Module 4: How to do ERM - internal risk frameworks Flashcards

1
Q

Define corporate governance

A

The way the Board CONTROLS the organisation, and the processes it establishes so that it is run by the management in the best interests of the shareholders. Good corporate governance is essential to establishing an effective ERM framework.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

3 Main responsibilities of the Board with regard to risk management

A
  • Risk Governance - Setting ERM Policies - Determining Risk Compensation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Outline the responsibilities of line managers with regard to risk management

A

Responsible to IMPLEMENT the ERM policies agreed by the Board. This involves … setting up suitable risk management processes and … integrating the risk information collected into business decisions. It is essential that line managers understand the risks that they are taking, and are aware of the extent of their risk-taking powers, eg when they can automatically take on a risk, and when they must seek agreement from a more senior decision-maker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

7 Major structural components required for a company to apply ERM to its operations and decision making

A
  1. CORPORATE GOVERNANCE - to establish organisational processes and controls 2. LINE MANAGEMENT - to integrate risk management into business processes 3. PORTFOLIO MANAGEMENT - to aggregate risk exposures and identify diversification effects and concentrations of risk 4. RISK TRANSFER - to mitigate excessive risk exposures cost-effectively 5. RISK ANALYTICS - to measure, analyse and report on risks. 6. DATA AND TECHNOLOGY RESOURCES - to support the analytics and reporting 7. STAKEHOLDER MANAGEMENT - to communicate and report on risk.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List the main AIMS OF INTERNAL CONTROLS to which corporate governance codes of conduct refer

A
  • ensuring accurate and adequate RECORD-KEEPING - PREVENTING FRAUD and safeguarding the company’s assets - guaranteeing the accuracy of FINANCIAL STATEMENTS - responding appropriately to risk - ensuring COMPLIANCE with law and any supervisory
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Outline the main recommendations of the Cadbury Code of Best Practice which is aimed at improving confidence in financial reports in the UK

A
  • There should be a full Board meeting at regular intervals - The Board should be made aware of many significant activities such as acquisitions, capital projects - Non-executive directors (NEDs) should have key responsibility for certain control and monitoring functions - Shareholders should approve directors’ service contracts in excess of three years - Directors’ remuneration should be subject to review by a remuneration committee made up of NEDs - Company reports should be balanced and understandable
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Outline the key features of the UK Corporate Governance Code

A
  • Applies to all UK-listed companies (the Code being annexed to the London Stock Exchange Listing Rules). - Corporate governance is not forced on companies by prescriptive rules. Compliance with this Code is voluntary, although there is a requirement for firms to disclose whether they comply with the Code and, in the case of non-compliance, explain any deviations. - It allows companies freedom to choose a suitable approach given their industry and their size, and to explain any material differences between their approach and the prevailing governance code to shareholders and to the market.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Outline how external risk frameworks influence corporate governance in the USA

A

A more statutory approach to compliance has been taken through the introduction of legislation in the form of: - Securities and Exchange Commission (SEC) - rules requiring disclosure of Board structure, compensation and role in risk management - the Sarbanes-Oxley Act - requiring independent Board audit committees and at least one “financial expert” - the Dodd-Frank Act - requiring bank Boards to have a risk subcommittee that includes a “risk management expert”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

List the 4 Key principles for excellence in corporate governance

A
  1. Communication with stakeholders 2. Independence of the Board 3. Board performance 4. Board compensation arrangements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Outline the role of a risk subcommittee of the Board

A

Accountability for overseeing the management of risks within an organisation rests with the Board, however it may be delegated to a risk management subcommittee of the board. If a risk subcommittee is established, this will be done by drawing up a risk subcommittee charter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Outline the role of an audit subcommittee of the Board

A
  • to give auditors direct access to the non-executive directors - to ensure the auditors retain their independence from any other business services provided by the audit firm. - emphasises the importance of the audit function to the rest of the business. The role of the audit subcommittee includes: - monitoring the integrity of financial statements. - monitoring and reviewing internal assurance functions such as financial control, risk arrangement and internal audit - recommending, monitoring and reviewing the external auditor.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Key principles for excellence in corporate governance: COMMUNICATION WITH STAKEHOLDERS

