Placing a Value on Enterprise Risk Management ADVISORY



Similar documents
Transforming risk management into a competitive advantage kpmg.com

Enterprise Risk Management: From Theory to Practice

How to Develop Successful Enterprise Risk and Vendor Management Programs

Commodity Price Risk Management (CPRM) - Trends and Challenges for Corporates

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Board oversight of risk: Defining risk appetite in plain English

Consumer Goods and Services

IBM Algo Asset Liability Management

How ERM programs evolve

Much attention has been focused recently on enterprise risk management (ERM),

Meet challenges head on

IT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP

Hedging at Your Insurance Company

Strategies for optimizing your cash management

How To Transform It Risk Management

Risk Assessment & Enterprise Risk Management

Understanding and articulating risk appetite

University of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No June 2007

Enterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Risk management and the transition of projects to business as usual

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

KPMG s Financial Management Practice. kpmg.com

Enterprise Risk Management & Information Technology

OWN RISK AND SOLVENCY ASSESSMENT AND ENTERPRISE RISK MANAGEMENT

Driving Business Value. A closer look at ERP consolidations and upgrades

How to stay competitive in a converging healthcare system kpmg.com

Export Development Canada

Financial Statements and Ratios: Notes

and Risk Tolerance in an Effective ERM Program

Accenture Risk Management. Industry Report. Life Sciences

How To Use Oracle Hyperion Strategic Finance

FlyntGroup.com. Enterprise Risk Management and Business Impact Analysis: Understanding, Treating and Monitoring Risk

Financial Ratio Analysis A GUIDE TO USEFUL RATIOS FOR UNDERSTANDING YOUR SOCIAL ENTERPRISE S FINANCIAL PERFORMANCE

Vital Risk Insights kpmg.com

Basel Committee on Banking Supervision. Review of the Principles for the Sound Management of Operational Risk

Capital Requirements Directive Pillar 3 Disclosure. December 2015

Managing Risk at Bank of America Corporation. Overview

The Essentials of Enterprise Risk Management. Steven C. Tourek, Senior Vice President, General Counsel & Secretary, The Marvin Companies

How to achieve excellent enterprise risk management Why risk assessments fail

Enterprise Risk Management A View. Clive Kelly CRO Zurich Insurance plc/zfs Europe (GI)

Valuation Services. Global Capabilities Delivered Locally KPMG LLP

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Scenario Analysis Principles and Practices in the Insurance Industry

ICAAP Required Capital Assessment, Quantification & Allocation. Anand Borawake, VP, Risk Management, TD Bank anand.borawake@td.com

Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm

Tapping the benefits of business analytics and optimization

Portfolio Management for Banks

Standard costing. Insights from leading companies. February 2010

Embedded Value 2014 Report

Asset Management Portfolio Solutions Disciplined Process. Customized Approach. Risk-Based Strategies.

KPMG LLP Credit Risk Management Practices 2014 Survey on Credit Bureau Reporting

MBA Program Course Descriptions and Outcomes

Deriving Value from ORSA. Board Perspective

Operational Risk Management Program Version 1.0 October 2013

Solutions for Balance Sheet Management

Risk Management. Trends for Insurance Companies. Jeffrey Lovern Genworth Financial VP, Enterprise Risk Management Global Mortgage Insurance

The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012

Risk Based Capital Guidelines; Market Risk. The Bank of New York Mellon Corporation Market Risk Disclosures. As of December 31, 2013

Debt Policy. I. Purpose of the Debt Policy

building a business case for governance, risk and compliance

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the

Excerpt from the ACGR on Enterprise Risk Management

TAX MANAGEMENT CONSULTING. How can you be more efficient at managing tax?

