Download presentation
Presentation is loading. Please wait.
0
The Role of the Board in Enterprise Risk Management
2016 NCFC Annual Meeting Director's Education Conference The Role of the Board in Enterprise Risk Management February 12, 2016 Confidential – Not for Distribution
1
Agenda 1) ERM Principles and Practice by Mike Mahaffey (45 minutes)
Enterprise Risk Management Risk Governance Key Considerations for Directors 2) Panel discussion with Nationwide Board Directors (30 minutes) Tim Corcoran, Dan Kelley, and Mike Toelle 3) Q&A (15 minutes) 4) Table discussions on ERM principles and application (30 minutes) 5) Table recaps, Q&A, wrap up (15 minutes)
2
ERM Principles and Practice
2016 NCFC Annual Meeting Director's Education Conference ERM Principles and Practice Mike Mahaffey, Chief Strategy & Chief Risk Officer Confidential – Not for Distribution
3
Evolution of Enterprise Risk and Capital Management
State of Practice Over the Last 10 Years State of Practice for the Next 5-10 Years Value Optimization Strategic Integration Integrated Risk Mngmt. Link with Strategy Risk Measurement Loss Minimization Compliance Risk control Balance sheet protection Risk / return optimization Value creation
4
Enterprise Risk and Capital Management Framework
Risk appetite Identify & assess risks Link to strategy Capital Manage- ment Risk measure- ment Risk governance & culture Scenario analysis Monitoring & reporting
5
Risk Categorization Is the risk taken primarily for financial gain, or a by-product of the pursuit thereof? “Financial” Risks “Non-Financial” Risks High Velocity Shock Risks “Capital” Risks Equity shocks Credit defaults Weather Earthquakes Terrorism “Operational” Risks Cyber Security Business Continuity Fraud Reputational Crisis Does the risk impact the company quickly, or over a prolonged period of time? Low Velocity Trend Risks Long Term “Scenario” Risks Prolonged low rates Climate change Inflation Longevity “Strategic” Risks Technology / competitive disruption Societal shifts Regulatory Geopolitical instability
6
Governance Roles: The Board and Senior Management
Approves of company strategy Selection of firm leadership Stewards of company’s culture and values Approves risk appetite in context of strategy Ensures effective governance framework Approve compensation system to drive results Board (Oversight) (Execution) Develops and implements strategy and risk appetite (recommend to Board) Ensures effective system of internal controls Drive execution of strategy Responsible for understanding, taking, managing, and reporting on risk posture Management
7
Risk Governance Model A clear distinction between risk owners, risk oversight and support and independent risk assurance is a critical requirement for a successful ERM function and to meet the governance expectations of stakeholders. Board of Directors Ultimate Accountability and Oversight Committee A Committee B Audit Committee Enterprise Risk Council Risk policy, governance, appetite (recommend to Board) 1. Businesses (Risk Takers) Identify and Assess Risk Take Risk Manage Risk Report on Risk Exposures Accountable for Risk Results 2. Risk Management Organization(s) Risk Policy and Standards Aggregation and Analysis Governance Process Monitoring and Reporting 3. Independent Assurance Validation of controls effectiveness Review of risk framework design Assurance to Management and Board on assertions of risk
8
Board risk governance structural options
What you have to believe… Full Board ERM is an accountability for all directors Regular reports to the entire Board will be sufficient Full Board has capacity Audit Committee Centralization promotes effective oversight Can be achieved despite other significant committee responsibilities Existing responsibilities provide solid foundation for risk coverage Risk Committee Sufficient capacity and appropriate skills for all types of risk Necessary for integrated view of all risk Will evidence commitment to risk management Risk responsibilities in other committees could be merged Distributed Model Required for adequate coverage of distinct risks Audit Committee is already overloaded Potential overlap will be minimal and/or effectively coordinated Aggregate view at Board through escalation, communication, reporting
9
Board distributed risk oversight model
