Enterprise Risk Management
Rick Gorvett, FCAS, MAAA, ARM, FRM, Ph.D.
Actuarial Science Professor
Departments of Mathematics and Finance
University of Illinois at Urbana-Champaign
Bloomington, IL
March 9, 2004
“Who am I? Why am I here?”
- Admiral James Stockdale, 1992
• Currently
– Professor, Depts. of Mathematics and Finance
– University of Illinois at Urbana-Champaign
• Prior
– Senior Vice President
– Director of Internal Audit & Risk Management
Internal Audit
Corporate Investigations
Risk Management
Enterprise Risk Management
Business Continuity
A Risky World
And it just seems to be getting riskier!
• What’s getting riskier about our world?
• What isn’t ?
– Perhaps aspects of technology, medical care,…?
• Evidence of riskiness
– Catastrophic events in a more crowded world
with greater vulnerabilities
– Current events
– Books – e.g., Safe Food: Eating Wisely in a
Risky World
– Financial markets
The Bottom Line:
It All Boils Down to Capital
• “Capital”
– Assets less liabilities; owners’ equity; net worth
– Support for (riskiness of) operations
– Thus, supports profitability and solvency of firm
• “Capital Management”
– Determine need for and adequacy of capital
– Plans for increasing or releasing capital
– Strategy for efficient use of capital
The “Problem” With Capital
• A certain amount of capital is needed in order to
promote solvency
– Thus, we need to be able to raise capital
• But.... If there is too much capital, profitability
(as measured by return on equity) will suffer
– Thus, we need to be able to efficiently deploy capital
Enterprise Risk Management
• Or “Enterprise Risk and Assurance
• What is ERM?
– Concerned with a broad financial and operating
– Recognizes interdependencies corporate,
financial, and environmental factors
– Strives to determine and implement an optimal
strategy to achieve the primary objective:
maximize the value of the firm
Goals of ERM
• Ensure business continuity
• Enhance opportunities for the company to
achieve its objectives
• Create and increase company value
• Make risk management more cost-efficient
• Stabilize earnings
Evolution of ERM
• Historically: “risk silo” mentality
• Mid-1990s:
– First “Chief Risk Officer”
– First use of ERM terminology
• Late-1990s:
– Risk-related regulatory requirements (e.g., Turnbull)
– Earnings protection insurance debuts
• 2001:
– September 11
– Corporate scandals
– Beginning of efforts to improve corporate governance
A Paradigm Shift
• Risks managed in silos
• Concentrates on
physical hazards and
financial risks
• Insurance orientation
• Ad hoc / one-off
• Centralized mgt., with
exec-level coordination
• Integrated consideration
of all risks, firm-wide
• Opportunities for
hedging, diversification
• Continuous and
Issues in ERM Implementation
• Different corporate cultures require different
ERM approaches
• Who is going to be the ERM champion within
the company
– Among senior executives
– Among departments / functions
• How to embed a risk management culture and
responsibilities throughout the firm
Steps in the
Risk Management Process
Determine the corporation’s objectives
Identify the risk exposures
Quantify the exposures
Assess the impact
Examine alternative risk management tools
Select appropriate risk management approach
Implement and monitor program
Components of the ERM Process
• Determine corporate objectives
• Risk identification
– Goal: comprehensiveness
– E.g., self-assessment
– Volatility measures
– Value at Risk (VaR)
• Risk measurement
Size of loss
Components of ERM (cont.)
• Assessing the impact
– Stress or scenario testing
– Stochastic simulation
• Examine and select alternative risk
management tools and techniques
– Traditional risk transfer
– Natural hedging / diversification
– Integration of risks
Keys to Success in ERM
• Senior management commitment and
• Embed a “risk management culture” in the
corporation at the operational level
• Provide for accountability, both specific and
• Clearly defined responsibilities for
coordination and maintenance
• Adequate communication

similar documents