The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

The Fallacy of Managing Big Risks: Why Enterprise Risk Management (ERM) Often Fails to Deliver to Boards and What to Do About It

By Andrew Smart, Head of Enterprise Risk Management at KRM22.

Anyone who has served on the executive team or board of a regulated capital markets firm will have at least a passing familiarity with Enterprise Risk Management (ERM). Many have probably experienced it first hand, perhaps sitting through a presentation of the firm’s latest ‘Top 20’ risks. The usual suspects will likely have included market, credit, liquidity, counterparty, technology, cyber, third party / outsource, people, and conduct risk.

Enterprise Risk Management is a holistic, integrated, portfolio approach to risk management that focuses on consistently managing risks, regardless of type across the enterprise. The purpose of Enterprise Risk Management is to improve the firms’ ability to deliver its objectives and sustainably create shareholder value. One of the key outputs from the ERM process is an integrated view of the firm’s overall risk profile and how it is changing overtime. Risk exposures are typically consolidated through a risk taxonomy or hierarchy, thus enabling the reporting of ‘the big risks’. (Figure 1)

Figure 1 – Typical view of risk management 

An often-overlooked benefit of ERM is its use as a framework to understand the relationships and interactions between risk types as well as individual risks within these categories. Viewing risks through an ERM lens also highlights how individual risks rarely fit within a single risk type, as shown in figure 2.

The real value of ERM is the generation of insights that are not possible to uncover within the traditional risk type silos. These insights are the drivers behind better risk management and business decision-making.

Figure 2 – Understanding the relationships and interactions within risk types

Therefore, ERM delivers two core capabilities:

  1. The ability to consolidate risk exposures through risk types to provide a holistic, enterprise view of risk
  2. The ability to understand the relationships and interactions between risk types and individual risks to generate powerful insights that support better-informed business decision-making

Firms that leverage ERM platforms often focus on the first of these core capabilities, i.e. ‘the big risks’, leading them to miss out on the benefits that can be derived from the holistic view of relationships between different risks.

Typically, this means that for many executive teams and boards the implementation of an ERM approach results in a series of colour-coded dashboards which identify their ‘big risks’, but fail to provide an in-depth analysis to enable them to ask the right questions, challenge the right topics and drive the right conversations for better strategic and operational decisions.

Too often, those risk dashboards present the consolidated and aggregated risk exposure for the ‘Top 20’ risks types as defined at one point in time and have since been reported on each month or quarter, failing to take the rapid evolution of the risk landscape into account. Insights into the firm’s real risk profile, including the dynamic interaction between risks and the possible emergence of future risks or control weaknesses, therefore get lost within these consolidated and aggregated risk exposures. Whilst providing a consolidated view is of some value, it rarely provides actionable insight, leading to ERM fatigue on the executive and board level.

To drive board engagement in the ERM process and deliver powerful business insights, firms need to ensure that their ERM processes and systems deliver on both core capabilities. By understanding these relationships between risks, firms can drive a more engaging conversation with their boards, generating more insightful analysis and efficient reporting.

The fallacy of ERM is that it is about managing the ‘big risks’; in fact, this is, or should be, just one part of an ERM programme.

An ERM programme should deliver two core capabilities:

  1. The ability to consolidate risk exposures through risk types to provide a holistic, enterprise view of risk
  2. The ability to understand the relationships and interactions between risk types and individual risks to generate powerful insights that support better-informed business decision-making

Importantly, when implementing an ERM programme, firms should never lose sight of its real purpose – to enhance the firms’ ability to deliver its objectives and create sustainable shareholder value.

Related content

WEBINAR

Upcoming Webinar: Adverse media screening – how to cut exposure to criminal activity, from money laundering to human trafficking

Date: 23 September 2021 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Screening for adverse media coverage of counterparties presents an incredible opportunity for financial institutions to limit risk exposures and identify bad actors early. It is required by regulations such as the EU’s sixth Anti-Money Laundering Directive (AML 6), and...

BLOG

Hedge Fund Aspect Capital Widens Deployment of OpenGamma for Margin Calculations

Systematic hedge fund Aspect Capital is widening its use of OpenGamma’s derivatives analytics to aid in the calculation of margin requirements as the firm expands into new markets. Aspect recently indicated it is starting operations in China, requiring it to calculate margin for trading on that country’s exchanges. OpenGamma’s analytics cover exchange and broker margin...

EVENT

TradingTech Summit Virtual

TradingTech Summit (TTS) Virtual will look at how trading technology operations can capitalise on recent disruption and leverage technology to find efficiencies in the new normal environment. The crisis has highlighted that the future is digital and cloud based, and the ability to innovate faster and at scale has become critical. As we move into recovery and ‘business as usual’, what changes and technology innovations should the industry adopt to simplify operations and to support speed, agility and flexibility in trading operations.

GUIDE

ESG Handbook 2021

A-Team Group’s ESG Handbook 2021 is a ‘must read’ for all capital markets participants, data vendors and solutions providers involved in Environmental, Social and Governance (ESG) investing and product development. It includes extensive coverage of all elements of ESG, from an initial definition and why ESG is important, to existing and emerging regulations, data challenges...