Effective Enterprise Risk Management with ErmsCo ERM Foundation

Transcription

1 Executive Brief Effective Enterprise Risk Management with ErmsCo ERM Foundation

2 Introduction to ErmsCo About ErmsCo ErmsCo is a consulting and training firm that focuses on assisting financial institutions with optimizing their enterprise risk management (ERM) processes. Our mission is to help our clients optimize the resources and controls used to manage risk. At the same time we work with clients to fine-tune risk management resources to the performance objectives of the financial institution. Using proven methods and solutions to achieve targeted results, ErmsCo consistently delivers outstanding value to our clients. Our Team The ErmsCo team includes experienced banking professionals who have strong expertise in enterprise risk management. Our areas of expertise include risk management in governance, credit, operations, information technology and markets. Our professionals fully understand the challenges that bankers face with managing risk and we approach each client with careful consideration of the demands on time, resources, and pressures bankers face to deliver results. We are lead by Mr. John Drew, who has served as a Chief Risk and Credit Officer with large regional banks. Over the years, Mr. Drew has been an active board member on risk management trade associations. In addition, he has assisted with training of bank examiners at the national and state level on risk and credit management practices. Malvern National Services Malvern National Services represents ErmsCo with business development activities. In conjunction with ErmsCo, Malvern National Services works closely with its clients to optimize performance with a proven set of solutions and services. 2

3 Need for Effective Enterprise Risk Management Risk is routinely managed as part of banking responsibilities. However the processes used to manage risk varies widely. The most effective method for managing risk is through a well-designed and forward-looking enterprise risk management process. Many banks use periodic risk assessments that look at past performance compared to a forward-looking process that has well defined risks, implementation of effective controls and continuous alerts to changes in risk through key risk indicators. Backward Looking Forward Looking Silo-View Risk Management vs. Enterprise Risk Management When using a forward-looking risk control process, enterprise risk management can provide a cross-functional view of risk management across the enterprise rather than a silo-view approach. In addition, business units can see inter-dependent risks within the enterprise while a silo view of risks prohibits inter-dependent views. Enterprise Risk Focus IT Operations Credit Treasury Banking Finance Networks Support Applications Production Payments Credit Finance Commercial Business Consumer Investments Cash Mgmt Branches Commercial Fin Services Accounting Tax Audit Enterprise risk management starts with senior management setting the standards for risk appetite and returns. Management also adopts a common risk language with standard definitions along with a clear and consistent rating scale that allows for a comparable review of risk ratings. In addition, risks are tied to specific processes which are then assigned to owners who are accountable for the management and control of the risk. 3

4 The ErmsCo ERM Foundation Solution With ErmsCo ERM Foundation a bank can begin preparing to implement a functional and robust enterprise risk management program. ERM Foundation includes a complete set of plans, sample documents and proven models/components which enable a bank to cover all the necessary steps to build Enterprise Risk Management without overlooking key success factors. Frameworks, Organization Structures, Charters, Policy/Procedures ERM Foundations starts with a complete set of administrative and organizational components to define and build an effective enterprise risk management program. Included are examples to build the frameworks, organizational structures, charters and associated policies and procedures from the board level down to individual risk owners. Getting a structure and framework that works correctly for the unique profile of an individual bank is critical to the functional success of enterprise risk management. ERM Foundations provides both proven components and a road map to implement a sound ERM program. Complete Inventory of Risks, Controls, Key Risk Indicators and Rating System Defining an adequate list of risks and associated risk controls is a challenge for any size bank. ERM Foundation comes with a proven inventory of risks definitions, functional controls and selected key risk indicators to enable a bank to manage risk in a proactive and strategic manner. Risk management should be viewed both as a key success factor as well as a competitive advantage if risk is understood and effectively managed. ERM Foundations provides proven content that enables a bank to select the risk content that best matches the bank s unique business model. Training and Advisor Options Banks have a wide array of experience and skill sets associated with risk management. ErmsCo understands that some clients will utilize ERM Foundation with very little assistance due to internal resources while other banks may wish to have selected training on enterprise risk management. ErmsCo has an array or training programs and advisor options that can be tailored to the needs of a bank. All of these services are optional, affordable and flexible to the needs of our clients. 4

5 Key Results with ErmsCo ERM Foundation Less Time and Development of an ERM Program ERM Foundation can be considered ERM Tool Box because ErmsCo delivers a complete framework of ERM content that can be quickly applied to the development of a bank s ERM program. Countless hours of development of a program can be avoided by using ERM Foundation. The contents have been proven in other banks with sound success and results. On the following pages are listed the components included in ERM Foundation. Reduction in Loss Exposure One of the key results of a successful ERM program is the reduction in loss exposure. A sound ERM program will reveal areas where the bank is most vulnerable to the risk of loss. With the sound practices of ERM, a bank will be able to continuously gauge the changes in risk levels along with the resources applied to control risks. Executive management will be able to make informed decisions on prioritizing resources to address risks that are most threatening to the bank. Competitive Advantage Once a bank can effectively gauge risk in all relevant areas of the bank, the management team will be able to conduct strategic planning to determine the best rate of risk/return it can achieve against a competitive landscape. Establishment of Risk-Aware Culture While ERM can provide a methodology to manage risk, ERM can also build a riskaware culture whereby every risk owner becomes accountable for risk. This leads to all risk owners participating in the ERM process whereby everyone understands the cause/impact of proactive risk management. ERM also provides a conduit where risk owners are encouraged to report risk exposure in a timely fashion so that executive management can reduce risk exposure sooner rather than later. Ahead of the Regulatory Curve The financial industry and government agencies all acknowledge that financial institutions need to strengthen risk management with all aspects of banking. Areas such as credit, fraud, on-line security gain much of the headlines, however, many other areas of risk are also increasing such as compliance, reputational and operational to name a few. ERM helps to identify and manage in a proactive manner all important risks which is a preferred state of operating and viewed as a strong management practice. 5

