ERM Symposium, Day 2
Here we go! Opening ceremony and panel discussion.
Today the "real" conference starts. Consequently we get fancy bags and more complicated name tags. "Free" book [TITLE]. Looks like 200 people or so in the room. Presented award for a paper called "Risk Interconnectivity: Increasing Risk Intelligence at the Canadian Revenue Agency." Nothing else worth noting.
General Session I: CROs and Senior Risk Practitioners - Top-of-Mind Issues
Apparently the planned panel couldn't make it for various reasons, so these panelists are not the ones expected. Mark (?), RGA. Wayne Fisher, CAS President elect. Mike Stein, IGA.
What are the main challenges for CROs currently?
Mark: Low interest rates - historical lows. Requires a push into global markets. For multinational company, feeding the information back up to the enterprise level is another significant challenge.
Wayne: Getting organizational buy-in after identifying the risks. [KR: relates to my prior post. Need to prioritize applies within a risk function as well. What do you tackle first with limited resources?]
Mike: Less investment in the future of our profession. Mostly just trying to stay afloat. Wants to bring in new, young people. Also concerned that regulation will impede good risk management due to compliance costs.
How do you get buy-in across the organization?
Wayne: Total Risk Profile exercise with the Board, just make it a requirement. Leverage the Board, get them to ask questions "Wouldn't you like to know?" Then you can say "Oh, the Board asked for this." Use the Board to give you license to do what you need to do. You can have the Board do things like sign off on limits to give them more clout, even though it's not really important that the Board review the limits. But it makes the people throughout the organization take it more seriously.
How do you get the Board engaged?
Mark: Board engagement is critical for any organization. Tone from the top impacts risk culture; Board's voice enhances that tone. Tries to engage Board by focusing on issues most important to them. Sometimes you just need one or two Directors interested in the risk management side.
Mike: Transparency is useful; people throughout the organization should see what the Board sees.
Board responsibilities seem to be increasing. How do you educate the Board? How do you decide how much information to give them?
Mike: View Board as a collection of many individuals. They have different tastes for information. Provide summaries but also make the details available for those who are interested.
Wayne: Use subgroups on specific risk topics (not just with the Board but also managers talking to the Board).
Mark: His Board is engaged anyway. Cover things with the entire Board, then Committees dive deeper. Info should be available, answer questions, prod them to ask if they aren't asking.
Wayne: Requirements for financial exams help get Board attention.
Update on CRO Council?
Mike: CRO from companies with $6B premium, headquartered in NA can join. Website: CROcouncil.org. Published papers: "Model Risk Validation," and a paper on emerging risks. Working with European CRO Council, which has been around longer. Recent focus on establishing guiding principles. No one best way, but some guiding principles exist.
Audience question: Charles Gilbert, Nexus - disconnect between regulation/accounting and economic measurement of exposure to risk.
Mark: Accounting is backward-looking, and consequently not what we need for risk.
Audience question: John Kollar, ISO (for one more week) - what about upside risk? Has ERM made money rather than just preventing a loss?
Mike: We'd be unable to make decisions without the ERM process. It's how we weigh opportunities.
Audience question: Missed her name - cyber risk and terrorism, how is it incorporated? Similarly culture supports a lack of accountability.
Wayne: Evasion is persistent. Any time someone did something wrong, someone knew about it and chose not to raise that up. Aside from influencing the culture, you need systems in place to force the information to surface.
Mike: Open discussions about franchise value and reputation help. Compensation needs to be aligned with long-term value creation.
Mark: Accountability is important, but we don't as an industry have standardized practices that allow us to identify failures (before they blow up.) Self-interest is aligned for all these players, but we need to make sure we encourage a long-term perspective. Regarding cyber/terrorism, it's an emerging field, which ties back to earlier point about getting young people into the field.
End Panel 1.
No comments:
Post a Comment