Enterprise Risk Management Scott Moss, CIS P/C Trust Director Maryam Z. Sherkat, MIABC Legal Counsel & Risk Officer Mayor Teunis Westbroek, MIABC Board Chair
Outline ERM Frameworks Why CIS is Involved in ERM CIS ERM Efforts Risk Register and Ranking Risk Map CIS ERM Next Steps DART Challenges Outcome Improvements
What We Are Not Talking About Not a class in ERM details Selling ERM Capital Modeling ERM ‒ Solvency II ‒ Own Risk Solvency Assessment (ORSA)
ERM Frameworks RIMS Maturity Model UK & Australia standards of ERM COSO ISO (CIS follows this model)
ERM Framework 1.Establish the internal and external context 2.Risk assessment 3.Risk treatment 4.Monitor results 5.Communicate and consult with internal and external stakeholders
Why Is CIS Involved in ERM? Be an example for members Good management Framework for decisions Explicitly address uncertainty Desire to continually improve Destined to be the future of risk management
CIS ERM Efforts 1.Organizational Wide Assessment 2.Decision Making 3.Capital Modeling Using ERM 4.ERM Tools for Members
Risk Register & Ranking Governance Operational Public Image Compliance Technology Hazard Human Resource Financial Business Model Political Competition Underwriting Reserving/Claims Reinsurance
Risk Map Financial Business Model Political Competition Underwriting Reserving/Claims Reinsurance
CIS ERM Continuing 1. Assign “Risk Owners” 2. Develop Mitigation Plans for each risk 3. Establish “Early Warning Indicators”, Benchmarks, and Dashboards for each risk 4. Using ERM Decision Model in major decision
Decision Assist Risk Tools (DARTs) Member-focused ERM services and tools: ERM Framework ERM Consulting Executive Risk Management Team Sample Risk Registers Sample Risk Mitigation Plans Sample Monitoring
Challenges Definition of ERM not consistent Does ERM “fit” in public sector? Board understanding value Members not having the resources or desire to practice ERM
Challenges Cutting edge for pools in US Not required by auditors or regulators Results are unclear
Outcome Improvements 1.Enhance skills to make decisions with opportunities and threats. 2.Formal risk owners and risk mitigation plans. 3.Better monitoring of risks with early warning flags, benchmarks, and dashboards.
Why is the MIABC involved in ERM? Initially, because it was required by our regulator
Advanced Risk Management Traditional Risk Management Enterprise-wide Risk Management Risk is bad – focus is on transferring risk Risk is an expense – focus is on reducing cost of risk Risk is uncertainty – focus is on optimizing risk to achieve goals Evolution of Risk Management
MIABC ERM Process
MIABC ERM Framework
MIABC Working Groups
MIABC Mitigation Plans
Board has ultimate responsibility for overseeing the MIABC’s risk profile. The MIABC’s management team oversees the ERM program. Risks are to be managed within the Board’s risk parameters, expressed as a “Risk Appetite Statement” (RAS). The RAS is the organization’s overarching attitude towards risk-taking. Board’s Role in the ERM Program
MIABC Strategic Plan
Challenges Commitment to and understanding of ERM both at Staff and Board level. After initial progress, momentum slowed. Quantifying risk rating and measuring progress. Continued monitoring and assessment.
Benefits Evolved approach to be more proactive with respect to risk management and identifying risks of not taking certain risks. Identified areas of concern and the order in which we needed to focus our resources and efforts. Encouraged cross-departmental interaction and cooperation.
Closing “Risk management needs to be interwoven into all aspects of a firm’s business and should be a part of the calculus of all decision-making.” — Dr. Randall S. Kroszner Governor, Federal Reserve Board
Contact Information Scott Moss CIS P/C Trust Director Maryam Z. Sherkat MIABC Legal Counsel & Risk Officer