6 ErmsCo ERM Foundation Contents The description of the seventeen individual components of ERM Foundation are listed on the next two pages of this brief. A detailed review of the individual components can be further reviewed during a presentation with ErmsCo. 1. Risk Management Process Enhancement Program Framework To get underway, a game plan is needed to successfully develop and implement a comprehensive Enterprise Risk Management Program. ERM Foundations starts with a sample Program Framework that is the basis for building a plan for ERM. This plan is built through collaborative representation from key stakeholders with the objective of alignment to the bank s strategic plan and risk management goals. 2. Risk Management Process Continuous Enhancement Model In order to keep management of risks updated and dynamic, a continuous enhancement model is required to set key activities to ensure successful implementation of a value driven Enterprise Risk Management process. A sample model and process is outlined in ERM Foundations. 3. Enterprise Risk Management Implementation Project Plan Outline A detailed project plan details all the key milestones, activities and tasks required to ensure the Risk Management Process Enhancement Program and Enterprise Risk Management process are effectively organized, resourced, sequenced, stay on track and completed timely. 4. Board Risk Management Committee Charter Framework A framework to define the Board s risk oversight responsibilities is included which states how a Board s Risk Management Committee should be empowered to enact and oversee the effective implementation and exercise of Enterprise Risk Management. 5. Board Committees Organizational Structure with ERM Integrated Board organizational structures are outlined to encompass the key risk oversight mandates of the corporate environment and governance responsibilities a Board should be empowered to perform. 6. Risk Management Organizational Process Model Alignment of Board and Executive Management level organizational structure examples are included to ensure risk management process integration, roles and accountability is performed. 7. Internal Management Committee Organizational Structure with ERM Examples of Executive Level, Senior Management and key internal to form operating committee alignment are presented which defines accountability to ensure risk culture integration into business processes. 8. Enterprise Risk Management Policy Framework Structure and key components for establishing Enterprise Risk Management policies within the bank including empowerment, delegation and reporting of risk information are included. 6

7 ErmsCo ERM Foundations Contents 9. Enterprise Risk Management Procedures Framework The development of necessary procedures are accomplished by developing a Procedures Framework. Examples of structure and key components for the delineation of responsibilities, accountability for Enterprise Risk Management on a day to day basis at all levels of the bank are included. 10. Enterprise Risk Management Taxonomy The language of enterprise risk management is included with a full taxonomy. Key terms and definitions of a common risk vocabulary are defined for all the Enterprise Risk Management activities conducted within the bank. 11. Risk Management Authority & Escalation Process Process examples are included to define the structure and key components for the delineation of risk decision accountability for Enterprise Risk Management on a day to day basis and at all levels of the bank. 12. Enterprise Risk Management Technology Solutions An evaluation method is provided which includes an approach for documentation and analysis of leading risk management system technologies available in the market including an assessment tool for system evaluation and selection. 13. Risk Rating Framework COSO aligned model for the development of the bank s Enterprise Risk Management risk and control rating matrix is provided. 14. Risk (500+) and Control (1500+) Inventory A comprehensive and complete foundational COSO-aligned inventory of typical regional bank risks and controls organized by key processes and sub-processes. This proven inventory covers all functional areas of a bank and can be implemented swiftly in financial institutions. 15. Initial Set of Key Risk Indicators Overview, orientation and development tools to build Key Risk Indicators are provided along with an initial set of KRI s typical for regional banks. 16. Board ERM Reporting Framework Set of Enterprise Risk Management reporting designs to facilitate audience appropriate value driven communication of key risk information are included. 17. Internal Risk Management Committee Reporting Framework A working framework to define what reporting elements to use for internal management purposes. 7

8 Risk Management in News Recent Announcements In 2011, the Federal Reserve Bank issued proposed standards and early remediation requirements for risk management under the Dodd-Frank Act. Publicly traded bank holding companies with $10 billion or more in total consolidated assets must establish a risk committee of the board of directors that is responsible for oversight of enterprise-wide risk management. The risk committee must be comprised of an appropriate number of independent directors and include at least one risk management expert. Impact Banks of all sizes will eventually need to demonstrate advanced proficiency in managing risk across their enterprise. Learn More We would like the opportunity to be of further service to you and would be glad to schedule an executive session to review in detail how our program could perform for your bank. You can reach either Brian Blair or John Drew listed below for further discussion. Brian Blair President Malvern National Services ErmsCo Strategic Business Partner bblair@malvernnational.com Office: Website: John Drew President Director of ERM Services john@ermsco.com Office: Website: Offices Philadelphia & Houston 8

9 Our Business Philosophy The ErmsCo operating model embodies these concepts to ensure effective relationships and results Common Sense: balanced approach to business decisions and judgment Candor: professionally state the question or call the point as needed Courage: take actions needed to optimize risk management and create value Communicate: professionally, fully and concisely Commitment: to our clients and completing our charge everyday v100 9