Building an Intelligent Risk Organization Case Studies in Strategic Risk Management

Similar documents
2013 Risk Maturity Index Report

Agenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)

The Current State of Risk Management Maturity for Belgian Organizations kpmg.com/be

San Francisco Chapter. Presented by Scott Perry - Slalom Consulting

Enterprise Risk Management Program

Current State of Enterprise Risk Oversight:

ISACA. The recognized global leader in IT governance, control, security and assurance

Enterprise Risk Management Handbook. June, 2010

Technology & Communications Practice

Director Training and Qualifications

Citizens Property Insurance Corporation Business Continuity Framework

IIA ERM Summit. August 22, 2010

Successful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)

IIA ERM Summit. Jim DeLoach and Steve Jameson August 22, 2010

Enterprise Risk Management: Developing a Model for Organizational Success. White Paper

ENTERPRISE RISK MANAGEMENT LESSONS LEARNED FROM ERM IN A PUBLIC SECTOR ORGANIZATION

Enterprise Risk Management Montana State Fund

Enterprise Risk Management Survey 2011

Compliance, Internal Audit, and Risk Management: What do they look like at a Managed Care Plan?

CHINA. Corporate Real Estate Leading at the Speed of Change. China Corporate Real Estate Trends 2015

Charter for Enterprise Risk Management

RSA. Archer Risk Intelligence Index

Risk Intelligent Enterprise Risk Management (ERM) Dolores Atallo-Hazelgreen, Firm Director

LIVING IN THE REAL WORLD THE LEGAL AND INSURANCE ASPECTS OF SMS

2008 BUSINESS RESILIENCY SURVEY RESULTS:

Executive Summary. Exhibit 1- Streamlined communication to the Board of Directors

Treasury s Leading Role in Enterprise Risk Management

Creating an agile control environment

ERM: Risk Maps and Registers. Performing an ISO Risk Assessment

A Guide to IT Risk Assessment for Financial Institutions. March 2, 2011

Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010

Enterprise Risk Management at

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

REPORT 2015/077 INTERNAL AUDIT DIVISION

7 Key Trends in Enterprise Risk Management

IRM s Professional Standards in Risk Management PART 1 Consultation: Functional Standards

Gleim CIA Review Updates to Part Edition, 1st Printing June 2018

EXECUTIVE STRATEGIES FOR RISK MANAGEMENT BY STATE DEPARTMENTS OF TRANSPORTATION EXECUTIVE SUMMARY

How can you improve your ability to identify, respond and adapt to significant operational interruptions?

Introduction to ERM (Enterprise Risk Management)

Enterprise Risk Management Demystified

Risk Advisory SERVICES. A holistic approach to implementing effective governance, managing risk and maintaining compliance

Deloitte Governance Framework and Maturity Model

Deloitte Enterprise Risk Services. Risk Intelligence in the Energy & Resources Industry Enterprise Risk Management Benchmark Survey

Risk & Compliance. the way we do it. QualityData Advantage. for Basel Compliance

2012 CliftonLarsonAllen LLP. A Practical & Tactical Approach to. Management (ERM) Cooperatives (NSAC) Jennifer Leary, Partner National Risk Management

Reward next practices

Questions a Board may ask to understand how an organisation controls its risks

Project Management Assessment. Apply an In-Depth Approach to Project Management to Achieve Systematic Success

Enterprise Risk Management

Performance Risk Management Jonathan Blackmore, May 2013

ENTERPRISE RISK MANAGEMENT SURVEY RIMS Enterprise Risk Management (ERM) Survey SPONSORED BY:

IT Strategic Alignment Benchmark

Asset Acceptance Capital Corp.

HCCA Audit & Compliance Committee Conference. February 29-March 1, Drivers of ERM. Enterprise Risk Management in Healthcare.

Continuous Auditing - A Delicate Chemistry

The Enterprise of the Future

Aligning and Integrating ERM and Business Process. Federal ERM Summit September 9, :00-12:00

KPMG s financial management practice

Embracing the Challenge of Compliance: Driving an effective compliance program. September 18, 2014

The ERM Revolution: Advancing the Cause April 26, 2017

Clarifying the Role of. Enterprise Risk Management

Enterprise Risk Management (ERM) How Internal Audit Can Add Great Value

Risk Management Guidelines of the CGIAR System

Building Treasury s Influence Within an Organization

Enterprise Risk Management. Focus on the Future June 2017

Does your organization Establish Career Path for all Organizational Project Management Roles"?

DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015

ENTERPRISE RISK MANAGEMENT

Enterprise Risk Management: A Best Practice in Managing Federal Programs

EY Digital Boardroom. Overview. EY Digital Boardroom 1

PRACTICE. Reframing risk BY MARK BUTTERWORTH

FINANCIAL SERVICES PRACTICE, CEB TOWERGROUP INSURANCE 2014 The Corporate Executive Board Company. All Rights Reserved.

