of the Board

italiansaucyΛογισμικό & κατασκευή λογ/κού

13 Δεκ 2013 (πριν από 4 χρόνια και 18 μέρες)

80 εμφανίσεις



Risk Management and the role
of the Board


Risk Oversight and Good Governance




Dugald Ross


Jeito

Board Reviews

November 2013

Who are we?

Dugald

Ross
;
B.Econ

Jeito Pty Ltd


Australian & UK

Expertise in financial market operational
risks and board oversight

Jeito

Pty Ltd












Consulting firm with a global focus on the
Web delivery of reviews of third sector
Boards










Jeito
’ (pronounced ‘J2′ ) is
Brasilian
/Portuguese
slang meaning “the knack,” which sums up
our vision to find the right solution to our
client’s needs.


2

Points to Understand


focus that RM begins with
good governance


Good risk management is a key component of
good governance



Risk failures are usually a result of poor
governance



The boards role in risk management is of oversight



Risk oversight is a continual process of questions,
decisions, feedback and review.

Risk Failures at the Heart of the Financial Crisis


It is clear that
governance failures contributed
materially to excessive risk taking
in the lead up to
the financial crisis. Weaknesses in risk management,
board quality and practice, control of remuneration,
and in the exercise of ownership rights need to be
addressed in the UK and internationally to minimise
the risk of a
recurrence


Walker Review of corporate governance of UK banks and other
financial entities: July 2009



Why did some financial institutions fail or need public
rescue, some came close to the brink but many
others weather the storm and continue to operate
profitably?


Part of the answer is differences in business
models….. But a significant part, was the differences
in the
quality

of their corporate governance.



THE IMPORTANCE OF GOOD GOVERNANCE speech by JOHN F LAKER Chair of
Australian Prudential Regulation Authority to the Australian British Chamber of Commerce,
Melbourne 27 February 2013






Why the Failures?

Risk Oversight Failures


a Governance Issue


The inability of many Boards to accurately identify
and understand the risks inherent in their
businesses is seen as the main governance failure
leading to the crisis.
…………………….




Their
risk appetite was vague.



THE IMPORTANCE OF GOOD GOVERNANCE speech by JOHN F LAKER Chair of
Australian Prudential Regulation Authority to the Australian British Chamber of
Commerce, Melbourne 27 February 2013


Egregious Cultural failures

Corporate culture is widely seen as a difficult and
complex issue, but the
egregious cultural failures
that lie behind the lamentable story that is now
emerging in relation to the conduct of some banks
make action essential
.


Values and ethical standards, and the overall culture
in which they are embedded, are keystones of
governance in any
corporate
entity
.


‘Banks must solve the problems of ethics’ by
Roger Ferguson, John
Heimann
, William Rhodes, Sir David Walker .Times newspaper August
22 2012


What is happening in the world today?

Focus world wide is increasing on risk management
and good governance



What is new?



Comply
or Explain



Insurance wont save you from poor performance


Board‘s Role in Risk
Oversight

Risk Oversight v Risk Management




The board should provide
oversight and
guidance
for ‘t
he systems and processes
concerned with ensuring the overall direction,
supervision and accountability of an organisation.’


Chris Cornforth Governance Overview, Governance and
Participation project, Co
-
operatives UK, 2004




Management should provide the risk management
implementation


Risk Complacency


Just 15 per cent of directors reported a very good
understanding of the risks their company faces, 54
per cent a good understanding,
while almost one
third (29 per cent) said they either have a limited
or no understanding.
The remaining two per cent
said they did not know
.”

There is little variation from a previous study in
2011


Improving board governance
Mckinsey

global survey results 2013






Co
-
operatives UK Findings


T
he Boards role in risk oversight is misunderstood



They see it as managements role to report and
provide instruction.



They forget the board has the ultimate
responsibility and is responsible for oversight


Risk Governance and Risk Management Cycle

Identify and
Accept Risk

Control and
Manage
Risks

Monitor risks

Test Review
Report
Procedures

Board
Reviews

BOARD
understand and
relate to strategy

BOARD
oversight and
adequacy

Management to Implement

Risk Oversight Foundations

Risk oversight
IS NOT a process

with a beginning
and an end
.



It is continual process from which to make
sound
decisions in two areas of oversight.


1.
oversight
of critical risks and risk decisions (risk
governance)


2.
oversight
of enterprise risk programs (risk
management
).




Appropriate Risk Oversight


‘No one size fits all’


Strategy and risk management are
linked.



An Intelligent risk management culture is never an
impediment and should more than just a
supplement.



It should fit the organisation, and the role of the
board is to ensure the risk management framework
is appropriately designed, adapted, implemented
and becomes an integral part of an organisations
decision making culture.

The Upside to Oversight and Good Governance

Healthy risk oversight is not just about risk avoidance




Setting Culture

Improved education, communication
and innovation

Preparation for crisis

Better understanding of processes
across an organisation

Building Morale

Better decision making

Governance Codes & Risk

Good Governance

Good governance should be thought of as a floor


not as a ceiling


Good Governance
is all about



Recognising and accepting risk


don’t be afraid


Setting the appropriate risk oversight.


