risk management benchmarking 2013

27
1 Risk Management Benchmarking Services Riskpro, India

Upload: rahul-bhan-ca-cia-mba

Post on 24-May-2015

55 views

Category:

Documents


7 download

TRANSCRIPT

Page 1: Risk management benchmarking 2013

1

Risk Management Benchmarking Services

Riskpro, India

Page 2: Risk management benchmarking 2013

2

Who is Riskpro… Why us?

ABOUT US

Riskpro is an organisation of member firms around India devoted to client service excellence. Member firms offer wide range of services in the field of risk management.

Currently it has offices in three major cities Mumbai, Delhi and Bangalore and alliances in other cities.

Managed by experienced professionals with experiences spanning various industries.

MISSION

Provide integrated risk management

consulting services to mid-large sized corporate /financial institutions in India

Be the preferred service provider for complete Governance, Risk and Compliance (GRC) solutions.

VALUE PROPOSITION

You get quality advisory, normally delivered by large consulting firms, at fee levels charged by independent & small firms

High quality deliverables

Multi-skilled & multi-disciplined organisation.

Timely completion of any task

Affordable alternative to large firms

DIFFERENTIATORS

Risk Management is our main focus

Over 200 years of cumulative experience

Hybrid Delivery model

Ability to take on large and complex projects due to delivery capabilities

We Hold hands, not shake hands.

Page 3: Risk management benchmarking 2013

3

Risk Management Advisory Services

Training Recruitment

Basel II/III Advisory Market Risk

Credit Risk

Operational Risk

ICAAP

Corporate Risks Enterprise Risk Assessment

Fraud Risk

Risk based Internal Audit

Operations Risk

Forensic services

Information Security IS Audit

Information Security

IT Assurance

IT Governance

Operational Risk Process reviews

Policy/ Process Review

Process Improvement

Compliance Risk

Governance Corporate Governance

Business Strategic risk

Fraud Risk

Forensic Accounting

Other Risks Business/Strategic Risk

Reputation Risk

Outsourcing Risk

Contractual Risk

Banking – E Learning

Corporate Training

Regular Risk Management Training

Online Training material

Workshops / Events

Virtual Risk Managers

Full Time Risk Professionals

Part time Risk Professionals

Risk Managers on call – free

S E

R V

I C

E S

Page 4: Risk management benchmarking 2013

4

Riskpro’s Network Presence

New Delhi

Mumbai

Bangalore

Ahmedabad

Pune

Agra

Salem

Kolkata

Hyderabad

Chennai

Jaipur

Page 5: Risk management benchmarking 2013

5

Risk Management Benchmarking Methodology

Why Benchmark

Necessary to evaluate your risk management framework vis a vis competition to ensure

minimal financial and reputation losses or atleast losses should not exceed industry

average

To plug loop holes that management knows exist, and to indentify more of such gaps

A comprehensive exercise mandated by the Board to carry out a major revamp of old and

outdated risk management framework

to understand how divisions or programs compare internally or to industry standards

To minimise overlaps with internal audit, compliance, to bring efficiencies and better

integration of overall GRC framework

How Benchmarked

Benchmarking to International Best practice - The risk management process will be

compared with and measured against world wide best practice and international risk

management standards

Risk Management Maturity Models will be used to evaluate the exiting maturity of risk

frameworks and where the firm needs to evolve to.