The Role of the Chief Risk Office and the Board s Role in Risk Oversight

Enterprise risk management Protecting and enhancing value Advisory

ERM 101. Casualty Loss Reserve Seminar, Fall /5/ Practical Enterprise Risk Management (ERM) Agenda ERM 101 2

Treasury and Risk- Vision 2009 March 25 th, 2009 Michele L. Turner- Sr. Manager Operations Enterprise Risk Management (OERM)

GOVERNANCE PRESENTATION TO THE ANNUAL GENERAL MEETING JUNE 8, 2013

RESEARCH REPORT. Includes complete survey data. Project Management Maturity & Value Benchmark

International Finance Corporation

Risk and Compliance Services

Analytics: The Widening Divide

Establishing Enterprise Risk Management in

What is Enterprise Risk Management (ERM)? What the Heck is ERM? Is There an 8 th Element of a Good Compliance Program?

Lya Villasuso OECD Corporate Affairs Division Response ed to: RE: Corporate Governance and the Financial Crises

The Future of Internal Auditing:

PPM Assessment. Analyze Your PPM Practices In-Depth for Systematic Improvement

Operational Service and Operational Enterprise Agencies Core Competencies

Photo FPO. Integration Prioritization Model for Identity Access Management

Photo FPO. Integration Prioritization Model for Identity and Access Management

Beginning a Business Sustainability Plan

Risk and Compliance Services

Compliance Plan. Introduction to the Complince Plan of the Archdiocese of Indianapolis. John S. (Jay) Mercer

IT TRANSFORMATION TEAM

IGHealthRate Best Practices

STRATEGIES FOR EFFECTIVELY WORKING WITH THIRD-PARTIES. September 2017

This report was prepared by McLean & Company for ACME Incorporated on Data is comprised of 8 responses. Prepared for ACME Incorporated

Leadership Agility Profile: 360 Assessment. Prepared for J. SAMPLE DATE

Road map for. March 19, Enterprise Risk Management USI Insurance Services National, Inc. All rights reserved.

Using data analytics and continuous auditing for effective risk management

Transcription:

Building an Intelligent Risk Organization Case Studies in Strategic Risk Management October 24, 2016 Yannick Kwan & Tom Durkin Aon Global Risk Consulting WWW.CHICAGOLANDRISKFORUM.ORG

Global Trends in Risk Management Factors driving improvements in risk management approaches Regulatory (e.g. SEC) Rating Agency (e.g. S&P) Current market and economic conditions Published standards for risk management (e.g. COSO, ISO 31000) Board fiduciary responsibilities Management duty of care provide Firm volatility Desire for improved communications Proprietary & Confidential October 2016 2

World Bank s view on Risk Management & Insurance We re advocating a sea change in the way risk is managed. Our new approach calls for individuals and institutions to shift from being crisis fighters to proactive and systematic risk managers. Jim Yong Kim, President of the World Bank World Bank s View on Risk & Insurance! Successful risk management can be a powerful tool for development! Risk management can save lives, avert economic damages, and provide resilience and prosperity by allowing people to undertake new endeavors! There are currently several obstacles to successful risk management in pursuit of development aims. These include the behavioral failures of decision-makers, lack of resources, and low levels of information with which to make decisions! Macro-level risk analysis and better management of information as potential government strategies Source: World Bank Proprietary & Confidential October 2016 3

2015 Global Risk Management Survey - Top Ten Risks Trends in Risk Management Aon Risk Global Solutions Risk Consulting Global Risk Risk Consulting Americas Proprietary & Confidential October 2016 4

2015 Global Risk Management Survey Risk Ranking Proprietary & Confidential October 2016 5

Global Trends in Risk Management Key Takeaways Businesses have made little headway in enterprise risk visibility Improved C-Suite leadership/holistic approach Significantly complex and growing risks are emerging Holistic approach/ competitive advantage/ sustainable financial results Proprietary & Confidential October 2016 6

What is the Aon Risk Maturity Index?! An on-line tool that enables risk and financial leaders to self-assess their organization s risk frameworks! The Aon Risk Maturity Index provides a data-driven means of driving client value and market insight! In late 2010, we partnered with The Wharton School of the University of Pennsylvania and Aon business units to develop the Index. Proprietary & Confidential October 2016 7

How we Designed the Index Governance & Infrastructure 10 characteristics Process Integration Culture & Communication 40 components 125 questions Proprietary & Confidential October 2016 8

