Growth Spurts in Enterprise Risk Management
Foster, Beverly, The RMA Journal
Remember those awkward pre-teen years? Uneven growth spurts. Life seems so complicated. We wonder how it will all turn out. Our vocabulary matches our limited range of experience. But humming along in the background are excitement and discovery. Perhaps we are destined for greatness! As we age, we first revel in reaching a certain level of maturity; then we come to the conclusion that the journey never ends. Such is the case with enterprise risk management.
The results of RMA's 2006 survey on the state of enterprise risk management present a picture that's a little like a pre-teen superstar. Just about everyone acknowledges that ERM is a good thing. We all know we have further to go to be successful. But as we explore risk management, we're "trying on" different ways of addressing it, and we can't seem to get a well-coordinated look. At times, there seem to be as many differences as there are similarities. Evidence of this can be found in the responses of the 31 institutions that took part in the survey.
However, the gold ring we all want to grab--competitive advantage through enhanced shareholder value--drives us onward through those awkward years. RMA's survey provides a snapshot of where banks are, a growth chart, and a glimpse into the goals institutions have established for ERM.
Increasing complexity means risks can be harder to identify and gauge. Without the right early-warning signals and appropriate actions, losses--large losses--can occur, threatening the institution, its customers, its shareholders, and the stability of the larger financial community. Bank examiners know this, and banks know that bank examiners know this. Institutions also have learned (or are learning) that ERM offers rewards beyond keeping examiners happy and shareholders safe. An ERM program means banks can take more strategic risks without shooting themselves--and others--in the foot. In turn, that means competitive advantage and happier shareholders. No one said that growing up is easy, but it does offer its rewards.
Banks represented in this survey include regional and national/global banks, divided almost equally among four ranges of asset size--less than $25 billion, $25-75 billion, $75-150 billion, and over $150 billion. The bankers who responded are chief risk officers or other high-level risk professionals.
To date, only 31% of the respondents have an ERM board committee, and 55.2% do not have a separate ERM unit charged with managing or coordinating the management of material institutional risks. Some believe that ERM is a responsibility of a senior finance officer; some have an ERM committee but no single individual or unit charged with the responsibility; and some have given employees throughout the organization the responsibility for managing risks within their own areas. However, 51.9% say that their ERM unit goes beyond gathering and aggregating data to include specific roles, responsibilities, and authority.
Respondents reported that their ERM management committees comprise the following functions:
* Entire executive management (38.7%).
* Chief credit officer or representative (35.5%).
* Operational risk officer (32.3%).
* Audit (32.3%).
* Chief financial officer or representative (25.8%).
* Compliance (22.6%).
* Legal (22.6%).
* President/COO (16.1%).
* Business unit heads (16.1%).
Meeting periods vary and can be weekly (13%), monthly (34.8%), quarterly (30.4%), and on an ad-hoc basis (8.7%).
Where They Are
The participating institutions have moved from looking at each risk independently, to aggregating some risk types without necessarily correlating the effects of these risks, to measuring and correlating many major risk types simultaneously. Correlation means seeing how a risk in one business line can affect other business lines. …