B1: Corporate Governance and Financial Risk Management Flashcards
What are the 5 principals of Control Environment?
EBOCA
EBOCA
- Committment to ethical values and integrity
- Board independence and oversight
- Organizational structure
- Comittment to competence
- Accountability
What is this component of COSO internal control framework?
- Specify objectives (financial reporting objectives, risks, fraud risks)
- Identify and analyze risks
- Consider the potential for fraud
- Identify and assess change
- What are the 4 principles of Risk Assessment?
SAFR
- Identification and Analysis of risk to achieve objectives
- Financial misstatements, efficiency, law abiding
What are the 3 principles of Information and Communication? OIE
- Obtain and use information
- Internally communicate information
- Communicate with external parties
What are the 2 principles of Monitoring Activities? SOD
- Ongoing / Separate evaluations
- Communication of deficiencies
What are the 3 principles of (Existing) Control Activities? CATP
- Select and develop control activities
- Select and develop technology controls
- Deploy through policies and procedures
What are the principles of Governance and Culture in ERM framework?
Tone at the top, core values
D- Defines desired culture (How conservative or aggressive you want to be)
O - Oversight exercised by Board (Board expected to have skills , experience and knowledge)
V - Values (core) that demonstrate commitment (adopt a code of conduct)
E - Employees- attract, develop, retain (Human Resources)
S - Structure of operation (Operating Structure) established (day to day operations)
What are the principles of Objective-setting and Strategy in ERM framework?
- Mission, vision , definition of risk appetite
S- Strategy (alternative) Evaluation (what direction- i.e. more equity/less debt?)
O- Objective formation (must be realistic to given risk assumed)
A- Analyze business context (external and internal considerations)
R- Risk Appetite defined (is it suitable for business? Qualitative and Quantitative)
What are the principles of Performance in ERM framework?
- Identify, evaluate and respond to risk
V- View from parent level, which is entity-wide (portfolio view)
A- Assess severity of Risk (help to prioritize risk across divisions, lines)
P- Prioritize Risk
I- Identify Risk events (new risks are always popping up, must adapt)
R- Respond to risk by implementing using ARTS
What are the principles of Review and Revision in ERM framework?
- Assess substantial changes, pursue improvements
S- Substantial change assessment (Internal- Change in officers, External- substitute product)
I- Improvement in ERM (chance to revisit and improve the ERM)
R- Review Risk and Performance (evaluate if measures helped. i.e.- was hedge effective?)
What are the principles of Ongoing Information, Communication and Reporting in ERM framework?
- OIE (internal and external), FACT, IT, Risk Info, Performance
T- Leverages Information and Tech (Data management, database files)
I- Information communication on risk (communicated via MD&A)
P- Performance, culture and risk reporting (reported via MD&A)
What are the ways to respond to risk? ARTS
- A- Avoid (High Frequency, High Impact)
- Leave line of business, relocate
- R- Reduce (High Frequency, Low Impact)
- Security Alarms, Hedges, Diversify
- T- Transfer (Low Frequency, High Impact)
- Share, Insurance
- S- Self Insure (Low Frequency, Low Impact)
- Accept
What are the Components of Enterprise Risk Management? ERM
G- Governance and Culture
- tone at the top, core values, EBOCA
O- Objective-setting and Strategy - Mission
- Mission, vision , definition of risk appetite
P- Performance
- Identify, evaluate and respond to risk
R- Review and Revision
- Assess substantial changes, pursue improvements
O- Ongoing Information, Communication and Reporting
- OIE (internal and external), FACT, IT, Risk Info, Performance
What are the different assessed risk levels ?
- Inherent risks - risk to the entity without any action taken
- Target residual risk - amount of risk the entity would prefer to assume based on risk appetite
- Actual residual risk - remaining risk after management has taken action
Formula: Residual Risk = Inherent Risk - Impact of Management Decisions
What are the different types of risk?
Categories : Diversifiable (firm specific) and non diversifiable (market/systematic)
- Interest rate (yield) - exposure to loss as a result of change in interest rate
- Credit risk - borrowers risk of inability to secure debt financing
- Default (financial) risk - lenders risk that debtors may not repay principal or interest when due
- Liquidity - investors have a desire to sell, but cannot do so timely or without price concessions (think real estate)
- Price risk - exposure investor has t oa decline in value of a portfolio or individual securities
- Business risk - risk associated with unique circumstances of a particular company
What are the criminal penalties for altering documents with the intent to mess with an investigation?
Title VIII of SOX
Fined and/or imprisoned for 20 years.
Auditors can be fined or imprisoned for 10 years for not retaining workpapers for 7 years.
What is the differnce between a put and call option?
Put - Sell a specific security at fixed conditions of price and time
Use when you have a receivable
PUT your asset on the market so you can SELL when the time is right
Call - Buy a specific security at fixed condtions of price and time
Use when you have a payable
They will CALL you up when it is time time to BUY
How do you calculate the Required Rate of Return?
Rate which the banks require to receive to lend funds
Step 1 : Nominal RF = Real RF + Inflation Premium
Step 2 : Nominal RF + RP = Required Return
RF = Risk Free, RP = Risk Premium
Types of RP:
- Maturity Risk Premium
- Inflation Premium
- Liquidity Risk Premium
- Default Risk Premium
What is difference between risk averse and risk seeking ?
Risk averse - EXPECT a higher return if they are going to engage in risk
Risk seeking - willing to take a lower return for risky investments (exception to the rule)
What are strategies to mitigate against interest rate risk?
Forward rate agreements - lock in a specified interest rate for a future time
Interest rate swaps - exchange fixed rate for floating or vice versa
If investor believes rates will go up, receive variable, pay fixed
IR Risk - risk that interest rates go up , so value of your investment does down
What are the interrelationships of ERM?
- Governance and Culture - Misson & Core Values
- Strategy and Objective Setting- Strategy Development
- Performance -Business Objective Formulation
- Review and Revision -Implementation and Performance
- Information, Communication & Writing - Enhanced Value
What are the different risk responses?
(Part of ERM model, under Performance)
Whare are the economic exposure to exchange rate risk?
If FC goes down, and you were expecting money, you lose value
If the FC goes up and you need to pay money, you lose value
What are the different risk exposure categories for exchange rates?
-
Transaction Exposure- org can suffer economic loss or gain when settling a transaction as a result in changes in the exchange rate
- AR / AP Gain or Loss
-
Economic Exposure- potential of the PV of cash flows to increase or decrease as a result in FX
- Present Value and Cash Flow
-
Translation Exposure- Has to do with foreign subsidiaries. Financial impact you feel when you translate your Canadian revenue into USD
- Intercompany
What is a principles based approach that can be applied accross global markets and provides greater risk and performance transparency?
The Enterprise Risk Management framework.
Integrating with Strategy and Performance Framework.
What is corporate governance?
Corporate governance is the framework of rules and practices which ensures accountability, fairness, and appropriate disclosure in a corporation’s relationship with all its stakeholders. This framework consists of explicit and implicit contracts with owners, creditors, customers, employees, government, and the community.
Under internal control, when do you prioritize findings and risks?
- Monitoring - Prioritize findings
- Findings arise as monitoring occurs. Prioritize findngs to address most critical issues
- Risk Assessment - prioritize risks