Benchmarking exercise will assess all aspects of the risk management process by

reviewing documentation, reports etc and interviews with key personnel

Page 6: Risk management benchmarking 2013

6

Benchmarking Overview – Evaluation of Risk Management

Framework

Define Scope

1.Only Holding company or all entities across the group

2. Gap Analysis only or process improvement along the way

Execution of Benchmarking Procedures

1. Perform agreed procedures

2. Frequent interaction to share results and findings

3. Stay focused on value added procedures

Reporting Findings

1. Final report

2. PPT presentation to Senior Management

3. Further related advisory

Page 7: Risk management benchmarking 2013

7

Risk Management Benchmarking Procedures applied

A. Risk Management Strategy and

Governance

1. Evaluation of risk strategy against best

practices

2. Risk Appetite Framework

3. Adequacy of risk management standards

and frameworks adopted

4. Linkage to Corporate and business

objectives with risk appetite

5. Setup of risk governance and effective of

committees/charter

6. Risk culture and training, awareness

7. Adoption of relevant regulatory requirement

such as AML/KYC, Risk reporting and

disclosure

8. Review of internal audit reports on risk

management function

B. Risk Identification and Evaluation

1. Methods used to identify risk

2. Sources of risk, level of inherent risk

3. Extent to which risks have been identified

at the appropriate level

4. Risk definitions – including use of inherent

(gross) and residual (net) risks

5. Categories of Risk and how determined

6. Risk workshops – approach used

7. Use of scenario planning

8. Advanced models to gauge risks

9. Measuring the impact and the likelihood of

occurrence of each risk

•Approach adopted

•Risk matrix – evaluation against best practice

•How has the approach ensured consistency

•Ease of understanding by managers using the

process

•Reliability of the information gathered

Page 8: Risk management benchmarking 2013

8

Risk Management Benchmarking Procedures applied

C. Assessment of Risk Mitigation

1. Approach adopted – workshops or other

approach

2. Risk Assessment – Adequacy of frequency

and output of top risks

3. Method employed to assess risk mitigation

4. Identification of risk exposures

5. Establishment of action plans.

6. Risk treatment analysis – how have the

cost/ benefits of dealing with exposures /

exploiting opportunities been assessed?

7. Proper escalation and communication of

alerts, triggers of breaches

D. Output from the Risk Process

1. Risk register – method adopted

2. Completeness of risk registers

3. How has consistency been ensured

4. Approach adopted to deal with anomalies

5. Risk owners – how have these been

determined

6. How risk interdependencies have been

addressed

7. Reports for Senior Management

8. Board reporting to review progress in

addressing the exposures – method

adopted

9. Methodology for emerging risks

10. Risk disclosures – Regulatory and

voluntary

Page 9: Risk management benchmarking 2013

9

Risk Management Benchmarking Procedures applied

E. Risk Principles and Risk

Culture embedding

1. Approach adopted – workshops or other

approach

2. How have corporate risks been linked into

the Strategic planning process

3. Has the process been adopted across the

organisation?

4. How have operational risks into the

business planning process

5. Approach adopted for risk tracking

6. How has the decision making process

been influenced by the adoption of the

formal risk management process?

7. What benefits have been delivered?

8. Integration of incident management

9. Integration of Business Continuity planning

10. Have risk champions been identified via

the process?

F. Project Wrap up and Reporting

1. Final report with our major and moderate

findings

2. Below each finding, a recommended

improvement suggestions will be provided

3. An overall list of minor issues noted will be

attached as Annex

4. Final presentation to Board/Senior

Management on the project

5. Undertaking additional assignments as a

follow up of the report, depending upon the

future scope agreed upon.

Page 10: Risk management benchmarking 2013

10

Project Summary – Estimated Costs

Risk Component Estimated Duration Estimated Pricing

Risk Management Benchmarking 4-6 weeks To be finalised after

discussions of scope

TOTAL (exclusive of Service tax) TBD

Project Exclusions

Scope of our assignment will be as mentioned in the detailed proposal that we will submit to

you. The benchmarking methodology is an illustration of the types of procedures carried out for

various benchmarking exercise. Depending upon the project scope and budget, final

procedures will be part of the engagement letter

In particular, the following are not in scope for the current proposal.

Formulation or enhancement of any policy, process note or procedure documents

Implementation of any risk management component is excluded. Example Enhancing risk

registers, creating risk reports, MIS information etc

Existing regulations will be used as a benchmark.

Page 11: Risk management benchmarking 2013

11

Riskpro’s other

Services

Page 12: Risk management benchmarking 2013

12

Risk Management Trainings – Delivery Methods

Onsite- Instructor Led Online- Web based Webinars

Corporate Institutional trainings

for senior management with

strategic interest areas

Classroom trainings for junior/

mid level executives

Delivered by knowledgeable

experts across industry

domains

Multi city delivery capability for

training to large audience

Suitable for frontline staff for

induction and onboarding

requirements

Delivered live by experts

providing topic outline

framework

Low cost model at regular

intervals or fixed duration e-

learning platform

Interactive webinars on hot

topics or customized areas for

global access audience

Complimentary or Recorded

versions for self paced re-cap

and reference

On demand services with select

topics

Conducted by industry experts

with Q&A session

Page 13: Risk management benchmarking 2013

13

Our Recruitment services

Full Time Staffing

Riskpro is constantly building its network of Risk Professionals across India

Today, we can help you hire risk professionals at all levels of experience

We differentiate from other recruitment firms, because, as Risk Managers ourselves, we

are able to better match your requirements and candidate experience

Our charge out rates are competitive

Slab rates. As we do more business with you, the rates come down.

Temporary Staffing - The Project Team

Pool of highly qualified staff with deep risk expertise

Available for your short to medium term needs

Varying levels of professionals available. Experience starting from 4 years to 20 years. All will have CA, ICWA or equivalent qualification.

The Project employees pool will be available as per your needs and the employees on site can start/stop projects as per your master project plan.

RECRUITMENT

Page 14: Risk management benchmarking 2013

14

Risk Based Internal Audit How we Do

Transaction

Audit

Control

Reviews

Process

Reviews

Risk

Assessment

Fraud

Mitigation

Enterprise Risk

Assessment

Increasing Enterprise Risk Focus

Need

of

Org

an

izati

on

s

Internal Auditing helps an organization

accomplish its objectives by bringing a

systematic, disciplined approach to evaluate

and improve the effectiveness of risk

management, control and governance

processes. Source: The Institute of Internal Auditors 1999 (IIA)

Benefits of Risk based Audit

• Traditional audit view value added

techniques

•Risk profile of Businesses

•Internal Controls & Ops Risk reviews

•Cost reductions recommendations

•Review of Fraud Risk Controls

Page 15: Risk management benchmarking 2013

15

Our Solution for Fraud Investigation

Based on our understanding of your requirements, we have customized a package of our solution offerings to meet your needs.

To detect and prevent fraud

and evaluate Code Of

Conduct Compliance on

following parameters :

Fraud Detection

Fraudulent Vendor

Recruiting new dealers, suppliers, franchisees or distributors

Anti-Fraud Measures

Monitoring Compliance and Authorization

Workplace Practice

Background check for employees

Background check for customers

Prevent default of high value bills

Our Solution For you

Analyze

Investigate

Resolve

Understanding Your Supply

Chain

To Monitor Your Process

Evaluating your need

Source Root cause of Problem

Obtaining And securing Evidence

Confidential Interviews

with vendors

Prioritize solutions and

remedial measures

Quantify Loss and Suggest

possible Actions

Solve Compliances

Issues

Benefits To You

Protects you from any

Monetary or Reputation

damage

Code of conduct

establishment

Enables you to identify

risks / control gaps

Helps you identify any

undisclosed production

Risk Mitigation

How we Do

Page 16: Risk management benchmarking 2013

16

IT Governance How we Do

IT ASSURANCE

• Business Continuity Planning

• Computer Crime Investigations

• Training in IT

• Compliance with IS Policies &

Procedures

INFORMATION SECURITY

• Penetration Testing

• Application Systems - Security review

• Review of IS Controls

• BS 7799 / (ISO 27001) Implémentation

• Formation of IS Security Policy

• Compliance with IS Policies & Procedures

IT GOVERNANCE

• COBIT

• ValIT

• Balanced Scorecard

• IT & Business Maturity Models

IS AUDIT • Operating Systems Audit

• Database Audit

• Networking Audit

• Firewall Audit

• IDS Audit

• Web Application, Data Center Audit

• Internet Banking, Core Banking Audit

• Performance & Forensic Auditing

•Application Systems - Functional review

• Compliance with IS Policies & Procedures

Page 17: Risk management benchmarking 2013

17

Riskpro Training Credentials - Example

Company Training Details

One Day Fraud Risk Training in the Factoring Business

In-depth understanding of fraud schemes, fraud prevention measures

One Day Risk Management Training / ISO 31000 Training

Enterprise Risk Management Training with a focus on Strategic Risk,

Reputation Risk and Outsourcing Risk

One Day intensive Enterprise Risk Management Training at Sanand,

Gujarat

Training Led by Ex Head – Corporate Risk Management Larsen & Toubro

Half day session on Managing Corporate Governance Risks at the Board

level

Similar trainings and programs at other public forums such as

ASSOCHAM

Half Day training on Key Risk Indicators at Corporate Office

How to successfully choose effective KRI and implement leading and

lagging KRI

One Day training on Corporate Fraud Risks at the Company’s offsite

Numerous case studies and interactive sessions

Page 18: Risk management benchmarking 2013

18

Riskpro Clients Our Clients

*Any trademarks or logos used throughout this presentation are the property of their respective owners

Banking/

Insurance

Corporate

MNC

Banking

Intl

Consulting

IT / Others

Page 19: Risk management benchmarking 2013

19

Team Experiences Our Experiences

Any trademarks or logos used throughout this presentation are the property of their

respective owners

Our team members have worked at world class Companies

Page 20: Risk management benchmarking 2013

20

RESUMES – Our team

Co-Founder - Riskpro

CA, CPA, MBA-Finance (USA), FRM (GARP)

Over 10 years international experience – 6 years in Bahrain and 4 years USA

15 years exp in risk management consulting and internal audits, Specialization in Operational Risk, Basel II, Sox and Control design

Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain), Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)

Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)

Ma

no

j Ja

in

Co- Founder - Riskpro

CA (India), MBA (Netherlands), CIA (USA)

Over 15 years of extensive internal and external audit experience in India and abroad.

Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young Kuwait, Deloitte Netherlands and KPMG India.

Worked with clients in a wide variety of industries and countries including trading, retail and consumer goods, NGO, manufacturing and banking and finance. Major clients include banks, investment companies, manufacturing organizations, aviation etc.

Ra

hu

l B

ha

n

Credentials

Page 21: Risk management benchmarking 2013

21

RESUMES - Our team

Co-Founder - Riskpro

PGD (Electrical & Electronics & Computer Programming)

30 years of experience in Information & Communications Technology (ICT) Solutions for Retail, Garments, Manufacturing, Services Industries.

Has created Companies, Divisions, Products, Brands, Teams & Markets.

Consulting in Business, Technology, Marketing & Sales & Strategic Planning.

Advisory, Training, Workshops & Implementation in Systems Thinking, Systems Modeling & Balanced Scorecard

Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,

Ca

sp

er A

bra

ha

m

Credentials

Senior Vice President – Risk Management (Fraud Risk, BFSI)

MBA, PDFM, NSE-NCFM, PMP, CSSGB,Trained ISO 9001:2000 I.A

Professional with 17 years of rich experience into diverse Consumer finance/ Lending operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting & Housing finance in BFSI industry having successfully led key business strategic engagements across multi-product environment in APAC, Australia and US regions.

Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank

Highly skilled and expert Trainer in Fraud Risk areas across Credit, Corporate Risk management.

Specializes in Fraud Control, Compliance QA ,ERM and Regulatory governance.