Setting the culture from the top


Question, question, question


Ensuring the board is a high performance board


Review and assessment




What the code wants from Societies

High
Performance
Board meeting
minimum
standards

Support the code
in your rules

Comply with
requests for
Information

Provide
statements of
recommendations

Provide reasons
for non
compliance

Provide Reasons
for
appropriateness

Four Themes to Improve Risk Oversight


Financial Stability Board (FSB) Thematic Review on Risk Governance Peer
Review Report 12 February 2013





Board
Capabilities

Board
Values and
Culture

Board
Information

Risk
Governance

Board Capabilities


‘Many boards simply lacked the financial industry
experience and understanding of market
complexities needed to ensure they could perform
their fundamental role of independent and
objective oversight. They had inadequate
skills,
technical expertise or confidence


to
challenge a dominant or ‘imperial’ chief executive
officer (CEO) pursuing aggressive growth
strategies.



JOHN F LAKER Chair of Australian Prudential Regulation Authority speech
to the
Australian British Chamber of Commerce, Melbourne February 2013


Not Just Skills
-

but Behaviour


Too often directors were unable to dedicate sufficient
time to understand the firm’s business model and too
deferential to senior management.



Financial Stability Board (FSB) Thematic Review on Risk Governance Peer Review
Report 12 February 2013




Understanding Your Board Capabilities

Attitudes
& Values

Knowledge

Skills

Performance Assessments
of Board & Members

Skills Self Assessments
by Members


The crisis exposed significant shortcomings in the
governance and risk management of firms and the
culture and ethics
which underpin them. This

is not principally a structural issue. It is a failure in
behaviour, attitude and in some cases, competence.’

Board Values

-

Culture and Ethics

Sants
, H,
Delivering effective corporate governance: the financial
regulators role,
Speech at Merchant Taylors’ Hall, April 2012.


Board Values
-

Culture and Ethics


Values and ethical standards, and the overall culture in
which they are embedded, are keystones of governance
in any corporate entity.




‘Banks must solve the problems of ethics’ by
Roger Ferguson, John
Heimann
, William Rhodes, Sir David Walker

.
Times newspaper August 22
2012

Risk Culture


an example of poor standards


A poor risk culture was not consistent with the risk
appetite and can manifest itself in a number of ways.



Lack of understanding


Lack of candour in the relationship between board
and management


Headstrong front
-
office leaders always looking to
push the risk control boundaries, that passes the
ownership of risk to the risk management function or
internal audit. Business areas must be the owners of
risk.






JOHN F LAKER Chair of Australian Prudential
Regulation Authority speech to the
Australian British
Chamber of Commerce, Melbourne February 2013

Setting corporate culture as ‘Risk Intelligent’


The board should encourage and set the tone for
an organisations risk culture.



The
board should understand how their strategies
and incentives reward and encourage people to
take risks intelligently.



This is why risk
oversight
is a continual process of
defining, measuring, reviewing and questioning.


Board Information
-

What is Needed


Timely, relevant & comprehensive information


Reports that can be easily digested by the board


A holistic view of the risk exposures of their institution
Reports


Information not heavily filtered by management hierarchy
nor reaching the board late and/or distorted.






JOHN F LAKER Chair of Australian Prudential Regulation Authority speech to the
Australian British
Chamber of Commerce, Melbourne February 2013


CIMA Performance Reporting to Boards. A Guide to Good Practice

Board Information
-

Integrity in Financial Reporting


Can I trust the data?



Does it cover the critical
issues?



Is it sufficiently up to date?



Can I digest it quickly ?



Does it cover future as well as
historical?



Does it include a holistic
perspective?



Is it in relevant time context?


Risk Governance Issues


Inability to accurately identify and understand risks


Inability to ensure robust structures for managing and
reporting on these risks


o
Unclear definitions as to the degree and nature of
risks.

o
Vague risk appetite.

o
L
acking the stature, authority and independence to
challenge the business areas;

o
Unclear accountability and lines of reporting to the
board

o
Inadequate experience or independence from
management or the board

JOHN F LAKER Chair of Australian Prudential Regulation Authority speech to the
Australian

British Chamber of Commerce, Melbourne February 2013

Independent Assessment of Risk Framework


I
ndependent assurance that the risk governance
framework works and works as intended.



However, such internal or external audits and
assessments tend to be compliance
-
focussed.



I
nternal audit don’t reveal external trends and/or align
with best practices.


JOHN F LAKER Chair of Australian Prudential Regulation
Authority speech to the
Australian British Chamber of
Commerce, Melbourne February 2013

Questions About Your Risk Processes


Does your risk management method work?



Would anyone on the Board know if it didn’t
work?



If it didn’t work what would be the
consequences?


Blank thoughts?

Assessing Board Performance


is your board adding value
in terms of its risk management and performance?


The most valuable outcome of a board
evaluation is that it helps to bring
“issues to the surface”; and allows
directors to “stand back” from day to day
matters and improve the performance of
the board as a whole.



Evaluating the Performance UK Boards: Lessons from the
FTSE350


The All Parliamentary Corporate Governance
Group 2007.


Thank You


Dugald Ross


dugald

ross@jeito.org.uk

+44 (0)
779 582 4162