The Effect of Corporate Governance of the Use of Enterprise Risk Management: Evidence from Canada
Kleffner, Anne E., Lee, Ryan B., McGannon, Bill, Risk Management and Insurance Review
This article examines the use of enterprise risk management (ERM) by companies in Canada, the characteristics that are associated with the use of ERM, what obstacles companies face in implementing ERM, and what role, if any, corporate governance guidelines have played in the decision to adopt ERM. We obtained our data from the responses to a mail survey sent to Canadian Risk and Insurance Management Society members as well as telephone interviews with 19 of the respondents. The results indicate that 31 percent of the sample had adopted ERM and that reasons for adopting ERM include the influence of the risk manager (61 percent), encouragement from the board of directors (51 percent), and compliance with Toronto Stock Exchange (TSE) guidelines (37 percent). The major deterrents to ERM were an organizational structure that discourages ERM and an overall resistance to change. Although only about one-third of companies indicated that they had adopted an ERM approach, evidence was clear that a larger portion of the sample was moving in that direction, as indicated by what changes they had observed in their companies in the past three years. These include the development of company-wide guidelines for risk management (45 percent), an increased awareness of nonoperational risks by operational risk management personnel and an increased awareness of operational risks by nonoperational risk management personnel (49 percent), more coordination with different areas responsible for risk management (64 percent), and more involvement and interaction in the decision making of other departments. Contrary to what we expected, there was not a significant difference between firms that are listed on the TSE versus those that are not in terms of the propensity to use ERM. However, the fact that 37 percent of firms indicated that the TSE guidelines were influential in their decision to adopt ERM provides some evidence that the guidelines are influencing companies' risk management strategies.
Publicly traded companies in Canada, the United States, and the United Kingdom began to encounter stricter corporate governance rules and guidelines during the 1990s. These changes in expectations regarding corporate governance were motivated, to a large extent, by many large corporate failures. "The corporate landscape is littered with the wreckage of companies whose directors were either asleep at the wheel or overwhelmed-from such notorious cases as Bre-X Minerals Ltd. and Livent Inc. to more recent implosions of Nortel Networks Corp. and Moore Corp" (Gray, 2001, p. 36). One key area addressed by these guidelines is risk management. For example, the Toronto Stock Exchange (TSE) guidelines advocate that boards assume responsibility for "the identification of the principal business risks of the corporation's business, ensuring the implementation of appropriate systems to manage these risks/These new standards for corporate governance have created a need for the development of comprehensive corporate governance strategies that address all risks that a firm faces.
Occurring during the same time as the evolution in corporate governance standards was a greater emphasis on the benefit to companies of engaging in enterprise risk management (ERM).1 In contrast to the traditional "silo" approach to managing risk, the ERM approach requires that a company-wide approach be taken in identifying, assessing, and managing risk. Many authors have written about the expected benefits of an ERM approach and why companies should view risk from an overall corporate perspective rather than in a more narrow, department-by-department perspective. The primary benefit of ERM stems from taking a portfolio approach to risk management. That is, just as holding a diverse portfolio of stocks reduces the volatility of returns, a corporation's offsetting risks should result in a total risk level that is lower than the sum of the individual risks. …