Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risk Team Structures: Formal or Informal? Getting the Risk Mgmt Job Done Under Any Model Chris Mandel, Former President, RIMS 2003 Risk Manager of the.

Published byGwen Gaines Modified over 8 years ago

Similar presentations

Presentation on theme: "Risk Team Structures: Formal or Informal? Getting the Risk Mgmt Job Done Under Any Model Chris Mandel, Former President, RIMS 2003 Risk Manager of the."— Presentation transcript:

1 Risk Team Structures: Formal or Informal? Getting the Risk Mgmt Job Done Under Any Model Chris Mandel, Former President, RIMS 2003 Risk Manager of the Year

2 What Do Many Risk Managers Do? Buy Insurance Supervise Safety Handle Claims Administer Insurance Policies Report to Management on: –Losses –Insurance marketing results –Loss Prevention Programs

3 What Do Some Risk Managers Do? Identify Hazard Related Exposures Identify and negotiate insurance product solutions to finance related risks and move them to third party insurers Hope to get the policies in less than 6 months Assess where prevention techniques are most useful and worthy of resourcing and make the business case to management for funding Aggressively attempt to minimize the payment of loss dollars for claims and litigation, especially those self insured, to minimize the cost of risk. Report to management of premium and claim dollars saved, losses prevented and the total cost of risk against a typically industry based benchmark Work with brokers and selected internal functions, to achieve all of the above

4 What 2 Things Should Risk Managers Do? Be well versed in all key aspects of core company operations, key staff functions and business strategy, that generate or have the potential to generate, the most significant exposures to the firm. Apply a comprehensive and customized risk management model to all significant or material risks, operational, financial or business/strategic and regardless of whether insurable or not.

5 The Risk Management Model Identify all significant or material risks to the enterprise Assess the magnitude of each risk to confirm materiality Measure each risk quantitatively or qualitatively to establish trackable metrics Develop and implement mitigation strategies for each risk that reduce risk values to acceptable levels and ensure that each strategy is effective Monitor and report to relevant interest parties, the information each needs to manager their aspect of the business

6 Risk Team Structures “ Risk Management structures are usually tailored to an individual company and reflect the nature, likelihood and magnitude of risk faced by the company.” * To accomplish the risk mgmt mission, certain key functions must be performed. They can be achieved by both formal and informal team structures, by either dedicated or part-time, in-house or external resources. However, the key to successful risk management execution is to form, develop and align with your strategy, the right internal and external partnerships with key risk stakeholders and risk owners. Three Primary Approaches and the Relevent Criteria to Consider: - Traditional - Progressive - Advanced

7 Traditional Approach Hazard Focused Insurance solution oriented Limited perspective on the risks of the entity Heavily dependent on intermediaries Low to medium management priority No to low governance priority Executable with dedicated, part time or outsourced resources

8 CEO Finance or Legal Sub-Depart. Head FT Risk Manager or Officer Claim Function Benefit Function Risk Financing Function Business Continuity Function Safety Function Security Function Captive Administration Traditional Risk Management Model

9 Pros and Cons First, remember that each company’s needs drive the response to this question. Pros: Narrow focus easier to execute well Well understand sources of loss; readily available solutions to finance and transfer Much available talent to manage Cons: Ignores what are likely to be the most significant risks to the firm Heavy dependence on third parties may jeopardize effectiveness

10 Progressive Approach Recognizes the need to look beyond insurable risks Recognizes process ownership Recognizes that process owners can’t be risk owners and that risk owner engagement is critical to successful risk management Higher management and governance priority attached to managing risk Less executable with heavy dependence on external sources of expertise Success depends on full time dedicated, internal expertise trusted by management and governance Recognizes the need for alignment with key risk stakeholders

11 CEO Finance or Legal FT Risk Manager or Officer Corporate Insurance Process Including Captive Risk Owners ERM Process Risk Owners Progressive Risk Management Model Business Continuity Function Claim Function Security Function Benefit Function Safety Function

12 Pros and Cons Pros: More likely to be prepared for uninsurable events More management and governance attention to risk issues Less dependency or third party services Cons: Usually in the developing stage and often difficult to sell and gain permanent traction with management Difficult to find external sources of expertise that comprehensively understand the firms exposures and how they can best be managed

13 Advanced Approach “C suite” power base with other key functional leaders Full acceptance of need for comprehensive, state-of-the-art and urgent risk management methods, tools and techniques Clear delineation between process and risk ownership Recognition of insurance as just one of many mitigation strategies Typically complete integration with strategic planning processes

14 Advanced Risk Management Model Business Continuity Function Corp Ins Function Security Function Benefit Function Safety Function

