Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ERM > ERM Frameworks > Flashcards

ERM Frameworks Flashcards

1
Q

Components of Successful ERM Framework (7 + additional)

A
  1. Corporate Governance - Processes and Controls
  2. Line Management - Integrate risk management into business strategy (pricing)
  3. Portfolio Management - Considering Aggregate Exposures (targets, limits, optimisation in light of conc/div)
  4. Risk Transfer - Mitigate Excess Risk
  5. Risk Analytics - Measure, Analyse, Monitor, Report
  6. Data and Technology Resources - Support Analytics
  7. Shareholder Management - Communicate Risk Info

In proportion to size, nature and complexity of company, with positive RISK CULTURE.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Good Risk Culture (10)

A
  1. Encourages Consultative Leadership
  2. Participation in Decision Making on Risks
  3. Openness and knowledge sharing, good internal communication
  4. Encourages Accountability, not blame
  5. Organisational learning, not box ticking
  6. All staff involved in risk identification
  7. Risk Management Embedded in Processes of business, becoming way of life for managers
  8. Line managers should manage risk in their areas and report important risks to a central point.
  9. Board manages short list of most important risks.
  10. Framed to achieve success, not avoid criticism.

While avoiding tension between a successful growing company with “can do” culture and risk management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How to Changing Risk Culture (3)

A
  1. Incrementally
  2. Top Down
  3. With changing new recruit profiles
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Definition of Corporate Governance

A

Way board controls organisation and processes and controls to ensure organisation is run by management in the best interests of shareholders/principles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Common Themes in UK Corporate Governance Code and Dey Report in Canada

A

(Comply/Explain Approach)

  1. Composition of Board
  2. Independence of Board (1)
  3. Frequency of Meetings
  4. Terms of Appointments for Directors
  5. Skills required and performance assessment of board members (including training for new members, reference to best practice codes, external consultants)
  6. Remuneration of Directors (4) (should reflect responsibilities and risk, not overly compensated, and link remunration to RAR e.g. with company stock)
  7. Assessment of Board Performance (2)
  8. Function of subcommittees: appointments, audit, remuneration, risk
  9. Composition of Board Subcommittees
  10. Stakeholder Communication and Disclosure (3)

(1-4) are Four Key Principles for Excellence in Corporate Governance. SA also includes fairness and social responsibility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Risk Culture

A

Organisation’s shared attitudes, values, beliefs and behaviours and way of doing things, particularly in relation to risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Reporting Mechanisms Promoting Risk Culture (5)

A
  1. Mechanisms for reporting new/enhanced threats and opportunities.
  2. Suggestions for mitigation of threats
  3. Ideas for increasing opportunities.
  4. Existence of defective procedures.
  5. Failure to operate established procedures properly
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key Stake Holders in Corporate Governance (6)

A
  1. Board of Directors
    a. Risk Governance
    i. vision, strategy, culture of organisation
    ii. Establish framework for measuring, managing, monitoring, reporting
    iii. Reviewing outcomes and lessons learned from RM process to achieve goal (annual self-assessment towards ERM)
    b. Setting up ERM Policies
    i. Defining Risk appetite
    ii. Establishing required skills and implementing
    training programs for ERM
    iii. Guiding decisions on approach to ERM and roles and responsibilites
    iv. Approving internal controls and ERM policies and ensuring up to standards (int and ext/regulatory)
    c. Determining Risk Compensation (align management incentives)
  2. Chief Risk Officer (implementing board’s strategy)
  3. Risk Subcommittee (verify compliance with, and challenge risk policies)
  4. Audit Subcommitee (integrity of financial statements, oversight of assurance functions, link with external auditor)
  5. Managers (identification/management of risks in area, lead by example, integrating risk information and process into decision making, implementing policies)
  6. All Employees (identifying new, altered risks, adhering to codes of conduct, honesty and fair dealing, with clear responsibilities)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Aims of Corporate Governance Internal Controls referred to in Corporate Governance Codes of Conduct (5)

