect enterprise value Business managers accountable Business risk and opportunities, taking an entity-level portfolio view of risk Protect and enhance enterprise value Documented and applied across the enterprise, at every level and unit Finance and operations Management Strategy-setting Selected risk areas, units and processes Selected risk areas, units and processes Enterprise-wide 11
How did AACC get here? A Roadmap for Success: Training on the concepts (Discipline) of ERM Internal Audit Director Point Person Interview Key Leaders within AACC Ask What are the main risks? Educate/Train leaders on ERM Break out groups Training conducted throughout the Company Spear headed by Director of IAD and Controller Rollout Phase Once training complete (always on-going) rolled out to all areas of the Company 12
Internal Audit Role in ERM Leading the Company towards ERM Finding opportunity in change Using risk management techniques to address pressing concerns Adapting techniques to fit the Company Transition over to Management Management owns ERM! 13
Internal Audit s Role in ERM - Do s and Don'ts Source: IIA UK & Ireland 14
Discipline of ERM at AACC Foundation establish common terms including (stated objectives for the Company, risk frame work, and rating guidelines established) ensuring they meeting the Company s strategy, including mission, vision, and values Risk Identification interview key players to determine what keeps them up at night Risk Management Foundation Risk Evaluation & Monitoring Company Mission, Strategy & Values Risk Response Risk Identification Risk Assessment Risk Assessment using rating guidelines, assess potential impact and likelihood of occurrence Risk Response work to establish risk responses, starting with basic concepts (accept, avoid, etc) and then detail the response, including Key Risk Indicators Risk Evaluation & Monitoring Monitor metrics and KPI s in order to make adjustments to resources 15
Discipline of ERM at AACC Point of departure Processes are stable and many policies are in place. Some gaps are present in that responses may be reactionary. Where were we? How keep it simple and understandable Focus on risk identification and ranking Identify key risk events through interviews Provide standard guidelines for rankings, based on a 1-10 scale with 1 being the lowest risk or the most controlled Develop Key Risk Indicators ( KRI ) Point of arrival Process benchmarks are achievable. Corrective action is taken when limits are exceeded. Where are we headed? 16
Tools - Generic Risk Model Framework Strategic Risks Operational Risks Reporting Risks Environmental Risk Competitor Client Wants Technological Innovation Sensitivity Stakeholder Relations Capital Availability Sovereign/Political Industry Financial Markets Catastrophic Losses Governance Company Culture Board Effectiveness Reputation Image and Branding Stakeholder Relations Environmental/Strategic Environmental Scan Business Model/ Business Portfolio Valuation and Planning Measurement (Strategy) Financial Price Liquidity Credit Empowerment Leadership Authority/Limit Outsourcing Performance Incentives Change Readiness Communications Information Technology Relevance Integrity Access Availability Infrastructure Operations Customer Satisfaction Human Resources Knowledge Capital Product Development Efficiency Capacity Performance Gap Scalability Cycle Time Sourcing Channel Effectiveness Partnering Business Interruption Product/Service Failure Health and Safety Trademark/Brand Erosion Selling Price Company Structure Resource Allocation Lifecycle Debtor Satisfaction Business Reporting Budget and Planning Accounting Information Financial Reporting Evaluation Taxation Compensation and Benefits Investment Evaluation Compliance Risks Environmental Legal Regulatory Operations Compliance Integrity Management Fraud Employee/Third -Party Fraud Unauthorized Use Illegal Acts Business Reporting Regulatory Reporting 17
Tools Risk Assessment Define risk areas and activities based on interviews Provide a short risk name Provide a detailed description of the risk as much detail as needed Assign a risk ranking for both Impact and Likelihood Forms the basis for prioritizing based on a ranking between 1 (low) to 10 (high) Focus will be on the top 10 highest risk based on the Inherent Risk calculation 18
Tools - Risk Responses Risk responses guide the action that will align risks with our risk tolerance Response Avoidance Reduction Sharing Acceptance Detail / Example Disposal of an asset Deciding not to engage in a course of action / activity Establish operational limits Reallocating capital or other resources Diversification of offerings Insurance Entering into a joint venture Outsourcing Self-insuring Accepting the risk as it stands Relying on natural offset / hedge 19
Likelihood Tools Generic Heat Map TOP TEN RISK 10 Employee Retention Management Override Employee Retention 9 Strategy Leadership 8 Cash Misappropriation Strategy Cash Misappropriation 7 Debtor Liquidation Financial Statement Manipulation Financial Statement Manipulation 6 5 Capital Structure - Equity Debtor Liquidation India Partnership 4 Capital Structure - Equity 3 Real Estate India Partnership 2 1 Leadership 0 Real Estate 0 1 2 3 4 5 6 7 8 9 10 Impact Management Override 20
Tools Monitoring and Risk Responses During the ongoing risk monitoring, provide a presentation for each of the top 10 risks What is the Company going to do to respond to this risk (planning) How is the Company monitoring that risk Where does the Company need to focus (changes) Develop multiple KPIs or Metrics if necessary Dashboard Reporting 21
Successes 1Q10 Begin building monitoring templates for each top risk. Define why this is identified as a risk, the Company s response to the risk, any mitigating strategies or controls 2Q10 Develop Key Performance Indicators. Identify the measurement and monitoring process, how we will know if our strategy is successful 22
Challenges Beginning Stages: What ERM means understanding of the discipline Shift focus from financial risks to more strategic Applying ERM to their area Future Challenges: Maintain momentum Understand the impact of Risk how does risk affect particular areas Risk Tolerance appetite for risk Keep everyone focused keep moving forward 23
Next Steps 3Q10 Develop a plan for incorporating mitigating strategies and controls. Begin to include the mitigating strategies and controls in the internal audit program 4Q10 Build the monitoring dashboard. Develop a quick snapshot of the status of the risks and our action plans Ongoing review risks and re-prioritize 24
To-Do s = Capabilities Maturity Model Capabilities Maturity Model ( CMM ) is the future state for ERM after we move past the basics 25
How do I start with ERM? Roll it out small. Start with the basics!! Get buy in Create a charter Get a sponsor at the executive level Select a corporate initiative/objective Create a cross cultural team (HR, Finance, Ops, IT, Mkt, etc) Dive into who supports the corporate initiative/objective Meet with them as a team and assess their support to the selected initiative Dive into what could go wrong with the goal Assess the level of impact and likelihood of the what could go wrong Identify the risk mitigation activity Assess the level of residual risk remaining Take it back to the sponsor and work with the sponsor to get it to the full executive team Repeat. THEN, work with getting a risk appetite developed and start cumulating the inherent and residual risk levels to match against the risk appetite. 26
Questions/Comments Jeff Bankowski Jbankowski@Assetacceptance.com Keith Carlson Kcarlson1@Assetacceptance.com 27