Risk Dimension Board of Directors Ultimate Accountability Finance Committee Business Transformation & Technology Human Resources Committee Program & Technology Risk Financial Risk People Risk Governance Committee Board Risk Oversight Model / Process Coordination / Collaboration Coordination / Collaboration Coordination / Collaboration Process Dimension Audit Committee Management Control Environment Coordination / Collaboration Coordination / Collaboration Coordination / Collaboration
10
Board Directors: Key Considerations
Strategy Ensure clear linkage with risk Tolerance Clearly defined risk appetite and limits Supported with courage / conviction to comply Transparency Reporting, monitoring, and open communications Making the complex simple (but not overly so) Stress Testing Make use of simulations and scenario analysis Make the unknown known Culture Importance of honest, direct, candid discussion Avoid “good news” only culture Oversight Different roles of management vs. the board
11
Panel Discussion with NW Board Members
2016 NCFC Annual Meeting Director's Education Conference Panel Discussion with NW Board Members Tim Corcoran, Dan Kelley, and Mike Toelle Confidential – Not for Distribution
12
Board distributed risk oversight model
Risk Dimension Board of Directors Ultimate Accountability Finance Committee Business Transformation & Technology Human Resources Committee Program & Technology Risk Financial Risk People Risk Governance Committee Board Risk Oversight Model / Process Coordination / Collaboration Coordination / Collaboration Coordination / Collaboration Process Dimension Audit Committee Management Control Environment Coordination / Collaboration Coordination / Collaboration Coordination / Collaboration
13
Exhibit 1: Crisis Management Preparedness
Governance Process Practice Governance Committee of the Board (Board level accountability) Crisis Management Executive Steering Committee (Management level responsibility) Crisis Directors pre-appointed by nature of event Crisis management response plans for all operational areas Board, executive, and line of business crisis guides / wallet cards Nationwide Alert System: automated crisis management notification system Virtual and Physical Command Centers Full Board crisis management simulations (fraud, physical disruption, etc.) Executive crisis management simulations (weather disruption, terrorist attack, financial event, reputational event, other operational disruptions, etc.) Lessons learned and process improvement
14
Exhibit 2: Board Governance - Dashboards
Create transparency Clearly defined goals / objectives Clearly defined performance thresholds Evaluate short and long-term performance (and risks thereto) Drive effective dialogue & action
15
Exhibit 3: Coordinating Oversight Responsibilities
Finance Committee Financial Strategy Risk and Capital Coordinating Linkage Between: Budgeting Planning Performance Measurement Incentive Plan Design Special Captive Committee Limited duration Joint committee membership Internal Controls Legal and Regulatory HR Committee Audit Committee
16
Exhibit 3: Coordinating Oversight Responsibilities
Business Transformation & Technology Committee Coordinating Linkage Between: Capital Allocation Budgeting Planning Performance Measurement Expense Management Operational Risk Controls, including: Financial Reporting Controls Cyber Security Regulatory Compliance Finance Committee Audit Committee
17
Table Discussion: Applying Principles of ERM
2016 NCFC Annual Meeting Director's Education Conference Table Discussion: Applying Principles of ERM Confidential – Not for Distribution
18
Enterprise Risk Management and Your Cooperative
Identify 1 – 2 issues per quadrant Step 1 What is your oversight structure? Identify who is looking at these issues. Step 2 Define the critical success factors to address/mitigate these risks. What can you do to enhance the effectiveness of the process: communication, decision making, engagement with management, etc. Step 3
19
Risk Categorization “Capital” Risks “Operational” Risks
Long Term “Scenario” Risks “Strategic” Risks High Velocity Shock Risks Low Velocity Trend Risks “Financial” Risks “Non-Financial” Risks Is the risk taken primarily for financial gain, or a by-product of the pursuit thereof? Does the risk impact the company quickly, or over a prolonged period of time?
Similar presentations
