risk management benchmarking 2013
TRANSCRIPT
1
Risk Management Benchmarking Services
Riskpro, India
2
Who is Riskpro… Why us?
ABOUT US
Riskpro is an organisation of member firms around India devoted to client service excellence. Member firms offer wide range of services in the field of risk management.
Currently it has offices in three major cities Mumbai, Delhi and Bangalore and alliances in other cities.
Managed by experienced professionals with experiences spanning various industries.
MISSION
Provide integrated risk management
consulting services to mid-large sized corporate /financial institutions in India
Be the preferred service provider for complete Governance, Risk and Compliance (GRC) solutions.
VALUE PROPOSITION
You get quality advisory, normally delivered by large consulting firms, at fee levels charged by independent & small firms
High quality deliverables
Multi-skilled & multi-disciplined organisation.
Timely completion of any task
Affordable alternative to large firms
DIFFERENTIATORS
Risk Management is our main focus
Over 200 years of cumulative experience
Hybrid Delivery model
Ability to take on large and complex projects due to delivery capabilities
We Hold hands, not shake hands.
3
Risk Management Advisory Services
Training Recruitment
Basel II/III Advisory Market Risk
Credit Risk
Operational Risk
ICAAP
Corporate Risks Enterprise Risk Assessment
Fraud Risk
Risk based Internal Audit
Operations Risk
Forensic services
Information Security IS Audit
Information Security
IT Assurance
IT Governance
Operational Risk Process reviews
Policy/ Process Review
Process Improvement
Compliance Risk
Governance Corporate Governance
Business Strategic risk
Fraud Risk
Forensic Accounting
Other Risks Business/Strategic Risk
Reputation Risk
Outsourcing Risk
Contractual Risk
Banking – E Learning
Corporate Training
Regular Risk Management Training
Online Training material
Workshops / Events
Virtual Risk Managers
Full Time Risk Professionals
Part time Risk Professionals
Risk Managers on call – free
S E
R V
I C
E S
4
Riskpro’s Network Presence
New Delhi
Mumbai
Bangalore
Ahmedabad
Pune
Agra
Salem
Kolkata
Hyderabad
Chennai
Jaipur
5
Risk Management Benchmarking Methodology
Why Benchmark
Necessary to evaluate your risk management framework vis a vis competition to ensure
minimal financial and reputation losses or atleast losses should not exceed industry
average
To plug loop holes that management knows exist, and to indentify more of such gaps
A comprehensive exercise mandated by the Board to carry out a major revamp of old and
outdated risk management framework
to understand how divisions or programs compare internally or to industry standards
To minimise overlaps with internal audit, compliance, to bring efficiencies and better
integration of overall GRC framework
How Benchmarked
Benchmarking to International Best practice - The risk management process will be
compared with and measured against world wide best practice and international risk
management standards
Risk Management Maturity Models will be used to evaluate the exiting maturity of risk
frameworks and where the firm needs to evolve to.
Benchmarking exercise will assess all aspects of the risk management process by
reviewing documentation, reports etc and interviews with key personnel
6
Benchmarking Overview – Evaluation of Risk Management
Framework
Define Scope
1.Only Holding company or all entities across the group
2. Gap Analysis only or process improvement along the way
Execution of Benchmarking Procedures
1. Perform agreed procedures
2. Frequent interaction to share results and findings
3. Stay focused on value added procedures
Reporting Findings
1. Final report
2. PPT presentation to Senior Management
3. Further related advisory
7
Risk Management Benchmarking Procedures applied
A. Risk Management Strategy and
Governance
1. Evaluation of risk strategy against best
practices
2. Risk Appetite Framework
3. Adequacy of risk management standards
and frameworks adopted
4. Linkage to Corporate and business
objectives with risk appetite
5. Setup of risk governance and effective of
committees/charter
6. Risk culture and training, awareness
7. Adoption of relevant regulatory requirement
such as AML/KYC, Risk reporting and
disclosure
8. Review of internal audit reports on risk
management function
B. Risk Identification and Evaluation
1. Methods used to identify risk
2. Sources of risk, level of inherent risk
3. Extent to which risks have been identified
at the appropriate level
4. Risk definitions – including use of inherent
(gross) and residual (net) risks
5. Categories of Risk and how determined
6. Risk workshops – approach used
7. Use of scenario planning
8. Advanced models to gauge risks
9. Measuring the impact and the likelihood of
occurrence of each risk
•Approach adopted
•Risk matrix – evaluation against best practice
•How has the approach ensured consistency
•Ease of understanding by managers using the
process
•Reliability of the information gathered
8
Risk Management Benchmarking Procedures applied
C. Assessment of Risk Mitigation
1. Approach adopted – workshops or other
approach
2. Risk Assessment – Adequacy of frequency
and output of top risks
3. Method employed to assess risk mitigation
4. Identification of risk exposures
5. Establishment of action plans.
6. Risk treatment analysis – how have the
cost/ benefits of dealing with exposures /
exploiting opportunities been assessed?
7. Proper escalation and communication of
alerts, triggers of breaches
D. Output from the Risk Process
1. Risk register – method adopted
2. Completeness of risk registers
3. How has consistency been ensured
4. Approach adopted to deal with anomalies
5. Risk owners – how have these been
determined
6. How risk interdependencies have been
addressed
7. Reports for Senior Management
8. Board reporting to review progress in
addressing the exposures – method
adopted
9. Methodology for emerging risks
10. Risk disclosures – Regulatory and
voluntary
9
Risk Management Benchmarking Procedures applied
E. Risk Principles and Risk
Culture embedding
1. Approach adopted – workshops or other
approach
2. How have corporate risks been linked into
the Strategic planning process
3. Has the process been adopted across the
organisation?
4. How have operational risks into the
business planning process
5. Approach adopted for risk tracking
6. How has the decision making process
been influenced by the adoption of the
formal risk management process?
7. What benefits have been delivered?
8. Integration of incident management
9. Integration of Business Continuity planning
10. Have risk champions been identified via
the process?
F. Project Wrap up and Reporting
1. Final report with our major and moderate
findings
2. Below each finding, a recommended
improvement suggestions will be provided
3. An overall list of minor issues noted will be
attached as Annex
4. Final presentation to Board/Senior
Management on the project
5. Undertaking additional assignments as a
follow up of the report, depending upon the
future scope agreed upon.
10
Project Summary – Estimated Costs
Risk Component Estimated Duration Estimated Pricing
Risk Management Benchmarking 4-6 weeks To be finalised after
discussions of scope
TOTAL (exclusive of Service tax) TBD
Project Exclusions
Scope of our assignment will be as mentioned in the detailed proposal that we will submit to
you. The benchmarking methodology is an illustration of the types of procedures carried out for
various benchmarking exercise. Depending upon the project scope and budget, final
procedures will be part of the engagement letter
In particular, the following are not in scope for the current proposal.
Formulation or enhancement of any policy, process note or procedure documents
Implementation of any risk management component is excluded. Example Enhancing risk
registers, creating risk reports, MIS information etc
Existing regulations will be used as a benchmark.
11
Riskpro’s other
Services
12
Risk Management Trainings – Delivery Methods
Onsite- Instructor Led Online- Web based Webinars
Corporate Institutional trainings
for senior management with
strategic interest areas
Classroom trainings for junior/
mid level executives
Delivered by knowledgeable
experts across industry
domains
Multi city delivery capability for
training to large audience
Suitable for frontline staff for
induction and onboarding
requirements
Delivered live by experts
providing topic outline
framework
Low cost model at regular
intervals or fixed duration e-
learning platform
Interactive webinars on hot
topics or customized areas for
global access audience
Complimentary or Recorded
versions for self paced re-cap
and reference
On demand services with select
topics
Conducted by industry experts
with Q&A session
13
Our Recruitment services
Full Time Staffing
Riskpro is constantly building its network of Risk Professionals across India
Today, we can help you hire risk professionals at all levels of experience
We differentiate from other recruitment firms, because, as Risk Managers ourselves, we
are able to better match your requirements and candidate experience
Our charge out rates are competitive
Slab rates. As we do more business with you, the rates come down.
