Enterprise Risk Management: Artie Ng Traces the Steady Globalisation of Enterprise Risk Management and Considers Its Main Implications for Companies in East Asia
Ng, Artie, Financial Management (UK)
The private sector is becoming increasingly aware of the need to implement enterprise risk management (ERM). A recent global survey by the International Federation of Accountants (IFAC) among its member bodies revealed that about half of the respondents believed that adopting good practice in internal control and risk management would be very important in the coming year (1). Another survey of senior managers suggested that ERM development in more than half of companies was led by the board (2). This reinforces the message that ERM implementation is attracting significant attention around the world and that more resources are likely to be allocated to it in the near future.
But, while efforts to converge international accounting standards to eliminate differences among the international capital markets have gained momentum, efforts to implement ERM remain at an early stage. We continue to suffer from incidents triggered by unanticipated risks at large companies--from the collapses of Enron and WorldCom to the more recent failure of a number of banks to manage the risks concerning subprime loans in the US.
The sub-prime crisis is likely to make stakeholders increasingly stringent about measures of internal control and the effective use of ERM It has also raised concerns about the efficacy of credit ratings agencies. Stakeholders are troubled by the failure of the credit rating mechanism to provide timely signals about the underlying risks of companies' financial assets.
In a recent development, credit ratings agencies have integrated ERM as an element of their overall analysis of corporate creditworthiness. At the end of last year Standard & Poor's (S&P) issued its timely publication Request for Comment: Enterprise Risk Management Analysis for Credit Ratings of Nonfinancial Companies (http://snipurl.com/24h1h). This suggested that the company intended to incorporate ERM capability as a key criterion in its approach to reviewing the crediting ratings of companies, which would also be revealed in their reports.
Other credit ratings agencies are also showing more interest in ERM. Fitch Ratings has disclosed that it considered various aspects of ERM when rating insurers and financial institutions in 2006. Both Moody's Investors Service and S&P say that they examine the risk management processes of financial institutions and insurers. But these agencies have only recently formalised the evaluation of such processes in a more structured context--the Coso framework--which has become more widely accepted among accounting and finance communities and regulators.
Noting that it expects this increased emphasis on ERM to continue, Moody's has stated that it is now including risk management capabilities in all of its credit ratings. Meanwhile, S&P has incorporated a review of ERM for public utility companies. This suggests that companies in financial and non-financial sectors--private and public organisations alike--are likely to become subject to this kind of review. It also implies that a company's debt ratings could be adversely affected if these assessments find significant issues and/or deficiencies in its risk management capabilities.
East Asia catches up
If the concept and application of ERM is still young in the US, it's in its infancy in most other parts of the world. The increasing convergence of accounting standards ought to be complemented with improved internal controls to ensure that the newly reported financial statements are reliable. The globalisation of capital markets would create an even stronger need to improve companies' risk management capabilities.
The globalisation movement has already led to more requirements for internal control among regulators around the world. Japan, for example, has launched "J-Sox"--its own version of the US Sarbanes-Oxley Act 2002. This embraces Coso while increasing awareness of the importance of ERM. …