Beyond risk identification Evolving provider ERM programs

Valuation Assurance for Alternative Investments

ORACLE ENTERPRISE GOVERNANCE, RISK, AND COMPLIANCE MANAGER FUSION EDITION

Solvency Management in Life Insurance The company s perspective

Guiding Principles for Implementing Enterprise Risk Management (ERM)

APICS INSIGHTS AND INNOVATIONS SUPPLY CHAIN RISK CHALLENGES AND PRACTICES

diversified industrials Supply and Demand Risk Management in Turbulent Times

INVESTMENT POLICY April 2013

From ICAAP/ORSA to ERM: Board and Senior Management Oversight. Leon Bloom, Partner, Deloitte & Touche LLP lebloom@deloitte.ca

Solvency II benchmarking survey

COMMERCIAL BANK. Moody s Analytics Solutions for the Commercial Bank

Developing a Free Credit Score Program. kpmg.com

The package of measures to avoid artificial volatility and pro-cyclicality

Essentials to Building a Winning Business Case for Tax Technology

Business Plan Template

BASICS OF CREDIT VALUE ADJUSTMENTS AND IMPLICATIONS FOR THE ASSESSMENT OF HEDGE EFFECTIVENESS

Performance Food Group Company Reports First-Quarter Fiscal 2016 Earnings

Capital Adequacy: Advanced Measurement Approaches to Operational Risk

White Paper March Seven risk dashboards every bank needs

Model Risk, A company perspective Peter K. Reilly, FSA Valuation Actuary & Head of Actuarial Strategic Initiatives Aetna, Inc

ENTERPRISE RISK MANAGEMENT FOR BANKS

Enterprise Performance Management in the Pharmaceutical Industry. kpmg.co.uk

THE ROLE OF FINANCE AND ACCOUNTING IN ENTERPRISE RISK MANAGEMENT

ORSA Implementation Challenges

A Primer for Investment Trustees (a summary)

Criteria Insurance General: Summary Of Standard & Poor's Enterprise Risk Management Evaluation Process For Insurers

The task of Orava s risk management is also to support in adapting to the changes in business and risk environment.

S 2 ERC Project: A Review of Return on Investment for Cybersecurity. Author: Joe Stuntz, MBA EP 14, McDonough School of Business.

Enterprise-Wide Risk Assessment

Confident in our Future, Risk Management Policy Statement and Strategy

Reaping the Benefits of Operational Risk Management

Indonesia. kpmg.com/id. Contact us. Siddharta & Widjaja Audit Services T: + 62 (0) / F: + 62 (0) /

GE Capital Measuring success: Creating metrics that deliver the information you need

Transcription:

Placing a Value on Enterprise Risk Management ADVISORY

Placing a Value on Enterprise Risk Management 1 In turbulent economic times, the case for investing in an enterprise risk management (ERM) program seems clear. Deficiencies in risk management appear to be a leading contributor to the credit crisis, and many stakeholders from shareholders, to board of directors, to rating agencies are taking a closer look at a company s approach to risk management. But while the value of an ERM program may be hard to dispute from a good management perspective gaining improved controls, better communication, and a common risk language risk managers and other senior leaders are frequently asked to demonstrate that their efforts add quantifiable value to their companies. As business activities and capital investments come under increasing scrutiny to optimize competitiveness and enhance returns, the call to justify ERM s measurable value keeps getting louder. There are in fact answers to the common questions risk managers frequently face, such as: We already have compliance programs and conduct risk assessments, so why should we spend more on an ERM program? Would our company really make different decisions if it did have an ERM program? Good ERM programs enhance company value through reduced costs, decreased variability in financial results, enhanced market reputation, and improved business decision-making (i.e., no surprises). Going a step further, KPMG believes it s possible to quantifiably measure the value that ERM delivers. While there is no one, magic equation, some common approaches for valuing ERM programs or program components include: Assessing capital costs; Assessing total compliance program costs; Assessing hedging or insurance costs; Identifying the flip-side of risk (or the investment opportunities for each risk); Identifying avoided losses from industry or company risk events; Assessing earnings variability before and after risk mitigation. Whether a company is just beginning on a path to ERM, or taking steps to improve and enhance their risk management processes, this paper outlines approaches that can provide a possible focus to both justify the ERM program and improve program performance.

2 Placing a Value on Enterprise Risk Management Good ERM programs enhance company value through reduced costs, decreased variability in financial results, enhanced market reputation, and improved business decision-making. An Approach to Valuing ERM ERM program value is comprised of multiple factors affecting risks and returns. The graphic below shows the general relationship between ERM framework activities and risk and return elements that contribute to overall company value. By examining each of the elements in the ERM program value model below, executives can start to quantify the value of their ERM efforts. ERM Framework Improved Cash Flows Reduced Discount Rate Enhanced Value Risk Governance Reduced ERM program costs Improved Reputation Enterprise Risks Risk Assessment Risk Quantification and Aggregation Risk Monitoring and Reporting Reduced hedging and insurance costs Improved investments or avoided losses Reduced Volatility Risk and Control Optimization Reduced capital costs Improved Cashflows ERM program activities can directly or indirectly affect company cashflows. Risk activities that can improve cashflows include risk compliance and oversight alignment, hedging and insurance coordination, strategy risks and return discussions, and capital market planning. Reduced Discount Rate The rate at which cashflows are discounted by investors is directly affected by reduced earnings volatility and an improved reputation within the investment community. Enhanced Value A company s value is a function of expected cash flows discounted at a rate consistent with its overall risk profile. Please also refer to the table on page 7 for more information on KPMG s Enterprise Risk Management Approach.

Placing a Value on Enterprise Risk Management 3 Capital Costs Since investors don t have a perfect view of future company returns and the appropriate rate at which to discount these returns, many investors rely on independent services such as equity analysts and bond ratings provided by the rating agencies. These services have begun to judge not only projected risks and returns, but management s capabilities to identify and manage enterprise risks. Although the rating agencies initially focused on ERM programs at banks and insurance companies, similar assessments are now being performed for other large corporations across many industries. As rating agencies conduct their ERM analysis and develop industry benchmarks, companies that appear to be significantly deficient in their ERM practices may have their overall rating assessments lowered, which can lead to higher costs to access capital. For instance, a change in a company s bond rating from A to an A- may result in an increase in new issue interest rates from 0.2% to 0.4%. This amount may seem small, but when applied against a $100 million bond issue, it can result in $200,000 to $400,000 in additional interest expense per year. The relative impact from rating agency ERM assessments is dependent on the company s activities and current financial state. For example, an assessment can have a meaningful impact on the credit rating for an enterprise with less financial flexibility (i.e., poor liquidity ratios, restrictive debt covenants, etc.) and/or naturally subject to significant market, operational and/or credit risk. And with many companies currently facing less access to capital, any impact on a company s ability to borrow or raise cash can be critical. In addition to changes to long-term ratings, changes to short-term ratings can also change interest costs, add earnings volatility and lead to difficulties in meeting short-term liquidity needs. A simple method to estimate the cost effects from a lowered bond rating is to multiply the estimated future borrowing amounts by the change in interest rates resulting from a change in rating. For instance, a change in a company s bond rating from an A to an A- may result in an increase in new issue interest rates from 0.2% to 0.4%. This amount may seem small, but when applied against a $100 million bond issue, it can result in $200,000 to $400,000 in additional interest expense per year.

4 Placing a Value on Enterprise Risk Management ERM programs can play a vital role in identifying opportunities providing the processes, reporting and discussion venues creating greater transparency within companies. Governance/Compliance Costs It is unfortunate that many companies view ERM programs as another compliance layer similar to existing internal audit, legal, environmental and finance compliance activities. A well-run ERM program can actually reduce compliance costs by aligning and streamlining existing risk assessment, risk monitoring, risk assurance and reporting efforts to reduce redundancies and make information more useful. The first step in determining potential ERM program benefits is to inventory the various existing activities and costs. It is important to measure direct and indirect costs including labor, overhead and system costs using standard templates and methodologies. Since many risk compliance and oversight activities grow organically over time without consideration for organizational efficiencies and technology solutions, it is not uncommon to uncover redundancies and process improvement opportunities when undertaking this inventory. And because data is frequently not shared consistently across an organization, this process can uncover ways to make risk management data more usable. In addition to hard cost savings, benefits from assessing compliance program costs can include improved integration between ERM, strategic planning, insurance, compliance and internal audit activities. This exercise can also help improve executives understanding of risk assessment processes, underlying risks and risk inter-relationships, and planning assumptions. Hedging or Insurance Costs Insurance and hedging costs can be the most tangible cost elements in managing enterprise risks. ERM programs can help reduce hedging and insurance costs by more clearly identifying underlying risk exposures, existing hedging and insurance offsets, and potential redundancies and inefficiencies. The first step in identifying potential insurance and hedging savings is to understand and document the specific underlying risks that are the target for these risk mitigation activities. This typically requires input from a company s treasury, procurement or trading, insurance, risk management and marketing groups to: Identify key risks addressed by insurance or hedging activities; Estimate risk magnitude and frequency; Identify inter-relationships with other risks; Identify major assumptions used for the planning and execution of insurance coverage and hedging transactions. It is common to uncover insurance policies and hedging activities that are not good matches with underlying risk exposures. Integrating insurance and hedging activities with ERM assessment and reporting activities creates transparency, which can lead to greater management attention and real savings in hedging and insurance costs.

Placing a Value on Enterprise Risk Management 5 Investment Opportunities It is fair to say that enterprise risk management programs often focus too much on avoiding risk and not enough on managing the upside opportunities that come from uncertainty. Ideally, executive management should not seek to eliminate all risks, but to assess top risks facing the organization to enable risk-reward decision making. To change this, the first step is for an organization to determine its risk appetite, or how much risk it is willing to take in order to achieve its returns. When clearly defined and properly understood, risk appetite becomes a strong tool for enhancing business performance. It helps link business decisions to business strategy, and reduces the likelihood for surprises. ERM programs can play a vital role in identifying opportunities by creating processes, reporting and discussion venues to create greater transparency within companies. ERM programs can then track specific business opportunities that have been uncovered by risk assessment processes. Focusing on opportunities can also lead to greater ERM program buy-in from risk owners by having ERM personnel operate as risk advisors, rather than risk compliance police. Standard processes can provide risk owners with an opportunity to think through risks, see market opportunities as the flip-side of risk, and paint a more balanced picture for potential business strategies. This change in thinking, from a risk mitigation mindset into a risk opportunity mindset, may not come easy for some organizations. For example, the current focus on corporate sustainability and alternative energy can be seen as a huge risk to the earnings of major players in the energy, transportation and manufacturing industries. However, some companies see the coming changes as an opportunity to expand service offerings to customers and improve their reputation by being leaders in the

6 Placing a Value on Enterprise Risk Management ERM programs can enhance company value through decreased costs, less variability in results, improved market reputation, and risk-based decision-making. development of new sustainability standards. In this way, ERM enables organizations to make smarter, proactive, rather than reactive, decisions, which can improve a company s competitiveness. Avoiding Losses An overarching goal for many ERM programs is to create processes to reduce financial losses or reputation damage. Unfortunately, many companies do a poor job of tracking financial losses from risk events, let alone financial losses that were avoided through application of risk mitigation strategies. This makes judging ERM program performance difficult. Making this more complicated is that reputation can be difficult to value. Not only can reputation be perceived differently by various constituents, but a company s reputation is formed from many sources, including market branding, customer outreach, and proactive risk management. There are countless examples of companies that have damaged their reputation through strategy failures or ethical lapses, impacting the demand for their products or services, as well as for their stock prices. This in turn can affect gross margin, capital costs and the discount rate applied to company valuation. For most companies, a logical first step for identifying losses and avoided losses is to track company and industry peers financial losses from risk events. Standard templates can be developed to track the risk events and these can be discussed at periodic ERM meetings or in ERM reports. Periodic ERM reports for management can describe risk events and any identified root causes, potential mitigating activities, effect on reputation, hard costs or company share price. Information sources to create these reports can include company risk owners, the company insurance function for operational events, investor relations for financial events, internal audit for control failures, and news articles or industry publications for industry risk events. There are three major benefits to tracking losses and avoided losses. First, it supports the ERM program value proposition. Second, greater transparency resulting from this effort can lead to improved processes that can further reduce event-related losses. Third, tracking losses and avoided losses can lead to better risk estimates for individual and aggregate risks. Earnings Variability To demonstrate ERM program value, earnings variability can be measured before and after ERM risk mitigation activities. Estimating earnings variability is a complex task and requires skills for data management and modeling, as well as the ability to integrate planned risk mitigation activities and planning assumptions to understand earnings drivers, risks and resulting business metrics.

Placing a Value on Enterprise Risk Management 7 KPMG s Enterprise Risk Management Approach ERM can be defined as an organizational commitment to proactively govern, assess, measure, monitor, mitigate, and optimize enterprise risks. ERM is a process designed to identify potential events that may affect the organization in achieving its objectives, and managing risks within risk tolerances. There are two major steps to implementing an ERM program. The first step is to build and maintain a dynamic risk management framework that can adapt to emerging risks. The second step is to create content within the framework to effectively manage the organization s strategic business risks. KPMG s ERM framework has five elements: Governance Establishment of approach for developing, supporting and embedding the risk strategy and accountabilities Assessment Identifying, assessing, and categorizing risks across the enterprise Quantification and Aggregation Measurement, analysis, and consolidation of enterprise risks Monitoring and Reporting Reporting, monitoring, and assurance activities to provide insights into risk management strengths and weaknesses Risk Control and Optimization Using risk and control information to improve performance Organizations vary in their maturity in establishing the ERM framework elements. Most often, organizations begin by establishing governance and assessment processes and tools to meet compliance requirements. Afterwards, organizations develop periodic quantification and reporting next to integrate ERM as a management process. Lastly, ERM is used as a strategic decision-making tool to refine management strategies and risk controls. Various risk measurement techniques can be used to develop individual and aggregate risk estimates. These include: Reviewing past results (specific events or range of low to high results); Conducting stress testing (percentage change in assumption = x% change in key financial metric); Reviewing company plans using structured scenarios with a combination of assumption changes in a simulation or series of deterministic forecasts.

8 Placing a Value on Enterprise Risk Management Measuring before and after risks and returns can provide decision-makers with new and expanded information to optimize business results. The biggest challenge to achieve greater risk quantification is that it requires data. Major data management considerations include: Prioritizing data collection; Organizing risk data; Increasing methodology sophistication over time; Asking risk owners the how big? and how often? questions; Reviewing company and industry risk events. Conclusion In many ways, today s turbulent market conditions make a stronger case for investing in ERM programs companies can t afford to get it wrong. But during these times, management is also asking every area of the business to justify its costs, which has always been a challenge for ERM programs. We believe that ERM programs can enhance company value through decreased costs, less variability in results, improved market reputation, and risk-based decisionmaking. The risk data produced by mature ERM programs can be integrated with many business processes, including strategic and business planning, M&A, financial analysis, insurance and hedging decisions, and staffing decisions. To learn more on how you can measure the value of your ERM program, or to better align ERM with your business strategies, contact KPMG today.

us.kpmg.com KPMG Contacts Global ERM Lead Partner Global Risk & Compliance Services Lead Partner John Farrell 212-872-3047 johnmichaelfarrell@kpmg.com Mike Nolan 713-319-2802 mjnolan@kpmg.com ERM Regional Leaders Midatlantic Angela Hoon Principal 267-256-1970 ahoon@kpmg.com Mark Twerdok Partner 412-232-1599 mtwerdok@kpmg.com Midwest Kreg Weigand Partner 612-305-5581 kweigand@kpmg.com Northeast Deon Minnaar Partner 212-872-5634 deonminnaar@kpmg.com Southwest Kenneth Hooper Senior Manager 919-606-7740 kwhooper@kpmg.com Michael Wilson Partner 713-319-2291 michaelwilson@kpmg.com West Jim Negus Partner 213-955-8507 jtnegus@kpmg.com Jil Polniak Partner 650-404-4936 jpolniak@kpmg.com Southeast Kenneth Welch Principal 404-222-3600 kwelch@kpmg.com Special thanks to the contributors of this Whitepaper: John Farrell, Kenneth Hooper, Diane Nardin, Debbie Dacey LoPiccolo, Jennifer Hurson, Nicole Homme and Cynthia Boumann. 2009 KPMG LLP, a U.S. limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International, a Swiss cooperative. All rights reserved. Printed in the U.S.A. KPMG and the KPMG logo are registered trademarks of KPMG International, a Swiss cooperative. 22432PHL

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information