15 Advanced Approach Pros: Surfaces key risk issues quickly and effectively Evidences engagement by all key risk stakeholders and owners Minimizes the likelihood that risk values will exceed tolerances or that controls will be less than effective Cons: Expensive to implement Expertise difficult to find and keep CRO as scapegoat for all that goes wrong

16 Relevent Criteria for Selecting Your Approach Criteria: Company Risk Profile and Tolerance for Risk Company Size and dispersion Operational and Strategic Complexity Company Structure and Management Style Sources and likelihood of large or catastrophe losses Availability of Reliable, Accurate Data Governance Expectations for controls and reporting Management expectations for controls and reporting Sources and costs of expertise within or available to the firm Level of concern for control over sensitive information

17 Key Risk Stakeholders Planning Process Engineering Compliance Internal Audit RM Framework Business Unit Risk Owners Risk Managemen t

18 Keys to Cross Functional Effectiveness Clear understanding of how “risk” is defined Clear communication of risk management processes Clear articulation of risk stakeholder process roles, timelines and deliverables Regular and meaningful communication on key risk issues Processes for incenting and measuring accountability Getting the right information and data to the right people at the right time for the right reasons

19 Risk Management Best Practices Truly Business – Critical Exposures are best identified and mitigated by line. Risk aggregation is a key role for the risk management process owner. The ERM COE ensures proper tools for rigorous measurement and quantification of risks, and helps drive incentives to elevate risk mitigation. Embedding risk management in existing process. A more disciplined approach to risk communications. Risk reporting should be specific to the target audience. Source: CFO Working Council

20 Best Practices (cont’d) Use standardized templates and key future market conditions assumptions Key earnings drivers and mitigations strategies for low probability, high-impact scenarios tested for resilience Process leverages cross-functional expertise Assign owners for each critical mitigation step Updated assessments of risk and opportunities are embedded in core reporting processes Require business unit and functional leaders to defend risk mitigation performance to Board and CEO directly Balanced scorecards & incentives calculations used to evaluate and reward mitigation performance Source: CFO Working Council

21 Why Risk Mgmt Initiatives Fail Lack of CEO and executive sponsorship Poor communication culture and/or high level control environment divorced from business objectives Unclear roles/responsibilities/organizational structures Poorly defined/inconsistent risk policy Undefined risk universe and no common language Poor/inconsistent operational risk identification process Source: 2003 KPMG Operational Risk Study

22 Why Risk Mgmt Initiatives Fail No linkage of risks to the control framework Over-engineered risk measurement and evaluation Reporting templates that do not integrate with business requirements Unclear escalation channels Poor action-tracking and project management systems Poor education and communications programs Source: 2003 KPMG Operational Risk Study

Download ppt "Risk Team Structures: Formal or Informal? Getting the Risk Mgmt Job Done Under Any Model Chris Mandel, Former President, RIMS 2003 Risk Manager of the."

Similar presentations

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)
1 Open PepsiCo 2009 Ian Noble R&D Director Foods Innovation.

1 Open PepsiCo 2009 Ian Noble R&D Director Foods Innovation.
Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.

Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Organizing for Advertising and Promotion: The Role of Ad Agencies and Other Marketing Communication Organizations McGraw-Hill/Irwin.

Organizing for Advertising and Promotion: The Role of Ad Agencies and Other Marketing Communication Organizations McGraw-Hill/Irwin.
Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.

Executive Insight through Enhanced Enterprise Risk Management Leverage Value From Your Risk Management Investment.
Risk Analysis & Management. Phases Initial Risk Assessment Risk Analysis Risk Management and Mitigation.

Risk Analysis & Management. Phases Initial Risk Assessment Risk Analysis Risk Management and Mitigation.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,

2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.

6/2/20151 Enterprise Risk & Assurance Management in Zurich North America Brian Selby MA (Audit), FIIA, QiCA, MBCS, CISA.
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Program Management Overview (An Introduction)

Program Management Overview (An Introduction)
The Executive’s Guide to Strategic C H A N G E Leadership.

The Executive’s Guide to Strategic C H A N G E Leadership.
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework.

RSM McGladrey, Inc. is a member firm of RSM International – an affiliation of separate and independent legal entities. Operational Risk Management Framework.
By Saurabh Sardesai www.starvaluemodel.com October 2014.

By Saurabh Sardesai October 2014.
USING ANALYTICS What to Take Away?

USING ANALYTICS What to Take Away?
Certified Business Process Professional (CBPP®) Exam Overview

Certified Business Process Professional (CBPP®) Exam Overview
Presented by: G. Lawrence Buhl, CPA Retired Audit Partner at Ernst & Young 1 Risk Management & ERM: What Insurer Boards Need to Know.

Presented by: G. Lawrence Buhl, CPA Retired Audit Partner at Ernst & Young 1 Risk Management & ERM: What Insurer Boards Need to Know.

Similar presentations

Ads by Google