He

ma

nt S

eig

ell

Page 22: Risk management benchmarking 2013

22

RESUMES - Our team

Head – Taxation Risk Advisory

B.Com, FCA

Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra and Mehrotra

Over 19 years of experience in the field of Audit, Taxation, Company law matters.

Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of India etc.

Ra

jesh

Jh

ala

ni

Credentials

President – Banking & Financial Services

A senior researcher in Applied Mathematics leading to Ph.D after MSc (Mathematics), CWA, CAIIB

Combined experience of 25+ years in corporate banking, risk management, international trade finance, development of risk rating models, project finance, credit monitoring and NPA management

Since 2006 conducting open / in-house training on the above domains to all Top public/ new and old private sector banks, top MNC banks (India and abroad), leading NBFCs and corporates in manufacturing and financial services space; Worked on IFC (World Bank) funded projects for MSMEs in India and abroad

Worked for Bank of Baroda and ICICI Bank – bestowed Top Performer Award continuously two years during his tenure; widely travelled abroad for business relations, seminars, offering training, investor meetings, NYSE listing and for processes involving establishment of representative Office in USA

Siv

ara

ma

krish

na

n

Page 23: Risk management benchmarking 2013

23

RESUMES - Our team Credentials

Vice President & Head – IT Risk Advisory

Over 14+ Years of Experience in Information Security and Risk Management & CISM certified

Headed the Global Information Security team of Daimler (Mercedes-Benz) Worldwide at Bangalore for 9 years, previously worked at organization like Wipro, Bangalore Labs

Multi-sector experience including Banking, Insurance, Finance, Energy, Manufacturing, Retail, Hi-Tech & Telecom, and Automobile

Well known Ethical hacker: Was featured in BusinessWorld Magazine in an article about leading ethical hackers in India and published several articles in Print and Online Media

Rich experience in Information Security Audits across Corporations, 3rd Party Suppliers, Joint Ventures across several countries in the world including US, UK, China, Germany

Aa

sh

ish

Sh

riva

sta

v

Ra

vik

ira

n B

ha

nd

ari

Vice President – Legal Risk Advisory

B.B.A. LL.B. (Hons.)

About half a decade experience in legal services to client’s with respect to Contract and Commercial Laws, Joint Ventures, Inbound & Outbound Investments, Private Equity Investment Transactions, Real Estate & Infrastructure, Energy and General Corporate.

Have advised various social enterprises and start ups in setting up business in India.

Worked for the leading law firms of India such as FoxMandal Little.

Page 24: Risk management benchmarking 2013

24

RESUMES - Our team Credentials P

ha

nin

dra

Pra

ka

sh

Vice President – Riskpro India

FCA [India], ACMA [India], CFE [USA], CertIFRS [UK]

Over 16 years of extensive consulting experience which includes financial & systems audit, process transformation, implementation of internal controls, SOX compliance, fraud audits & due diligence, US-India taxation

Engaged in consulting roles as trusted advisor to finance, internal audit and information technology executives of multiple Fortune 1000 companies with project sites in US, Canada, Europe & Asia

Worked with E&Y and Deloitte Consulting in USA

Some of the major clients served internationally are GE Capital, UBS, McKesson, Eaton, Imation, Albertsons,

EVP and Head – Telecom Risk Advisory

M.Tech, IIT Kharagpur, India; IES; Doctoral study, research and teaching in Linkoping University/Sweden; Lead Auditor (BVQI).

Over 30 years on International experience in networks and mobile Handsets from top global companies /institutes like ISRO, Ericsson, Nokia, Nokia Siemens Networks and based mostly in its head quarter locations in India, EU, USA.

Expertise: Setting up capability, behaviour, culture in turning Risk, Quality, Innovation for competitive advantage, customer delight and sustainability; key skill sets are Engagement, Handholding, Coaching, Mentoring and lot of best practices, benchmarking/standards like CMMI, TL9000, Six Sigma, ISO, SAS 70 etc.

Aso

k S

it

Page 25: Risk management benchmarking 2013

25

Executive Vice President – Risk Management ( Banking & Financial Services)

Professional Risk Manager with considerable domestic and international experience

An aggregate experience of 30 + years across industry, mainly Banking in several functional areas including Wholesale Credit Risk, Operational Risk, Trade Finance , Retail Banking and Islamic Financial Services.

Track record of setting up of excellence in the set-up, and management of credit and operational risk, compliance and credit administration functions in retail, commercial , Islamic Banking and offshore banking entities in the Middle East.

Key strength includes Corporate Credits, Risk Management in IT, implementation of Risk Management module in core banking Bank’s Policies, procedures, Country Risk. Played an active role in 3 core banking software implementations

Worked for a Private Sector Bank in India, ABN AMRO Bank, Bahrain, Bank Muscat Bahrain and BMI Bank Bahrain as AGM Risk Management.

Vija

ya

n G

ovin

da

raja

n

RESUMES - Our team Credentials

Page 26: Risk management benchmarking 2013

26

RESUMES - Our team Credentials S

idd

ha

rth

a G

ho

sh

Executive Vice President – Riskpro India

CPA (USA), ACA, ACS, Grad CWA (India), MBA (USA), Associate ICPAS (Singapore)

Over 25 years of extensive audit and industry experience which includes 19 years with Rolls-Royce India Pvt Ltd at New Delhi and its associate and parent companies of Rolls-Royce in UK, USA and Singapore in all aspects of Finance, Taxation, Audit, Banking, Legal, Company Secretarial, Statutory compliances and due diligence, Internal Control, ESOP, Budgets, Cashflows, Forecasts, MIS Reporting, HR, Expatriate & Office Administration, Payroll, IT, Retirement Funds Administration, Shared Services, Project Accounts, etc.

Worked with Price Waterhouse Coopers for 4 years with reputed MNCs, banks, Indian corporate houses

Worked with McNally Bharat Engineering Company Ltd for 4 years

Page 27: Risk management benchmarking 2013

27

Key Contacts Corporate Mumbai Delhi Bangalore

Riskpro India Ventures (P)

Limited

[email protected]

www.riskpro.in

C 561, Defence colony

New Delhi 110024

Manoj Jain Director

M- 98337 67114

[email protected]

Shriram Gokte

EVP - Risk Management

M- 98209 94063

[email protected]

Sivaramakrishnan President – Banking & FS

M- 98690 19311

[email protected]

Rahul Bhan Director

M- 99680 05042

[email protected]

Hemant Seigell SVP – Risk Management

M- 99536 97905

[email protected]

Casper Abraham Director

M- 98450 61870

[email protected]

Vijayan Govindarajan EVP – Risk Management

M- 99166 63652 [email protected]

Ravikiran Bhandari VP – IT

Risk Advisory M- 99001 69562

[email protected]

Ghaziabad / Noida Chennai Kolkata Gurgaon

Siddhartha Ghosh

EVP - Finance M- 9810058072

[email protected]

R Gupta - Insurance Risk M- 98101 07387

R. Muralidharan

EVP – Risk Management

M- 95660 77326

[email protected]

Kashi Banerjee

EVP – Risk Management

M- 98304 75375

[email protected]

Nilesh Bhatia

Head – Human Capital Mgt.

M- 98182 93434

[email protected]

Asok Sit

EVP – Telecom Risk Advisory

M- 98105 03463

[email protected]

Pune Salem Ahmedabad Hyderabad / Agra

M.L. Jain

Principal – Strategy Risk

M- 98220 11987 [email protected]

Chandrasekeran

Recruitment franchisee

M – 94435 99132

Maulik Manakiwala Member Firm

M – 98256 40046

Gourav Ladha Sap Risk Advisory

M- 97129 52955

Phanindra Prakash (Hyderabad)

Member Firm

M- 95500 61616

Alok Kumar Agarwal (Agra) Member Firm

M- 99971 65253