A

The Board has a duty to disclose certain information about the company to stakeholders, which may extend to details of risk management practices. This leads to greater transparency of information for shareholders, and facilitates more informed decision making on their part.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Key principles for excellence in corporate governance: INDEPENDENCE OF THE BOARD

A

The Board should not be involved in actively managing the company on a daily basis. Rather, it should be distanced from the day-to-day running of the company in order to better oversee and monitor its management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Key principles for excellence in corporate governance: BOARD PERFORMANCE

A

The Board should engage in regular, formal self-assessments to rate its performance against any best practice codes it is subject to. This may be carried out at an individual, subcommittee or full Board level. This can be difficult to achieve in an unbiased way, so the use of external consultants may help. There should be regular, independent development reviews and training for new Board appointees.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Key principles for excellence in corporate governance: BOARD COMPENSATION ARRANGEMENTS

A

Directors should not be overly compensated, however, the compensation should reflect the responsibility and risk of being a director. In order to align director’s interest with those of shareholders, it is important that a reasonable proportion of the compensation should be in the form of company stock. It is also important, for the implementation of ERM, to align directors’ compensation with risk management objectives, eg by linking remuneration to risk-adjusted return.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When was the Walker Review of Corporate Governance of the UK Banking Industry initiated, and by whom?

A

February 2009, following the banking crisis in late 2008. It was led by Sir David Walker, and was initially to cover only banks, but its terms of reference were subsequently widened to cover all financial institutions in the UK.

17
Q

5 Key themes contained in Walker’s final recommendations

A
  • The “comply or explain” approach under the UK Corporate Governance Code is still the best route to better corporate governance practice. - There is a need for more “challenge” in Board discussions, coming from the right mix of capabilities and experience on the Board, and from a greater time commitment from non-executive directors. - Board-level engagement of risk oversight should be materially increased, with particular attention to the monitoring of risk and discussion leading to decisions on the entity’s risk appetite and tolerance. The review recommended the set up of a separate Board risk committee with support from a CRO and with clear enterprise-wide authority and independence. - There is need for better engagement between fund managers acting on behalf of their clients as beneficial owners, and the Boards of investee companies. - The remit of Board remuneration committees should be extended to cover other senior influential employees, and this remuneration should be aligned with the medium- and longer-term risk appetite and strategy of the entity. The remuneration of these employees should be made publicly available on a “banded” basis.
18
Q

Define culture

A

An organisation’s culture is defined by: …. the APPROACH taken to its activities and describes the company’s —- shared values, —- beliefs and —- behaviours. This includes the attitude of employees to business undertakings and the way in which judgement is exercised.

19
Q

Define risk culture

A

A subset of its overall culture. A company’s risk culture is its —- SHARED VALUES, —- BELIEFS and —- BEHAVIORS in relation to risk.

20
Q

Define good risk culture

A

One in which people know, and do, the right thing, even if there is no specific rule or policy telling them what to do, rather than acting in their own interests.

21
Q

The board should ensure that an organisation has a culture which is conducive to good risk management. This culture should encourage (7)

A
  • consultative leadership - participation in decision-making on risks - openness - accountability rather than blame - organisational learning (as opposed to box-ticking - knowledge sharing - good internal communication
22
Q

Outline the key features of an organisation with a supportive risk culture

A

Companies with a supportive risk culture: - focus on developing POSITIVE EMPLOYEE BEHAVIOURS with regard to risk - support the development of these behaviours with APPROPRIATE TRAINING for employees - praise those with good risk behaviours - set risk culture from the top of the organisation - the Board and senior management need to display appropriate risk behaviours - include a requirement for proactive responses to risk in job descriptions - incorporate risk management objectives into the performance management process - tie incentives to risk management performance objectives, with clear targets and measures of success - ensure that risk management responsibilities are clearly defined and that individuals are aware of their accountabilities - introduce a PROCESS TO ESCALATE RISKS to the appropriate level of seniority - develop an ENVIRONMENT OF OPENNESS where employees will raise issues in the knowledge that they will be heard and be open to new ideas - AVOID A “BLAME CULTURE”, in which the focus is on what went wrong, rather than how it can be prevented from happening again - EVALUATE THE RISK CULTURE, eg measure it through questioning the workforce, perhaps by inclusion in an existing staff survey, and review progress on an ongoing basis

23
Q

10 Common themes in best-practice corporate governance

A

The Board: - assessment of performance - composition of the Board of Directors - independence of the Board - frequency of Board meetings Individual Directors: - remuneration - skills required and performance assessment - terms of appointment Board Subcommittees: - functions of Board subcommittees: appointments, audit, remuneration, risk - composition of Board subcommittees Stakeholder communication and disclosure

24
Q

6 Key stakeholders and their roles in good corporate governance

A

BOARD OF DIRECTORS — vigorous leadership, — setting RM policies, — governance, — responsible for key strategic risks — determining risk compensation CHIEF RISK OFFICER (CRO) - responsible for implementing Board’s RM strategy RISK SUBCOMMITTEE - verify compliance with, and challenge risk policies AUDIT SUBCOMMITTEE — integrity of financial statements — oversight of assurance functions — link with external auditor MANAGERS - responsible for identification / management of risks in their area, - lead by example ALL EMPLOYEES - responsible for identifying new / changed risks, adhere to codes of conduct

25
Q

Responsibilities of the Board with regards to risk management: RISK GOVERNANCE

A
  • setting the —- vision, —- strategy and —- risk culture of the organisation - establishing a FRAMEWORK for —- measuring, —- managing and —- monitoring the risks facing the organisation - reviewing the outcomes of and lessons learnt from the risk management process on an ongoing basis to achieve its goal of delivering long-term value to its investors.
26
Q

Responsibilities of the Board with regards to risk management: SETTING ERM POLICIES

A
  • defining the company’s RISK APPETITE - establishing what SKILLS are needed to implement ERM strategies successfully, and implementing training programmes where these skills are deficient - guiding decisions on the most appropriate approach to, and structure for, ERM internally or arise from legislation or regulation.
27
Q

Responsibilities of the Board with regards to risk management: DETERMINING RISK COMPENSATION

A
  • aligning the interests of management with investors through appropriate remuneration packages
28
Q

What is the role of the BOARD OF DIRECTORS in good corporate governance?

A

— vigorous leadership, — setting RM policies, — governance, — responsible for key strategic risks — determining risk compensation

29
Q

What is the role of the CHIEF RISK OFFICER (CRO) in good corporate governance?

A
  • responsible for implementing Board’s RM strategy
30
Q

What is the role of the RISK SUBCOMMITTEE in good corporate governance?

A
  • verify compliance with, and challenge risk policies
31
Q

What is the role of the AUDIT SUBCOMMITTEE in good corporate governance?

A

— integrity of financial statements — oversight of assurance functions — link with external auditor

32
Q

What is the role of the MANAGERS in good corporate governance?

A
  • responsible for identification / management of risks in their area, - lead by example
33
Q

What is the role of the ALL EMPLOYEES in good corporate governance?

A
  • responsible for identifying new / changed risks, adhere to codes of conduct
34
Q

Outline the key content of a risk subcommittee charter.

A
  • purpose - responsibilities - membership: needs to have knowledge of the organisation and relevant experience, but be able to remain objective; consider the split between independent and non-independent directors - frequency of meetings - performance assessment: what criteria will be used - resources available: which departments the subcommittee will work with; whether external consultants may be used
35
Q

Risk subcommittee charter: Purpose

A

overseeing and challenging management’s treatment of key risks; setting risk policy; gathering relevant information on risks.

36
Q

Risk subcommittee charter: Responsibilities

A

ensuring a suitable ERM framework exists within the company; assessing whether risk management objectives have been achieved; ensuring compliance with any supervisory requirements for risk management; reporting on a risk to the Board; keeping abreast of developments in risk management

37
Q

Key items of best practice w.r.t. the audit subcommittee

A
  • ensuring members of the audit subcommittee are drawn from the non-executive directors. Many international codes go further and stress the independence of the subcommittee.