enterprise risk management: public sectors - cpcu … strategic business discipline that supports...
TRANSCRIPT
![Page 1: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/1.jpg)
![Page 2: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/2.jpg)
Enterprise Risk Management: Applications in the Private & Public Sectors
![Page 3: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/3.jpg)
1. Presentation goals and panelists 2. ERM definition 3. Origins of enterprise risk management 4. Examples of creating value with ERM 5. Harnessing ERM in your role 6. ERM and The Institutes 7. Wrap-up
Agenda
![Page 4: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/4.jpg)
Panelists: Leo Costantino, CPCU, ARM—Bickmore Risk Consulting Services Michael Elliott, CPCU, AIAF—The Institutes Lisa Kremer—Marsh Contributors: Carrie Frandsen—University of California Office of the President Lisanne Sisson—Bickmore Risk Consulting Services Linda Conrad—Zurich
Presentation Goals, Panelists and Contributors
![Page 5: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/5.jpg)
A strategic business discipline that supports the achievement of an organization’s objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio. RIMS
What Is ERM?
![Page 6: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/6.jpg)
1. ERM encompasses both hazard risk and business risk.
2. ERM seeks to enable an organization to fulfill its greatest productive potential.
3. ERM focuses on the value of the organization.
4. ERM focuses on the organization as a whole.
1. Traditional RM focuses on hazard risk.
2. Traditional RM seeks to restore an organization to former pre-loss condition.
3. Traditional RM focuses on the value of the accidental loss.
4. Therefore, traditional RM is both its own discipline and part of the broader ERM discipline.
Excerpt from ARM textbook: Risk Financing by Berthelsen, Elliott and Harrison, page 1.14.
Comparing Traditional RM With ERM
![Page 7: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/7.jpg)
ERM Past and Present—How Did We Get Here? • Frameworks • ERM’s relationship with regulatory and compliance functions • ERM from the carrier and financial institution perspective
Origins of Enterprise Risk Management
![Page 8: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/8.jpg)
Evolution of ERM
8
1970s 1980s 1990s 2000s 2010s
S&P expands review of ERM in its
ratings of non-financial institutions
Rating agency review of ERM in
financial institutions
Increased regulator pressure to demonstrate sound risk management practices (e.g., Basel II,
SOX)
Development of disciplined approach to market risk and
energy risk
Development of robust approaches to credit and
operational risk
Embryonic development of enterprise risk
management
Collapse of companies (Enron, Andersen,
WorldCom, ...)
SEC expanded disclosure of risk
oversight
![Page 9: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/9.jpg)
Emergence of ERM Standards
9
1995
2004 2006
2008
2009
China SASAC* ERM guidelines
• Mandatory for central SOEs (state-owned enterprises) in China
• Required pilot enterprises to submit annual report starting 2008
COSO ERM framework
• Developed by a private-sector organization; sponsored by five professional associations in the U.S.
• Accepted by U.S. SEC
• Embeds internal control framework
• Mainly adopted in U.S. or by companies listed in U.S. stock exchanges
Australian Standard 4360
• The first ERM standard
• Most-adopted internationally
• Major adopted markets: Australia, New Zealand, Europe, Japan
BS 31100
• British National Standard
• Officially published summer 2008
ISO 31000
• Mainly based on AS 4360
![Page 10: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/10.jpg)
COSO ERM Framework and ISO 31000
10
Eight interrelated components
ERM is a process to help achieve entity
objectives across these categories
Applies to activities at all levels of the
organization Source: Enterprise Risk Management—Integrated Framework. Committee of Sponsoring Organizations of the Treadway Commission, 2004, and ISO 31000
![Page 11: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/11.jpg)
Development of Risk Assessment
11
Ratings assessment of ERM practices
RBC
BCAR
S&P ERM
Best SRQ
ORSA
Future
NAIC risk-based capital formula
AM Best’s capital adequacy ratio
ERM section supplemental ratings questionnaire
NAIC’s Solvency Modernization Initiative (SMI)
Competing when the game changes
Formulaic risk assessment
Increasing focus on qualitative assessment
Efficient capitalization for business objectives
U.S. Property-Casualty Insurers
![Page 12: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/12.jpg)
Source: Zurich
Enterprise Risk Wheel
![Page 13: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/13.jpg)
Source: CEB Audit Leadership Council Research. n = 128
Risks That Matter—Market Capitalization Loss of 50% or More at Top 20% of Fortune 1000
![Page 14: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/14.jpg)
Value of ERM
A survey by Federation of European Risk Management Associations found firms with a more mature approach to risk management have better financial results. • 75% more firms with advanced risk management practices had
earning before interest taxes depreciation and amortization (EBITDA) growth of over 10%.
• 62% more firms with advanced risk management practices attained annual revenue growth of 10%.
Creating an active risk culture is correlated with higher growth, as the company becomes more aware and accountable for risk.
Source: 2012 study by Federation of European Risk Management Associations
![Page 15: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/15.jpg)
Value of ERM—An Underwriter’s Perspective
• Since underwriters have to assess and price the overall exposure, an underwriter typically finds the details on an ERM program very valuable.
• Companies must communicate to insurance markets the strength and effectiveness of their ERM programs in order to maximize shareholder value.
![Page 16: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/16.jpg)
Examples of Enterprise Risk Management Value Creation in Private and Public Sectors • Private sector
– Zurich • Public sector
– University of California – County of Los Angeles
Value of ERM—Private and Public Sector Examples
![Page 17: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/17.jpg)
Value of ERM—UC’s Reduction in WC Costs
![Page 18: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/18.jpg)
Operational risk is defined as the risk of loss resulting from inadequate
or failed processes, people and systems or from external events.
Operational Risk and ERM County of Los Angeles
18
![Page 19: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/19.jpg)
Treating Operational Risk–Challenges – Scope
37 units; 100,000 employees – Organizational culture
Processes performed in silos – Data
Aggregate view of losses and risks lacking
Operational Risk and ERM County of Los Angeles
19
![Page 20: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/20.jpg)
Treating Operational Risk—Current Solutions – Root cause analysis and corrective actions – Data dashboard – Loss exposure reduction committee (governance)
Operational Risk and ERM County of Los Angeles
20
![Page 21: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/21.jpg)
Treating Operational Risk— “How Is This ERM?”
Operational Risk and ERM County of Los Angeles
21
ERM
Root Cause Analysis
Data Dashboard
Governance Committee
![Page 22: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/22.jpg)
Applying ERM Principles Within Insurance Industry, Leadership and Management Roles • Insurance industry
– Actuarial – Underwriting – Claims
• Leadership and management – Risk management – Leadership roles (CEO, COO, CFO)
ERM Leadership Roles in the Insurance Industry
![Page 23: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/23.jpg)
Organizational Support – Benefits at Every Level
Driver Board AC Chair Audit Director CEO Exec
Mgmt
Operating Unit
Leaders Managers Employees
Reduce Reputation Damage and Operational Surprises and Losses
Portfolio View of Risk
Increased Comfort and Confidence for the BOD
Achievement of Organization’s Strategic Objectives
Risk Informed Strategic Decisions
Achievement of Organization’s Operating Unit Goals
Risk Informed Business Decisions
Risk Management Functional Synergies and Efficiencies
Cost Savings
Improved Risk-based Capital Allocation
23 September 3, 2014
![Page 24: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/24.jpg)
Author Caroline McDonald writes: “Risk managers, often seen mostly as insurance buyers, have work to do in expanding their view of risk to match those of senior executives and board members….Today, senior executives and boards think of risk in much broader terms, and risk managers need to see themselves as more than insurance buyers.”
Risk Management Competencies
Source: RIMS Risk Management Professional Growth Model
![Page 25: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/25.jpg)
• Evolution from ARM to ERM • Our approach to ERM education
– Risk classifications – Organizational functions
• Emphasizes frameworks and processes • 2014 Business Insurance Innovation Award
The Institutes—Evolution of Risk Management Curriculum
![Page 26: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/26.jpg)
Wrap-Up
Concluding Remarks from Our Panel Questions
![Page 27: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/27.jpg)
![Page 28: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/28.jpg)
Visible Can be evaluated
Poorly Visible
Difficult to evaluate
MORE INSURABLE
A consequence of the preceding risks and unacceptable to society
4th ORDER RISKS
3rd ORDER RISKS
2nd ORDER RISKS
1st ORDER RISKS
Indirect Economic Losses (Market share, image, managing upset,
personnel, lost investments)
Consequential Losses (Production, profits)
Physical Damage, Personal injuries/deaths
Hazard Cause
Event
LESS INSURABLE
The Anatomy of Enterprise Risk
![Page 29: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/29.jpg)
ERM Framework and Process—ARM/ERM Courses
![Page 30: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/30.jpg)
ERM Risk Classifications–ARM/ERM Courses
![Page 31: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/31.jpg)
How important is knowledge of risk governance and strategy development for:
Risk Management Competencies—Research by The Institutes
Source: RIMS Risk Management Professional Growth Model
Very Important
Somewhat Important
Neutral Not Too Important
Not Important
at All
Insurance and risk management directors
3 5 1 2 0
Enterprise risk management directors
7 3 1 0 0
![Page 32: Enterprise Risk Management: Public Sectors - CPCU … strategic business discipline that supports the achievement of an ... Examples of Enterprise Risk Management Value Creation in](https://reader031.vdocuments.net/reader031/viewer/2022022518/5b0e01a07f8b9abc0a8e89a2/html5/thumbnails/32.jpg)
How important is knowledge of business process and controls for:
Source: RIMS Risk Management Professional Growth Model
Very Important
Somewhat Important
Neutral Not Too Important
Not Important
at All
Insurance and risk management directors
7 2 2 0 0
Enterprise risk management directors
9 2 0 0 0
Risk Management Competencies—Research by The Institutes