Aon Risk Maturity Index: Global Reach All Organizations (1000+ Organizations Globally) Developing capabilities to identify, assess and prioritize risks across the organization Developing capabilities to analyze risk consistently, but approach may be primarily qualitative Developing capabilities for monitoring existing risk exposure across the organization Informal and inconsistent consideration of risk and risk management information in decision making Developing understanding of Enterprise Risk Management (ERM) and its application Current Aon Risk Maturity Index Dataset (February 2016) Organizations Represented: 1000+ Countries Represented: 40 Industries Represented: 30+ Languages: 10 The Index will continue to capture global data throughout 2016 and beyond Proprietary & Confidential October 2016 9

Aon Risk Maturity Index Insights Stock Price Performance Proprietary & Confidential October 2016 10

Aon Risk Maturity Index Insights Financial Performance Return on Equity by Risk Maturity Rating Return on Assets by Risk Maturity Rating During the period March 2013 March 2014, organizations with the highest Risk Maturity Rating of 5.0 (Advanced) as a group exhibited a return on equity performance of +42% while organizations with the lowest Risk Maturity Rating of 1.0 (Initial) as a group exhibited a negative return on equity performance -23%. This is consistent with findings from the March 2012- March 2013 period. During the period March 2013 March 2014, organizations with the highest Risk Maturity Rating of 5.0 (Advanced) as a group exhibited a return on assets performance of +11% while organizations with the lowest Risk Maturity Rating of 1.0 (Initial) as a group exhibited a negative return on assets performance -10%. This is consistent with findings from the March 2012- March 2013 period. Proprietary & Confidential October 2016 11

Aon Risk Maturity Index Insights Stock Price Volatility Proprietary & Confidential October 2016 12

Aon Risk Maturity Index Insights Organizational Resiliency Proprietary & Confidential October 2016 13

Aon Risk Maturity Index Insights Organizational Resiliency 2011 Japanese Earthquake 2008 Russian/Georgia Crisis All Model Factors are implicitly shocked based on historical factor returns from 3/10/2011 to 3/15/2011 All Model Factors are implicitly shocked based on historical factor returns from 8/7/2008 to 10/06/2008 Organizations with the highest Risk Maturity Rating of 5.0 (Advanced) as a group exhibited a stock price performance of -0.3%. This represents a +90% enhanced stock price performance compared to organizations with the lowest Risk Maturity Rating of 1.0 (Initial) that as a group exhibited a negative stock price performance of -3.1% Organizations with the highest Risk Maturity Rating of 5.0 (Advanced) as a group exhibited a stock price performance of -16%. This represents a +53% enhanced stock price performance compared to organizations with the lowest Risk Maturity Rating of 1.0 (Initial) that as a group exhibited a negative stock price performance of -34% Proprietary & Confidential October 2016 14

Using the Aon Risk Maturity Index for Organizational Improvement Triggers to re-examine an organization s risk maturity Risk Managed in Silos: Lack of Consensus Mergers & Acquisition Benchmarking Increasingly Complex Risk Profile Board/Executive Leadership Request Regulatory Change Validate Risk Management Investments Appointment of CRO Proprietary & Confidential October 2016 15

Using the Aon Risk Maturity Index for Organizational Improvement! Three factors differentiate high and low risk maturity operations Awareness of the complexity of risk Agreement on strategy and action Alignment to execute! Increasing performance along these dimensions requires: the identification of strengths and weaknesses strong communication of risks and risk management across functions and at all levels of the organization consensus regarding the steps to be taken Proprietary & Confidential October 2016 16

Using the Aon Risk Maturity Index for Organizational Improvement Having different functions and levels complete the Aon Risk Maturity Index survey provides the foundation for determining your current status along these dimensions and provides the foundation for identifying ongoing improvement activities Proprietary & Confidential October 2016 17

The Starting Point: Perceptions vs. Reality PERCEIVED RISK MANAGEMENT APPROACHES AND CAPABILITIES RELATIVE TO INDUSTRY PEERS Organizations With RMI Scores Below 2.5 Better/More Mature Comparable Worse/Less Mature 7% 46% 47% Proprietary & Confidential October 2016 18

Differences in Perceptions of Risk Management Maturity By Position and Function 3.2 Average RMI Score 3.1 3 2.9 2.8 2.7 2.6 2.5 2.4 2.3 CEO CFO CRO COO Legal VP HR VP Finance Risk Mgr Int Audit Proprietary & Confidential October 2016 19

2015 Global Risk Management Survey: Differences in Risk Perception C-Suite Risk Managers 1 2 3 1 Increasing competition 1 Damage to reputation/brand $ $ 2 Economic slowdown/ slow recovery 3 Regulatory/legislative changes 2 Regulatory/legislative changes 3 Economic slowdown/ slow recovery 1 2 3 4 Damage to reputation/brand 5 Cash flow/ liquidity risk 4 Increasing competition 5 Business Interruption Proprietary & Confidential October 2016 20

