This article presents a conceptual framework for operationalizing strategic enterprise risk management (ERM) in a general firm. We employ a risk-constrained optimization approach to study the capital allocation decisions under ERM. Given the decision maker's risk appetite, the problem of holistically managing enterprise-wide hazard, financial, operational, and real project risks is treated by maximizing the expected total return on capital, while trading off risks simultaneously in Value-at-Risk type of constraints. This approach explicitly quantifies the concepts of risk appetite and risk prioritization in light of the firm's default and financial distress avoidance reflected in its target credit rating. Our framework also allows the firm to consider a multiperiod planning horizon so that changing business environments can be accounted for. We illustrate the implementation of the framework through a numerical example. As an initial conceptual advancement, our formulation is capable of facilitating more general ERM modeling within a consistent strategic framework, where idiosyncratic variations of firms and different modeling assumptions can be accommodated. Managerial implications are also discussed.
MOTIVATION FOR THE RESEARCH
Enterprise risk management (ERM), considered a breakthrough idea by the Harvard Business Review (Buchanan, 2004), emphasizes that all risks should be treated holistically from an enterprise-wide perspective (as opposed to individually in "silos"). This concept has been widely embraced by industry, regulatory forces (e.g., Sarbanes Oxley Act of 2002, Basel Capital Accord II), rating agencies (e.g., Standard & Poor's, 2005, 2006a, 2008) and the academic literature (cf. Ai and Brockett, 2008). Yet, the implementation of this goal is illusive.
This article offers a mathematical approach to operationalizing the integration of ERM within the firm to achieve its holistic strategic goals across time periods. The overall purpose of this article is to provide both a conceptual framework and mathematical tools to make the implementation of ERM more concrete. There are significant challenges to the implementation of ERM (Gate, 2006) as risk considerations have yet to be fully integrated into business decision making (Deloitte, 2008). We attempt to provide an approach to overcoming some of these challenges.
In order to do this, we first have to adopt a perspective on what ERM is as it is still an emerging and evolving concept. The prevailing formulation of ERM that we adopt as our perspective was offered by COSO (2004). (1) This formulation includes the crucial concept of risk appetite: risk appetite is a corporation's willingness and ability to undertake risks to achieve its strategic objectives that governs business decision making. It also recognizes interrelations between risks and the prioritization of risks (i.e., rank order of risk types according to importance), which is critical to holistic integration, a goal of our mathematical approach. This holistic integration is an important characteristic of the stated end-goal for ERM: to gain competitive advantage and create value (Economic Intelligence Unit, 2007).
ERM DECISION FRAMEWORK
We present our ERM framework in a general setting to incorporate fundamental aspects of ERM. For simplicity, we consider a two-stage dynamic risk/return optimization problem with a two-period planning horizon, wherein the firm plans for the entire horizon (i.e., both periods) in stage 1 and can later change period 2 decisions upon receiving new information in stage 2. (2) This dynamic formulation allows the firm to adapt to changing internal and external environments, which is one of the key drivers for ERM development (Protiviti, 2007). The proposed ERM framework allows for managerial inputs (e.g., risk appetite, risk limits, and risk prioritization) at the onset.
Under our framework, the firm's strategic goals are encompassed within an objective function, and risk concerns are controlled in impact and likelihood by using constraints. …