Temporary Staffing - The Project Team
Pool of highly qualified staff with deep risk expertise
Available for your short to medium term needs
Varying levels of professionals available. Experience starting from 4 years to 20 years. All will have CA, ICWA or equivalent qualification.
The Project employees pool will be available as per your needs and the employees on site can start/stop projects as per your master project plan.
RECRUITMENT
14
Risk Based Internal Audit How we Do
Transaction
Audit
Control
Reviews
Process
Reviews
Risk
Assessment
Fraud
Mitigation
Enterprise Risk
Assessment
Increasing Enterprise Risk Focus
Nee
d o
f O
rga
niz
ati
on
s
Internal Auditing helps an organization
accomplish its objectives by bringing a
systematic, disciplined approach to evaluate
and improve the effectiveness of risk
management, control and governance
processes. Source: The Institute of Internal Auditors 1999 (IIA)
Benefits of Risk based Audit
• Traditional audit view value added
techniques
•Risk profile of Businesses
•Internal Controls & Ops Risk reviews
•Cost reductions recommendations
•Review of Fraud Risk Controls
15
Our Solution for Fraud Investigation
Based on our understanding of your requirements, we have customized a package of our solution offerings to meet your needs.
To detect and prevent fraud
and evaluate Code Of
Conduct Compliance on
following parameters :
Fraud Detection
Fraudulent Vendor
Recruiting new dealers, suppliers, franchisees or distributors
Anti-Fraud Measures
Monitoring Compliance and Authorization
Workplace Practice
Background check for employees
Background check for customers
Prevent default of high value bills
Our Solution For you
Analyze
Investigate
Resolve
Understanding Your Supply
Chain
To Monitor Your Process
Evaluating your need
Source Root cause of Problem
Obtaining And securing Evidence
Confidential Interviews
with vendors
Prioritize solutions and
remedial measures
Quantify Loss and Suggest
possible Actions
Solve Compliances
Issues
Benefits To You
Protects you from any
Monetary or Reputation
damage
Code of conduct
establishment
Enables you to identify
risks / control gaps
Helps you identify any
undisclosed production
Risk Mitigation
How we Do
16
IT Governance How we Do
IT ASSURANCE
• Business Continuity Planning
• Computer Crime Investigations
• Training in IT
• Compliance with IS Policies &
Procedures
INFORMATION SECURITY
• Penetration Testing
• Application Systems - Security review
• Review of IS Controls
• BS 7799 / (ISO 27001) Implémentation
• Formation of IS Security Policy
• Compliance with IS Policies & Procedures
IT GOVERNANCE
• COBIT
• ValIT
• Balanced Scorecard
• IT & Business Maturity Models
IS AUDIT • Operating Systems Audit
• Database Audit
• Networking Audit
• Firewall Audit
• IDS Audit
• Web Application, Data Center Audit
• Internet Banking, Core Banking Audit
• Performance & Forensic Auditing
•Application Systems - Functional review
• Compliance with IS Policies & Procedures
17
Riskpro Training Credentials - Example
Company Training Details
One Day Fraud Risk Training in the Factoring Business
In-depth understanding of fraud schemes, fraud prevention measures
One Day Risk Management Training / ISO 31000 Training
Enterprise Risk Management Training with a focus on Strategic Risk,
Reputation Risk and Outsourcing Risk
One Day intensive Enterprise Risk Management Training at Sanand,
Gujarat
Training Led by Ex Head – Corporate Risk Management Larsen & Toubro