Potential Drivers of Differences in Perceptions! Real differences in risk management maturity across functions, business units, and locations! Differences in risk focus and functional biases! Limitations in risk management practices that distinguish High and Low maturity organizations Communication of risk management strategies, objectives, and practices Cross-functional cooperation Consensus on risks and risk management Proprietary & Confidential October 2016 21

Communication of Risk Appetite Results of risk assessment ac1vi1es are communicated between risk- based processes / areas of the organiza1on 80.0% 70.0% 60.0% 50.0% 40.0% 30.0% 20.0% 10.0% 0.0% 13.4% 0.5% Rarely or never 67.5% 39.6% 19.0% 59.8% Yes, on an ad- hoc basis (i.e., Yes, shared between various provided to one area by another or parges on a consistent and formal as requested) basis Average or Below Above Average Proprietary & Confidential October 2016 22

Cross Functional Collaboration Different risk func1ons collaborate in execu1ng risk- based processes 80.0% 70.0% 72.1% 60.0% 50.0% 48.2% 50.9% 40.0% 30.0% 20.0% 10.0% 0.0% 16.7% 0.8% Rarely or never Yes, on an ad- hoc basis to cooperate in data gathering or analysis 11.2% A3: Yes, through a defined, jointly executed risk assessment process designed to reduce duplicagve effort Average or Below Above Average Proprietary & Confidential October 2016 23

Consensus on Cross-Functional Risks There is consensus on strategy for cross- func1onal risks (check any and all that apply) 90.0% 80.0% 79.5% 70.0% 60.0% 50.0% 50.2% 43.3% 53.9% 40.0% 30.0% 20.0% 10.0% 8.1% 16.8% 0.0% No, consensus has not yet been established Consensus exists at execugve- levels Consensus exists at management- levels (or below) Average or Below Above Average Proprietary & Confidential October 2016 24

Aon Risk Maturity Index Insights Board Risk Oversight Practices Drivers Increasing number of external events have fostered rising expectations for Boards of Directors Inquiries into the causes of the financial crisis Changes in regulations and listing requirements More stringent interpretations of directors fiduciary responsibilities Issuance of best practice governance standards Findings Assignment of board roles and responsibilities are a major determinant of board risk oversight practices Ownership structure and country-level governance variables are significantly associated with assignment of board roles and responsibilities but little effect on specific board practices Impact on board responsibility or performance evaluation on organizational risk management practices occurs on the use of more sophisticated board risk practices Proprietary & Confidential October 2016 25

Case Study: Global Industrials 60+ Subsidiaries 5 Continents The newly appointed Chief Risk Officer (CRO) of an American industrials company sought to evaluate existing risk management capabilities and develop a strategic path forward to align risk and business practices Developing Manufacturing Solutions for: Facing Significant Risk Factors - Construction - Infrastructure - Mining - Manufacturing - Energy - Utilities Proprietary & Confidential October 2016 26

Case Study: Global Industrials 60+ Subsidiaries 5 Continents EH&S Executive Leadership Key Divergence of Opinions Content of Management Communication (Performance / Strategy) Communication of Risk Assessment Results Between Risk Functions Finance 38% 37% 31% 25% Human Resources Information Technology 25% 44% Legal & Compliance Risk Management Consistent at an enterprise level On an ad-hoc basis / in silos Rarely or never / inconsistent Proprietary & Confidential October 2016 27

Case Study: Global Industrials 60+ Subsidiaries 5 Continents Conducted a Workshop with the Executive Leadership Team and Developed a Roadmap for ERM Implementation Risk Dashboarding Formalized Risk Team Mechanism to integrate risks and provide visibility across the organization, as well as reporting to the Board Formalized team to identify, assess, and monitor risk issues across the organization as well as define consistent terminology Formalized Risk Mortems Risk Mapping Leveraging Risk Post-Mortems to analyze events to drive awareness, agreement, and opportunities for improvement A formalized risk identification and assessment process to capture current and emerging risks from across the business Proprietary & Confidential October 2016 28

Concluding Remarks What s your organization s Risk Maturity Rating? The growth and evolution of the Aon Risk Maturity Index has enabled the tool to become an industry-leading, global database on risk management practices. Results from the Index have yielded valuable findings around the correlation of advanced risk management practices and financial performance, as well as practical insights to assist in the development of a mature risk management framework in support of sustainable, stable financial results. Aon will continue its research with The Wharton School to identify key risk management practices and processes that contribute to improved financial performance as well as a deeper understanding of industry-specific best practices in risk management. The Aon Risk Maturity Index is a confidential and online tool. For more information or to participate, please visit www.aon.com/rmi or email risk.maturity.index@aon.com Proprietary & Confidential October 2016 29

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback