Download presentation
Presentation is loading. Please wait.
Published byRodney Wright Modified over 9 years ago
1
Risk Management & Corporate Governance 1
2
What is Risk? Risk arises from uncertainty; but all uncertainties do not carry risk. Possibility of an unfavorable outcome of an uncertainty is risk. Outcome of an uncertainty may even be favorable. Is that a risk? In certain cases, yes. 2
3
Why take risks? Because you have to. Because it brings rewards. 3
4
Risk Management Process Risk Identification Risk Assessment Selection of risk management techniques Implementation Review 4
5
Risk Identification Risk profile of a company Formal listing of all potential risks. External professional help Risk is inevitable; however unfavorable consequences of risk can be controlled. Degree of risk to be assumed 5
6
Classification of Risk Production risk Price risk of inputs Price risk of outputs Project risk Environmental risk (weather) Political risk Economic conditions risk 6
7
Risk Assessment Having listed all the potential risks, ask: How likely is it for any of these risks to actually materialize? What is the maximum possible loss that can arise from each of the listed situations? Can you stand that loss? 7
8
Risk Management Techniques Risk avoidance Loss prevention and control Internal controls Risk retention Risk transfer 8
9
Implementing the Plan Get quotes, find the best provider and create a contract. Keep reviewing the situation. Keep revising your risk profile. Keep a record of cost of risk transfer against benefits of risk transfer. Amend plans as necessary. 9
10
Is risk management a Corporate Governance issue? Board is responsible for protection of company assets. Board must work to improve shareholders’ value, which is not possible without taking some risks. Not taking risks may be the biggest risk. 10
11
Internal Control All that a company does internally to protect its assets, ensure the proper conduct of its affairs and accuracy of its records. Risk management is not just part of “protecting the assets of a company”, it is an essential feature of proper conduct of its affairs. 11
12
Objectives of Internal Control That all that is due to the company, comes to the company. That the company pays only what should be paid out That all incomes, expenses, assets and liabilities are properly recorded That the assets of the company are protected and used only for company’s business. That the company’s records are reliable 12
13
Tools of Internal Control Defined Procedures Only one way of doing an action Segregation of duties (internal check) Controls Physical (cash in safe, maintenance) Managerial (e.g. budgets, limits, approvals, etc.) Supervision Accounting and auditing checks Selection of right personnel 13
14
Setting Internal Controls Draw internal control policies. Design internal control systems Document all procedures Train the staff Ensure that the procedures are being followed. Institute internal audit Curb exceptions. 14
15
Monitoring Internal Controls The system should generate reports. Frequency of reports Adequacy of reports Regular review of reports and action there-on. Follow up. Investigation of major lapses Internal Audit Certification at critical stages. 15
16
Designing Procedures Nature of work. Extent of risk. Cost of procedure. Facilitate work, not hamper it. Compliance with laws, regulations Promote efficiency culture Immediate notice of exceptions 16
17
Internal Audit A control that functions by examining and evaluating the effectiveness of other controls. Includes checking, analyses, appraisals, recommendations, advice and information. Regular or Need based. 17
18
The internal auditor Part of management; however does not report to management. Detects errors and frauds Helps management correct errors and minimize impact of frauds Helps improve controls. 18
19
Advantages of Internal Audit Keeps workers alert Timely detection of errors & frauds Enhances reliability of accounting and supporting records Reduces external audit work 19
20
Types of Internal Audits Regular, continuous internal audit Need based investigation VFM audit for specific purpose Pre-disbursement and post-payment audits. Records audits and Procedure Audits 20
21
Risk Management Reporting CC of CG requires: Audit Committee’s Report Board’s Statement on Internal Controls 21
22
Audit Committee’s Report List significance risks; how they are being identified, assessed and managed. Report on effectiveness of the systems put in place to manage these risks List of actions being taken to remedy significant failings or weaknesses Comment on need for greater monitoring of procedures 22
23
Board’s Statement on Internal Control Essentially it is about status of internal controls, e.g. There is an ongoing process for identifying, evaluating and managing significant risks. That the process was there during the year under report. It is being regularly reviewed by the Board. It is in accordance with Turnbull Guidance 23
24
Turnbull Report Risk Assessment Control Environment Control Activities Information and Communication Monitoring 24
25
Risk Assessment Clear objectives, clearly communicated to all concerned. Significant risks assessed regularly Market risks Technological risks (H&S, Environment) Credit and liquidity risks Reputational risks, legal risks Clear understanding of risks being retained 25
26
Control Environment and Activities Who controls? Are they independent? Are controls/ authority/ responsibility/ accountability defined? Does company culture permit controls? Demonstration of will to control Communication to all concerned How are adjustments made when needed? 26
27
Information & Communication Frequency and adequacy of reports generated by internal control system. Who receives what report at what intervals? How reliable are these reports? What checks are in place to ensure reliability of these reports? 27
28
Monitoring Are control processes part of the normal operational processes? Special communication to the Board by management Monitoring of Management by Board 28
29
Disaster Recovery Plans Disasters happen, or are made to happen. What plans does a company have to ensure that: Its operations are restored quickly Its data is not lost Most important for financial institutions 29
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.