An enterprise risk management (ERM) program is more than a collection of organizational functions. ERM integrates all risk efforts under one set of common definitions, process framework, and system solutions. Join a banking/security leader to hear how she developed and grew her institution's ERM program, including how to:
Determine your organization's risk appetite;
Initiate an ERM program;
Monitor on an ongoing basis your alignment of strategy, risks, controls, compliance, incentives and people
Enterprise risk management is not just a function of an organization. It's a culture that can be developed and enhanced. Each leader already plays a risk management role for its organization. ERM is the organization's umbrella effort of risk management, and it is three dimensional because it:
Integrates all risk efforts under one set of common definitions, process framework, and system solutions;
Brings together the different types of risks, the time spectrum and the organization's decision frame;
Is a continuous process and evolves and matures with the organization.
A common set of definitions, process framework and system solutions allows the ERM team to bring all risk management efforts together to: (1) set the appropriate risk tolerance levels for the organization and each functions (2) bring transparency on risk management efforts and resource allocations (3) create synergy in risk management efforts and renders more effectiveness.
Each function will identify and treat risks associated with its functional orientation. There is a benefit in synchronizing the risk types, with its time character and the organization's decision frame to provide a more holistic and integrated coverage.
And finally, risk management is a process, not a project. Thus, should be customized to your organization's culture and risk appetite. Just like any process, it needs to continuously refine and revaluate its approaches, seek feedback, be supported by a common system solution, and celebrate successes along its journey.
A GRC program is designed to support a holistic view of governance, risk, compliance and business strategy execution to minimize redundancy while anticipating future circumstances and heading off any conflicts to meeting goals. GRC programs promote the timely, consistent and accurate capture and maintenance of all material issues, arising during the course of business, in an auditable system of record. GRC, like ERM, is three dimensional, and is comprised of:
Performance management, which addresses reliable achievement of objectives through effective management of business processes that are visibly and objectively measured
Risk management, which addresses managing the uncertainty associated with the pursuit of objectives
Compliance, which addresses voluntary promises that must be kept and laws and regulations that must be obeyed as objective are pursued
Together, ERM and GRC promote transparency, contingency, and risk appetite aspects of the corporate planning and strategy process by:
Addressing considerations that fall beyond the boundaries of business/economic scenarios;
Substantiating, or eliminating, any contingencies;
Helping to accurately shape objectives to ensure the Board-directed risk return trade-offs are reflected.
An author, inventor and former Chief Risk Officer, Clark is currently on the board of Social Compact and a committee member on OCEG's Leadership Council. With a career spanning nearly four decades, he is a passionate proponent of the fusion of analytics and judgment for better business decisions. Along with co-author Mingyuan Zhang, Clark has written two books, plus a chapter in a third, that re-think credit risk management and granting access to credit.
CFO, Alliant CU
Leung has more than 20 years experience in leading finance organizations to deliver superior financial results and cultivate high performing teams for Fortune 500 companies such as PepsiCo and Sears. She launched the enterprise risk management program at Alliant Credit Union 4 years ago and has gained industry wide recognition for her work. She was a speaker at World Council Credit Union Conference in 2009 in Barcelona, Spain and the SAS Premier Business Leadership Series in 2009. She is also on the Boards of Director for BrightLeaf Financial Network and a volunteer with Operations Hope.