A
  1. Ensure Adequate Record Keeping
  2. Preventing Fraud and Safe Guarding Company’s assets
  3. Guaranteeing accuracy of financial statements.
  4. Responding Appropriately to Risk
  5. Ensuring compliance with law and supervisory guidance.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

UK - Cadbury Code of Best Practice (1993) to improve confidence in financial reports

A
  1. Full Board Meetings at Regular Intervals
  2. Board aware of significant activities (e.g. aquisitions, capital projects)
  3. NED should have key responsibilities for certain control/monitoring functions
  4. Shareholders should approve director’s service contracts exceeding 3 years
  5. Director’s remuneration should be reviewed by committee of NED (at least majority)
  6. Company reports should be balanced and understandable
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

UK Corporate Governance Code (2), 1994 Dey Report Canada

+ Companies Act

A
  1. Applies to all UK listed companies
  2. Compliance voluntary, non-compliance disclosed and explained (to market) - depending on size, complexity, industry

Dey Report - also comply or explain approach.

Companies Act
Directors must act in accordance with company’s articles of association and act in long term best interests of company, and avoid/declare conflicts of interest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SEC, Sarbanes Oxley and Dodd-Frank Act Rules

A
  1. SEC - Disclosure of board structure, compensation, and role in risk management.
  2. Sarbanes Oxley - Independent board audit committees and financial expert
  3. Dodd-Frank Act - Board risk sub committee with risk management expert
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Walker Review 2009 UK (5)

A
  1. Continue comply or explain
  2. More challenge in board discussions with greater NED time commitment
  3. Increased risk oversight and engagement from board, particularly in regards to risk appetite decisions (recommends new sub-committee with CRO - enterprise wide authority and independence)
  4. Increased engagement between fund managers and their board of investees
  5. Board remuneration sub-committee also cover senior management, with public disclosure on banded basis, in line with medium to long term risk appetite/strategy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Risk Sub-committee Charter (6)

A
  1. Purpose (overseeing and challenging management’s treatment of key risks, setting policy, gathering required information)
  2. Responsibilities (Ensuring suitable ERM, ensuring compliance with supervisory requirements, assessing risk management and ensuring objectives met, reporting risk to the board, understanding developments in RM)
  3. Membership (knowledge of organisation and expertise, yet objective, split between independent and non-independent directors)
  4. Frequency of Meetings
  5. Criteria for Performance Assessment
  6. Availability of/Access to Resources (incl departments and external consultants)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Audit Sub-committee (1a-c,2)

A
  1. Give Auditors direct access to NED, ensuring remain independent and emphasising importance of audit to rest of business.
    Roles
    a) Monitoring integrity of financial statements
    b) Monitoring and Review: Assurance functions (financial control, RM, internal audit)
    c) Recommending, monitoring and reviewing external auditor
  2. NED best practice, or even independence of sub-committee.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Risk Frameworks (7)

A
  1. RAMP (Risk Analysis and Management of Projects)
  2. COSO ERM Integrated Framework
  3. IRM/AIRMIC/Alarm Risk Management Standard
  4. Treasurey Board of Canada Risk Management Framework
  5. AS/NZS 4360
  6. ISO 31000
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

S+P Risk Analysis (3 Groups)

and

How is weighting given to risk component

A
  1. Sovereign Risk (taxation, currency)
  2. Business Risk (industry prospects, diversification, economies of scale, competitive strength, operational risk, management qualities)
  3. Financial Risk (profit, cashflow, capital structure, flexibility)

Weighting depends on complexity of risks and availability of capital.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Areas of ERM assessment S+P

A
  1. Risk Management Culture
    a) communicaiton, documentation and of past errors, consistency accross business, incentives, governance structure, risk tolerance statements, capabilities of individual risk managers.
  2. Risk Control
    a) risk identification process, monitoring process, limits for retained risks, adherence and consequences, execution of RM process
  3. Extreme Event Management
    a) Consideration of rare events, adopts appropriate course to measure potential impact and prepare. Stress/Scenario testing and early warning indicators.
  4. Risk Models and Capital Models
    a) inputs, assumptions, formulae, consistency across business, modifications for appropriateness.
  5. Strategic Risk Management
    a) clear decision making with regards to retained risks (and if should avoid/diversify), b) clear strategy for investing assets owned with broad allocation, ,c) pricing products reflects risk/return payoff, d) appropriate allocation of capital, e) appropriate dividend policy, discuss how it was determined with risk-adjusted return on retained capital, f) good risk adjusted returns rewarded
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Strengths of S+P

A
  1. Encourages Good ERM practicies
  2. Focus on RAROC
  3. Consider performance in light of risk
  4. Useful breakdown into components of ERM analysis, which can be helpful for own organisations’ process implementation
  5. Encourage greater transparancy of ERM practices
  6. Intro of classification system should make outcomes of rating agency analysis easier to communicate.
  7. Same criteria applied to all insurance companies, but also tailored to each one
  8. High rating may help organisations attract and retain sophisticated customers.
20
Q

Independent vs NED

A

Independent - No ties (e.g. not former executive, not significant shareholder etc.)

21
Q

Companies with Supportive Risk Culture (11)

A
  1. Develop employee behaviour w.r.t. risk and support with training (e.g. on upside and downside)
  2. Proactive Risk Response Requirements in Job descriptions
  3. Risk management objectives in employee performance assessment process
  4. Incentives to risk management objectives with clear targets/measures
  5. Risk management responsibilities clearly defined and made known
  6. Risk escalation process
  7. Environment of openness, where issues can be raised and heard.
  8. Avoid blame culture
  9. Set tone from top
  10. Praise good behaviours reporting successes
  11. Evaluate Risk Culture (e.g. surveys)
22
Q

Prudential Supervision Steps (5)

A
  1. Oversight
  2. Licensing
  3. Requirement to maintain minimum standards
  4. Procedures for monitoring compliance
  5. Procedures to take action against failure to comply
23
Q

Examples of Multiple Regulatory Regimes for an Enterprise

A
  1. International business
  2. Subsidiaries in different sectors
  3. Subsidiaries same sector different areas (banking/insurance)
  4. Same sector, different regulatory requirements
  5. Different lifecycle stage
24
Q

Features of COSO (5)

A
  1. Risk represents opportunity as well as potential downside
  2. ERM is parallel and iterative process
  3. Everyone has role in risk management at all levels
  4. Any risk management process is imperfect
  5. Implementation of risk management must balance cost with potential benefits
25
Q

Describe COSO Cube

A
  1. ERM components/processes
    1) Internal Environment
    2) Objective Setting
    3) Risk Assessment
    4) Risk Responses
    5) Control Activities
    6) Information and Communication
    7) Monitoring
  2. Business Objective
    1) Strategic
    2) Operational
    3) Reporting
    4) Compliance
  3. Business level of application
    1) Entity
    2) Division
    2) Business Unit
    3) Subsidiary
26
Q

Swiss Solvency Test

A

2011 Risk based regulatory capital regime in Switzerland.

Market consistent approach, similar to Solvency II Pillar 1 Requirements, but with 99% TVaR requirement rather than 99.5 VaR.

27
Q

Sarbanes-Oxley Features 5

A

Resulted from collapse of Enron and WorldCom, issues in accounting reports were uncovered.

To improve reliability of corporate disclosure.

  1. Formation of PAOB (public accounting oversight board) to inspect published accounts of quoted firms and prosecute those in breach of regulation.
  2. Increased accountability of CEOs and CFOs - required to certify financial statements do not contain untrue facts, personally responsible for disclosures in financial reports.
  3. Each published report must contain ICR (internal control report), commits management to maintain proper internal controls and review their effectiveness
  4. Requirement for external auditors to report on assessments by management.
  5. Illegal for management to interfere with audit process
  6. Illegal to destroy records or documents with intent to influence investigation.
28
Q

Key Themes RM and GRC after SOX (5)

A
  1. Are controls identified and documented
  2. Consistent across business?
  3. Address critical factors
  4. Include Risk Management
  5. Testing procedures required before signing ICR
29
Q

Similarities and Differences Basal and Solvency II

A

+ Both three pillars
+ Risk based frameworks (Solvency I volume) including embeded options, guarantees
+ Suitable for multinational firms
+ Consistent for enterprises with banking and insurance arms

But Basal assumes market participants are dependent on one another, significant contagion risk in banking sector. Basal more prescriptive, Solvency - principles.

30
Q

Aims of Solvency II

A
  1. Introduce economic risk based solvency requirements accross all EU member states
  2. More comprehensive requirements than in past, taking into account asset and liability side
  3. Hold capital against market, credit, operational and underwriting risk
  4. Emphasis capital is not the only way to militate risk
  5. More prospective focus
  6. Streamlined approach aims to recognise economic reality of how groups operate.
31
Q

Pillars of Solvency II

A
  1. Quantitative (SCR (regulatory action) and MCR (authorisation) for underwriting, credit, market, operational, liquidity and event risk.
  2. Qualitative - including ORSA, and ability to meet SCR and MCR in future
    ORSA (Own Risk and Solvency Assessment) Purpose:
    - Adequacy of risk management
    - Current, and likely future, solvency position.
    Requires:
    - Identifying risks
    - Identify risk management processes and controls in place
    - Quantify ongoing ability to continue to meet MCR and SCR
    - Analyse quantitative and qualitative elements of bus strategy
    - Identify relationship between RM and level and quality of financial resources available and needed.
    (Included in International Association of Insurance Supervisors standards, as a tool for both improving business and enhanced regulatory assessment and stress testing)
  3. Disclosure and Reporting
32
Q

Describe Basel and Three Pillars

A

By Basel Committee on Banking Supervision under auspices of BIS.

  1. MCR (credit, market, operational)
  2. Supervisory Review of Internal risk management processes (internal systems, processes, limits, capital, liqudity and concentration risks)
  3. Disclosure (facilitate market discipline)
33
Q

Aim of Basel I, II and III

A

I - Credit, later Market Risk
II - Superceed I (Operational)
Criticisms:
a) Too much emphasis on single aggregate number
b) Operational risk hard to quantify
c) Liquidity hardly considered
d) More complex, but not more reliable
e) Cost of implementation of internal model
f) Risk-herding
g) Undervalue mark-to market
h) Spurious confidence in CDOs
i) Mark to market Pro-cyclicality
j) Overconfident
III - After GFC, liquidity risk, systematic and counterparty
a) Strengthens capital requirements, limiting cross-holding in other financial institutions and associated assets (limiting systemic risk)
b) Conservation buffer
c) Changes in min Tier 1/2 ratios
d) Flexibility during financial crisis

34
Q

RAMP vs AS/NZS 4360 (2)

A

RAMP also has:

  1. Project launch and close down analysis
  2. Go/No Decision Step
35
Q

7 Elements of AS/NZS 4360

4 Uniques

A 
1.  Establish context (SWOT)
2-4.  Identify, analyse, evaluate risk
5.  Treat Risk
6.  Monitor and Review
7.  Communicate and Consult
  1. Detail on risk analysis for non-financial organisations (operational risk for financial)
  2. RM process to be formulated into RM plan
  3. Importance of senior management buy-in
  4. Need for adequate resources to RM
36
Q

IRM/AIRMIC/Alarm Standard

A

Similar to COSO providng methodological approach to RM, structured approach to reporting, and focus on risk management champion.

  1. In-house approach to RM preferred.
  2. Internal Audit importance for control
  3. Clarity over roles of stakeholders
  4. Highly structured approach to risk reporting
37
Q

ISO 31000

A
  1. Emphasis on possibility of an effect rather than event
  2. Focus on effects on objectives
  3. Dynamic RM - continuous cycle
38
Q

Elements Treasury Board of Canada (Integrated RMF 2001) 4

A
  1. Developing Corporate Risk Profile (environmental scanning to review int and ext risk factors, assessed current status of RM, and profile)
  2. Establishing Integrated Risk Management Function (Management direction understood and applied, implemented through existing decision making and reporting structures)
  3. Practising Integrated Risk Management (all levels, integrated into decision making, consultation and communication stakeholders)
  4. Ensuring Continuous risk Management Learning (lessons, shared, analysis for continual improvement, experience and best practices shared internally and across government)
39
Q

UK Government Management of Risk Principles and Concepts

A
  1. Importance of horizon scanning
  2. Importance of RM activities relating to wider environment.
  3. Importance of linking risks to objectives
  4. Distinction between risk and its impact
  5. Inherent vs Residual distinction
  6. Prioritisation of Risks more important than Quantification
  7. Risk appetite divided into corporate, delegated and project
  8. Dedicated Risk Committee Recommended.
40
Q

List Four Categories of Supervisors excluding Govt, examples and function

A
  1. Professional Bodies (IFOA)
    a) Training/Qualification
    b) CPD
    c) Discipline
  2. Professional Regulators
    (Chartered Financial Analyst Institute, Financial Reporting Council)
    a) Standards
    b) Monitoring Adherence
    c) Disciplining
  3. Industry Bodies (BBA, ICA)
    a) Lobbying
    b) Promotion
  4. Industry Regulators (APRA, PRA, FCA, LSE)
    a) Public Interest
41
Q

Functional Vs Unified Regulation. Advantage of Unified 6

A

Functional: Separate authorities for activities
Unified: Single regulator covers broad range.

  1. Easier to Regulate
  2. Consistent across activity
  3. Decreased regulatory arbitrage incentive
  4. Economies of Scale
  5. Sharing ideas between staff
  6. Improved accountability (less buck passing)
42
Q

Regulators Look at…

A
  1. Nature of Business
  2. Governance Arrangements
  3. Financial Reports
  4. Risk Management STrategies and Processes
43
Q

Why Proactive Regulator Engagement

A
  1. Key component of ERM
  2. Reduce level of risk placed on insurer, reducing supervisory burden through risk-based reg
  3. Greater opp to benefit
44
Q

Engage with Regulator

A
  1. Link insurer’s regulatory strat with corporate
  2. Implement transparant and comprehensive regulatory strategy and communicate to regulator
  3. Ensure principles of regulatory strategy are understood, accepted and adopted
  4. Ensure feedback focuses on important issues and is unbiased and practical
  5. Adopt best practice early
  6. Proactive
  7. Communicate openly and regularly
45
Q

FCA/PRA/LSE

A

FCA - Financial Conduct Authority (financial services industry)
- Stable industry and promote competition
- Includes UK listing Authority (UKLA)
a) Ensures listed companies comply with certain standards in listing rules
b) Requires listed companies comply with disclosure rules
c) Comply with Corporate Governance code or explain
d) Power to suspend trading/delist
PRA - Prudential Regulation Authority (part of bank of England, prudential regulation and supervision of banks, builidng societies, credit unions, insurers, investment firms)
- Standards and supervises financial institutions at individual firm level

LSE (London Stock Exchange)

  • Main Market and ALternative Investment Market
  • Regulated by Office of Fair Trading, EU market standards set out in Investment Services Directive.
46
Q

Senior Insurance Managers Regime

A

SIMR 2016 - Individuals who run insurance companies have clearly defined responsibilities, and behave with integrity, honesty and skill.

  1. Development of Governance map giving details of:
    a) Company and Corporate Governance Structures
    b) Identified key functions (including RM functin), key function holders (accountablity), key function performers
    c) All individuals included within regime, responsibilities and reporting line
    d) Rationale applied in identifying individuals and allocating responsibilities
  2. Requirement to carry out assessment of fitness and propriety of senior insurance managers and directors based on their responsibilities as allocated through the governance map. (CRO, Chair Rcommittee)
47
Q

Weaknesses of S+P Document

A
  1. Limited to insurance and reinsurance companies
  2. Document overly optimistic (marketing literature)
  3. Limited description of actual procedures, or details of how investigations carried out, or what is measured.
  4. No explicit agency risk mention
  5. Reference to “complicated and powerful simulation models” is highly subjective and can cause problems itself.
  6. RM was already covered by SP when rating companies. Unclear formalised approach had significant impact on views of insurance/reinsurance companies.
  7. Reliance should not be placed solely on opinion of rating agencies. Company may have better understanding.

ERM (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions