OVERVIEW OF ENTERPRISE

RISK MANAGEMENT
 Key definitions
ENTERPRISE

Any purposeful or industrial undertaking created

for business venture

2
 RISK
Risk, in traditional terms, is viewed as
‘negative’.

Webster’s dictionary, for instance, defines risk

as “exposing to danger or hazard”.

The Chinese give a much better description of

risk
 The first is the symbol for “danger”, while
 the second is the symbol for “opportunity”,
making risk a mix of danger and opportunity.

3
 RISK MANAGEMENT

Risk management is an attempt to

identify, to measure, to monitor and to
manage uncertainty.

4
No
Risk …

No
Gain!
5
 Enterprise risk management
( ERM)
COSO (Committee of Sponsoring
Organizations of the Tread way
Commission) defines ERM as

“…a process, affected by an entity’s

board of directors, management and other
personnel, applied in a strategy setting and
across the enterprise, designed to identify
potential events that may affect the entity,
and manage risk to be within its risk
appetite, to provide reasonable assurance
regarding the achievement of entity goals.”
6
 Features of ERM
 ERM is an ongoing process
 ERM is an Integral part of how an organization operates
 ERM applies to all organizations, not just financial
organizations.
 Risk applies broadly to all things threatening the
achievement of organizational objectives
 Risk is not limited to threats, but also refers to
opportunities.
 The goal of an organization is not “risk minimization”, but
seeking an appropriate “risk-return position”.

7
 RISKS vs. OPPORTUNITIES
 Risk is a possibility that an event will occur and adversely affect the
achievement of objectives

 Opportunity is the possibility that an

event will occur and positively

affect the achievement of the

organization’s objectives and creation of value

8
 Traditional risk management
vs. ERM

• Traditional risk management is • ERM stresses the management

more related to financial and of operational and strategic
hazard risks i.e. transferable risks
risks (insurance, investment,
banking etc.)
• ERM requires skill in strategic
• Traditional risk management planning, process re-
requires more accounting type engineering, and marketing
skills

9
 Scope of ERM
 Aligning risk appetite and strategy
 Enhancing risk response decisions
 Reducing operational surprises and losses
 Managing multiple and cross enterprise risks
 Grabbing opportunities
 Improving deployment of capital

10
Objectives of ERM
 Improve risk-based decision making
 More effective use of capital
 Comply with regulatory changes
 Improve shareholder value
 Anticipating problems before they become a threat
 Co-coordinating various risk management activities

11
Types of Risks
Top managment
External pressure
from:
- Regulators
- Shareholders
- Trading partners
- Customers

RISKS

Market Inherent Credit Residual

Static Systematic

12
 Market risk
It is the risk that shows the
value of on and off-balance
sheet positions. Financial
institution will be adversely
affected by movements in
market rates or prices such as
interest rates, foreign
exchange rates, equity prices,
credit spreads and/or
commodity prices resulting in
a loss to earnings and capital.

13
Inherent risk
- A risk which is impossible to manage or transfer
Static risk
-Risk which is transferable and occurs at a given time

Credit risk
-Failure to meet the obligated payments to counter parties on
time
Systematic risk
-The risk of holding Market Portfolio. Systematic risk consists of the
day-to-day fluctuations in a stock's price.

Residual risk
-That remains after the action to mitigate risk is taken

14
 Are You Prepared?

Too many businesses fail for the wrong reasons.

 They don't fail because their products are inferior, because
they are bad at marketing, or because they are bad at
controlling costs.
 They fail because they do not identify and manage risks.
 When a disaster happens — an incident they should survive
but they aren't prepared. They didn't anticipate what could
happen, and they certainly didn't plan for it.
 Unprepared businesses suffer badly or fail.

15
 Implementation of ERM

The basic elements of an effective risk management program are:

1. Senior management and board level commitment
2. Risk management policies and procedures established in writing for the
most prominent risks, with specific objectives and targets
3. Clearly defined responsibilities for managing and controlling risk
4. Ongoing employee training is essential
5. Testing and monitoring of all programs and procedures
6. Regular reports including independent audits prepared for review by
senior management and board of directors

16
 Limitations Of ERM

The inherent limitations include :

 Realities that human judgement

in decision making can be faulty

17
 Breakdowns can
occur because of
human failures
such as a simple
error or mistake

18
 The management
has the ability to
override the ERM
process

19
 Needto consider the relative costs and
benefits of risk responses.

20
 Role Of Various Authorities

ROLE OF THE BOARD

 Provide insight to management
 Understand key elements of ERM.
 Inquire the management about risks.
 Concur (agree) on certain management
decisions

21
 Role Of Risk Committee
 Participate in risk strategy analysis.
 Develop and refine risk
appetite/tolerance.
 Evaluate material risk exposures.
 Oversee the roles and responsibilities of
the Internal Auditor.
 Review semi-annual and annual
consolidated reports

22
 Role of chief executive officer
 Provide direction to the senior managers.
 Setting broad based policies reflecting the entity’s risk
management philosophy and risk appetite

Role Of Chief Risk Officer

 Establish Corporate-wide risk limit.
 establish risk management standards
 Review and approve policy exceptions

23
 Role of management
 Comply with risk management
policies.
 Applying ERM techniques and
methodologies.
 Ensuring risks are managed on
daily basis
 Provide unit leadership with
complete and accurate reports

24
 Role of Internal auditor
Support management by
providing assurance on the

– ERM Process function

– Effectiveness and efficiency

of risk responses and
control activities.

– Completeness and
accuracy of ERM reporting

25
Risk management is a

Continuous Journey

26