Half day session on Managing Corporate Governance Risks at the Board
level
Similar trainings and programs at other public forums such as
ASSOCHAM
Half Day training on Key Risk Indicators at Corporate Office
How to successfully choose effective KRI and implement leading and
lagging KRI
One Day training on Corporate Fraud Risks at the Company’s offsite
Numerous case studies and interactive sessions
18
Riskpro Clients Our Clients
*Any trademarks or logos used throughout this presentation are the property of their respective owners
Banking/
Insurance
Corporate
MNC
Banking
Intl
Consulting
IT / Others
19
Team Experiences Our Experiences
Any trademarks or logos used throughout this presentation are the property of their
respective owners
Our team members have worked at world class Companies
20
RESUMES – Our team
Co-Founder - Riskpro
CA, CPA, MBA-Finance (USA), FRM (GARP)
Over 10 years international experience – 6 years in Bahrain and 4 years USA
15 years exp in risk management consulting and internal audits, Specialization in Operational Risk, Basel II, Sox and Control design
Worked for Ernst & Young (Bahrain), Arab Investment Company (Bahrain), Navigant Consulting(USA), Kotak Mahindra Bank (India) and Credit Suisse(India)
Sox Compliance project for Fannie Mae, USA ( $900+ Billion Mortgage Company)
Manoj Jain
Co- Founder - Riskpro
CA (India), MBA (Netherlands), CIA (USA)
Over 15 years of extensive internal and external audit experience in India and abroad.
Worked with KPMG United Arab Emirates, PKF South Africa, Ernst and Young Kuwait, Deloitte Netherlands and KPMG India.
Worked with clients in a wide variety of industries and countries including trading, retail and consumer goods, NGO, manufacturing and banking and finance. Major clients include banks, investment companies, manufacturing organizations, aviation etc.
Rahul B
han
Credentials
21
RESUMES - Our team
Co-Founder - Riskpro
PGD (Electrical & Electronics & Computer Programming)
30 years of experience in Information & Communications Technology (ICT) Solutions for Retail, Garments, Manufacturing, Services Industries.
Has created Companies, Divisions, Products, Brands, Teams & Markets.
Consulting in Business, Technology, Marketing & Sales & Strategic Planning.
Advisory, Training, Workshops & Implementation in Systems Thinking, Systems Modeling & Balanced Scorecard
Worked with TIFR, Mahindra, Ambience, Communico-Graphique & Ionidea Inc, USA,
Casper
Abra
ham
Credentials
Senior Vice President – Risk Management (Fraud Risk, BFSI)
MBA, PDFM, NSE-NCFM, PMP, CSSGB,Trained ISO 9001:2000 I.A
Professional with 17 years of rich experience into diverse Consumer finance/ Lending operations ,Risk Management,BPMS, Consumer Banking, NBFC, Management Consulting & Housing finance in BFSI industry having successfully led key business strategic engagements across multi-product environment in APAC, Australia and US regions.
Worked with GE, ABN AMRO Bank, Citigroup, Accenture, Deutsche Postbank
Highly skilled and expert Trainer in Fraud Risk areas across Credit, Corporate Risk management.
Specializes in Fraud Control, Compliance QA ,ERM and Regulatory governance.
Hem
ant S
eig
ell
22
RESUMES - Our team
Head – Taxation Risk Advisory
B.Com, FCA
Senior Partner with 48 year old Delhi based Chartered Accountant firm, Mehrotra and Mehrotra
Over 19 years of experience in the field of Audit, Taxation, Company law matters.
Major clients served are NTPC, BHEL, Bank of India, PNB, Airport Authority of India etc.
