The field of enterprise risk management (ERM) was born from corporate scandals early in this century. COSO published its Integrated Framework in 2004, outlining eight ERM components that, when present and functioning effectively, provide reasonable assurance an organization will meet its objectives. Since then, organizations have been increasingly urged to adopt risk oversight practices, wit…
We live in a world of risk. Some risks are totally unexpected. The September 11, 2001 World Trade Centre attacks in the US, the Tsunami of December 2004, Hurricane Katrina of August 2005, and the Mumbai terrorist strikes of November 2008 are good examples. Other risks can be identified but the magnitude and extent are difficult to estimate. The sub prime crisis is a good example. Not all risks …
The role of Bank is diversified into financial intermediaries, facilitator and supporter. Yet the banks place themselves as a trusted body for the depositors, business associates and investors. Liquidity risk may arise from these diverse operations, as they are fully liable to make available, liquidity when stipulated by the third party. Additional efforts are required by Islamic banks for scal…
Many of the most important decisions made within an organisation relate to risk, because anything that is innovative or competitive or worth doing is likely to be risky. However, risk exists at various levels within an organisation, from top to bottom. As a result the effective organisation needs to be able to communicate about risk between levels in a way that enables it to manage uncerta…
There is no doubt that the new requirements issued in January 2013 by the Basel Committee1 will be a game changer for many financial institutions across the globe. As outlined by the Committee, one of the biggest lessons of the global financial crisis that started in 2007 is the need to radically improve a bank’s data capabilities and architecture in the area of risk management, thus enabling…
There are strong motivating factors for increased awareness and action with regard to Enterprise Risk Management (ERM). Effective ERM policies and practices are lauded to increase stakeholder confidence, competitive advantage and ultimately an organization’s long-term viability. However previous studies suggest that the concept is poorly understood in practice and organizations are failin…
Risk is a reality of doing business. Whether large or small, public or private, domestic or international, companies today operate in a risk-filled world. In many cases, risk is necessary for long-term operational success; however, failure to control risk effectively can often lead to just the opposite, including damaged reputation, loss of profits, disruption in productivity or, in severe case…
The topic of Enterprise Risk Management (ERM) has been growing in prominence of late despite having a 20 or so year history, it continues to draw sharp divisions of opinion as to its importance and its effectiveness in enabling financial (and other) institutions to sustain themselves over the years. With the GFC lingering in the background and the looming threat of a meltdown in Europe, Risk a…
Section 404 of the Sarbanes-Oxley Act proved to be an arduous process for many public companies, yet these requirements cover only a slice of the total risks facing businesses. A much wider range of factors − including strategic, operations, and compliance risks − lies outside of the financial reporting and internal controls areas of Section 404. Any of the wide spectrum of business ri…
Enterprise risk management (ERM) has been the topic of increased media attention in recent years. Many organizations have implemented ERM programs, consulting firms have established specialized ERM units, and universities have developed ERM-related courses and research centers. Despite the heightened interest in ERM by academics and practitioners, there is an absence of empirical evidence regar…
Many people believe that excessive risk taking at large financial firms was an important cause of the financial crisis of 2007–2008 and that preventing another crisis requires improving risk-management systems at such institutions. One way to do this would be to use board oversight liability to hold directors personally liable for failing to properly monitor the risks that their firms are run…
Risk is unavoidable and present in every human situation. It is present in daily lives, public and private sector organizations. Depending on the context (insurance, stakeholder, technical causes), there are many accepted definitions of risk in use. The common concept in all definitions is uncertainty of outcomes. Where they differ is in how they characterize outcomes. Some describe risk as hav…
Enterprise risk management (ERM) takes a broad perspective on identifying the risks that could cause an organization to fail to meet its strategies and objectives. In this Statement on Management Accounting (SMA), several techniques for identifying risks are discussed and illustrated with examples from company experiences. Once risks are identified, the next issue is to determine the root cause…