Raje
sh J
hala
ni
Credentials
President – Banking & Financial Services
A senior researcher in Applied Mathematics leading to Ph.D after MSc (Mathematics), CWA, CAIIB
Combined experience of 25+ years in corporate banking, risk management, international trade finance, development of risk rating models, project finance, credit monitoring and NPA management
Since 2006 conducting open / in-house training on the above domains to all Top public/ new and old private sector banks, top MNC banks (India and abroad), leading NBFCs and corporates in manufacturing and financial services space; Worked on IFC (World Bank) funded projects for MSMEs in India and abroad
Worked for Bank of Baroda and ICICI Bank – bestowed Top Performer Award continuously two years during his tenure; widely travelled abroad for business relations, seminars, offering training, investor meetings, NYSE listing and for processes involving establishment of representative Office in USA
Siv
ara
makrishnan
23
RESUMES - Our team Credentials
Vice President & Head – IT Risk Advisory
Over 14+ Years of Experience in Information Security and Risk Management & CISM certified
Headed the Global Information Security team of Daimler (Mercedes-Benz) Worldwide at Bangalore for 9 years, previously worked at organization like Wipro, Bangalore Labs
Multi-sector experience including Banking, Insurance, Finance, Energy, Manufacturing, Retail, Hi-Tech & Telecom, and Automobile
Well known Ethical hacker: Was featured in BusinessWorld Magazine in an article about leading ethical hackers in India and published several articles in Print and Online Media
Rich experience in Information Security Audits across Corporations, 3rd Party Suppliers, Joint Ventures across several countries in the world including US, UK, China, Germany
Aashis
h S
hrivasta
v
Ravik
iran B
handari
Vice President – Legal Risk Advisory
B.B.A. LL.B. (Hons.)
About half a decade experience in legal services to client’s with respect to Contract and Commercial Laws, Joint Ventures, Inbound & Outbound Investments, Private Equity Investment Transactions, Real Estate & Infrastructure, Energy and General Corporate.
Have advised various social enterprises and start ups in setting up business in India.
Worked for the leading law firms of India such as FoxMandal Little.
24
RESUMES - Our team Credentials P
hanin
dra
Pra
kash
Vice President – Riskpro India
FCA [India], ACMA [India], CFE [USA], CertIFRS [UK]
Over 16 years of extensive consulting experience which includes financial & systems audit, process transformation, implementation of internal controls, SOX compliance, fraud audits & due diligence, US-India taxation
Engaged in consulting roles as trusted advisor to finance, internal audit and information technology executives of multiple Fortune 1000 companies with project sites in US, Canada, Europe & Asia
Worked with E&Y and Deloitte Consulting in USA
Some of the major clients served internationally are GE Capital, UBS, McKesson, Eaton, Imation, Albertsons,
EVP and Head – Telecom Risk Advisory
M.Tech, IIT Kharagpur, India; IES; Doctoral study, research and teaching in Linkoping University/Sweden; Lead Auditor (BVQI).
Over 30 years on International experience in networks and mobile Handsets from top global companies /institutes like ISRO, Ericsson, Nokia, Nokia Siemens Networks and based mostly in its head quarter locations in India, EU, USA.
Expertise: Setting up capability, behaviour, culture in turning Risk, Quality, Innovation for competitive advantage, customer delight and sustainability; key skill sets are Engagement, Handholding, Coaching, Mentoring and lot of best practices, benchmarking/standards like CMMI, TL9000, Six Sigma, ISO, SAS 70 etc.
Asok S
it
25
Executive Vice President – Risk Management ( Banking & Financial Services)
Professional Risk Manager with considerable domestic and international experience
An aggregate experience of 30 + years across industry, mainly Banking in several functional areas including Wholesale Credit Risk, Operational Risk, Trade Finance , Retail Banking and Islamic Financial Services.
Track record of setting up of excellence in the set-up, and management of credit and operational risk, compliance and credit administration functions in retail, commercial , Islamic Banking and offshore banking entities in the Middle East.
Key strength includes Corporate Credits, Risk Management in IT, implementation of Risk Management module in core banking Bank’s Policies, procedures, Country Risk. Played an active role in 3 core banking software implementations
Worked for a Private Sector Bank in India, ABN AMRO Bank, Bahrain, Bank Muscat Bahrain and BMI Bank Bahrain as AGM Risk Management.
Vija
yan G
ovin
dara
jan
RESUMES - Our team Credentials
26
RESUMES - Our team Credentials S
iddhart
ha G
hosh
Executive Vice President – Riskpro India
CPA (USA), ACA, ACS, Grad CWA (India), MBA (USA), Associate ICPAS (Singapore)
Over 25 years of extensive audit and industry experience which includes 19 years with Rolls-Royce India Pvt Ltd at New Delhi and its associate and parent companies of Rolls-Royce in UK, USA and Singapore in all aspects of Finance, Taxation, Audit, Banking, Legal, Company Secretarial, Statutory compliances and due diligence, Internal Control, ESOP, Budgets, Cashflows, Forecasts, MIS Reporting, HR, Expatriate & Office Administration, Payroll, IT, Retirement Funds Administration, Shared Services, Project Accounts, etc.
Worked with Price Waterhouse Coopers for 4 years with reputed MNCs, banks, Indian corporate houses
Worked with McNally Bharat Engineering Company Ltd for 4 years
Priti T
aw
ari
Vice President – Riskpro India
B. Com, ACA, Dip. IFRS
Over 6 years of extensive audit and industry experience in all aspects of Finance, Taxation, Audit, Legal, Company Secretarial, Statutory compliances and due diligence, Internal Control, Budgets, Cash flows, Forecasts, MIS Reporting, HR, Expatriate & Office Administration, Payroll, IT, Project Accounts, etc.
Worked with Price Waterhouse Coopers for 3 years in audit & assurance for reputed MNCs, Indian corporate houses.
Engage in own practice since 2010 specialize in outsourcing of finance department in mid size MNCs and consultation in Indirect Taxes and Management Reporting
27
RESUMES - Our team Credentials M
anoj K
um
ar
Senior Vice President CAIIB 20 Years of hard core banking experience in India’s most reputed banks across wide functional areas. Worked with Central Bank of India, ICICI Bank, HDFC Bank, and Axis Bank as Asst Vice President, Cluster Head, and Branch Head. Areas of expertise are Financial Risk Management, NPA-Credit-Debt Management, Asset Reconstruction, Project Finance, and others. Accomplished several achievements in the functional areas of banking.
28
Key Contacts Corporate Mumbai Delhi Bangalore
Riskpro India Ventures (P)
Limited
www.riskpro.in
F 186, Sarita Vihar
New Delhi 110076
Manoj Jain Director
M- 98337 67114
Shriram Gokte
EVP - Risk Management
M- 98209 94063
Sivaramakrishnan President – Banking & FS
M- 98690 19311
Rahul Bhan Director
M- 99680 05042
Hemant Seigell SVP – Risk Management
M- 99536 97905
Casper Abraham Director
M- 98450 61870
Vijayan Govindarajan EVP – Risk Management
M- 99166 63652 [email protected]
Ravikiran Bhandari VP – IT
Risk Advisory M- 99001 69562
Ghaziabad / Noida Chennai Kolkata Gurgaon
Siddhartha Ghosh
EVP - Finance M- 9810058072
R Gupta - Insurance Risk M- 98101 07387
R. Muralidharan
EVP – Risk Management
M- 95660 77326
Kashi Banerjee
EVP – Risk Management
M- 98304 75375
Nilesh Bhatia
Head – Human Capital Mgt.
M- 98182 93434
Asok Sit
EVP – Telecom Risk Advisory
M- 98105 03463
Pune Salem Ahmedabad Hyderabad / Agra
M.L. Jain
Principal – Strategy Risk
M- 98220 11987 [email protected]
Priti Tawari
M- 9011054085 [email protected]
Chandrasekeran
Recruitment franchisee
M – 94435 99132
Manoj Kumar
M – 98983 65320
Maulik Manakiwala M – 98256 40046
Gourav Ladha Sap Risk Advisory
M- 97129 52955
Phanindra Prakash (Hyderabad)
Member Firm
M- 95500 61616
Alok Kumar Agarwal (Agra) Member Firm
M- 99971 65253