Another Example of the Value of Risk Management

It seems that some financial institutions have not fully learned the lessons from past rogue trading incidents such as the ones that occurred at Societe Generale and Barings. Officials at UBS announced today that they are facing massive losses at the hands of a lone trader. Here’s what BBC reported this morning.

Police in London have arrested a 31-year-old man in connection with allegations of unauthorised trading which has cost Swiss banking group UBS an estimated $2bn (£1.3bn). Kweku Adoboli, believed to work in the European equities division, was detained in the early hours of Thursday and remains in custody. UBS shares fell 8% after it announced it was investigating rogue trades. ZKB trading analyst Claude Zehnder said the news would damage confidence in UBS. “They obviously have a problem with risk management.”

This is yet another example of the value of having a strong risk and control program. While it is difficult to control external events, companies can certainly implement proper internal controls to protect from massive losses such as this one.


Increasing Your Risk Awareness

Companies of all sizes are searching for direction as they seek growth during these tumultuous economic times. Some companies are looking for better ways to deploy capital while others are simply fighting for survival. It is during times such as these that many do not take the time to seek perspective on the risks that they face. However, the strongest companies realize that having a solid understanding of their unique risks is vital to their continued success. These companies also realize that the risks they face are ever-changing – both internally and externally.

The first step to developing a better understanding of risk is to conduct an Enterprise Risk Assessment based on the company’s strategic objectives. This risk assessment will serve as the baseline for measuring risk responses going forward and also as the foundation for a broader Enterprise Risk Management (“ERM”) program. As a company implements their ERM program, it is critical that a culture of risk awareness rather than risk aversion is promoted. A “risk aware” culture embraces risk as the flip side to the reward they seek.

However, simply identifying, measuring and mitigating risks is only part of achieving “risk awareness”. An effective way to gain this perspective is to examine how the business is evolving in relation to its overall strategic direction through the Risk Awareness Cycle (see figure below). At any given time, a product, service or an entire company is in one of four stages of evolution – Order, Complexity, Chaos or Simplicity. Within each of these stages, risks take different forms. In addition, to continue as a viable enterprise, movement from one stage to the other is essential. Without movement, an enterprise will lose forward momentum and ultimately fail.

To learn more about how you can increase your company’s risk awareness, visit

Risk Awareness Cycle

Perilous Times Require Strong ERM Programs

Each day as we read the news across the globe, it is apparent that the business environment continues to be laden with a myriad of risks. Without advance preparation, companies looking to advance their strategies will find themselves at the mercy of some unforeseen event that will threaten their success or perhaps their very survival. In times like these, it is critical to have a strong enterprise risk management (“ERM”) program that is woven into the fabric of a company’s strategy as well as its day-to-day business operations.

However, implementing an effective ERM program today is no easy task. Faced with an uncertain regulatory and economic outlook, many companies struggle to create a cost-effective, focused program that will provide the necessary insight to anticipate the most critical risks.  While each company and industry may be unique, there are a few common steps that can be taken that will lead to a more effective ERM program.

1. Start with the strategic plan – focus ERM efforts on where the company is going, not where it has already been

2. Create a simple framework and process that is easily understood – too many companies try to make ERM more complicated than it needs to be

3. Demonstrate importance of the program with a C-level champion – whether it is a new Chief Risk Officer, the CFO or even the CEO, a key leader must lead the charge

4. Tie risk management objectives and metrics to existing performance metrics – business goals require incentives and risk management objectives are no different

5. Invest in cost-effective enabling technologies – a wide range of risk management technology solutions exist today and choosing the wrong solution can result in cost overruns and poor results

By taking these steps, you will certainly be headed in the right direction on your ERM journey. However, the ultimate success factor is maintaining a long-term commitment to ERM as a valued business discipline. To learn more about creating a successful ERM program, visit

ERM Adds Strategic Value

As enterprise risk management (“ERM”) becomes a more widely accepted practice, many companies are realizing the value of including a risk viewpoint in their strategic planning exercises. In the past, many executives viewed risk management purely as a loss avoidance exercise.  However, now that ERM is providing a broader view of risks and allowing companies to become more resilient, companies are more willing to incorporate the employment of calculated risks into their strategy formation.  A recent study by the Economist Intelligence Unit provides the following insight into this changing view of ERM.

One important indication that a shift might be occurring, however, is that 75% of executives think that risk considerations are playing an increasingly important role in strategy at their organisations. This suggests that rather than playing a preventative role—avoiding financial losses, for example—risk management could be moving towards an enabling role that contributes more fully to corporate strategy.

To navigate risks for both the shorter and the longer term, many firms are beefing up their risk management systems. ABB, for one, is increasingly moving away from a decentralized risk management model and putting in place a more group-wide strategy. “We’ve put in place a centralized enterprise risk management program over the last 12 months, and viewing holistically all the risks we face in the organisation,” confirms Mr Hall. “What we realized in the financial crisis, particularly from a financial point of view, is that the best way to manage risk is centrally.”

Martin ten Brink, a director at Shell, a British oil giant, says his company intends to refine some aspects of its enterprise risk management system in the coming year, particularly the pricing of risk. Furthermore, he says, Shell is improving the way it gauges risk velocity. The firm is targeting “a better understanding of the speed with which a risk can materialize and impact business performance.”

Wheelhouse Advisors is uniquely qualified to help companies build ERM programs that can be a source of strategic value. To learn more, visit

Demand for ERM Continues to Grow

More companies are beginning to realize the value of Enterprise Risk Management (“ERM”) as a discipline that can propel a business forward rather than hold it back. In the recent past, many ERM programs focused primarily on revisiting problems from the past or examining all risks regardless of size. While these types of exercises can keep people busy, they rarely benefit a company that is trying to navigate forward to achieve successful outcomes. However, according to recent comments by a risk expert at the Risk and Insurance Management Society, ERM is evolving into a highly valued business practice. Here is what she had to say in an interview conducted by

Today, a growing perception that ERM “is a business discipline that can advance an organization’s [big-picture] objectives” is driving higher adoption rates across all types of organizations, says Carol Fox, director of strategic and enterprise-risk practice with the Risk and Insurance Management Society.

While there is also a perception that risk managers are having difficulty getting invited to a seat at the C-suite table, Fox believes that most corporate leaders, with only rare pockets of resistance, are eager for expert input about the strategic risks the organization faces.

“With all the external pressures—whether it’s Dodd-Frank, shareholders or the disclosures required now by the SEC for public companies—there is plenty of demand, visibility and support at the board level and at senior-management level” for ERM, she says.

As more board members and senior executives become acquainted with the usefulness of a well-designed ERM program, the discipline will become a “must have” for companies looking to compete in the new economy.

When Assessing Risk, Don’t Forget the People

The Conference Board released a report today about the need for stronger integration of human capital risks into a company’s overall enterprise risk management program.  Too often, these risks are left to the human resources department to manage alone with little understanding of the potential impact to a company’s entire operation.  After surveying 161 leading companies worldwide, here is what the researchers discovered.

At most companies, human capital accounts for at least half of operating costs and can have a significant impact on business results. However, the study finds that human capital risk (HCR) — which can range from unionization/labor relations to offshoring and outsourcing to staffing in a pandemic — tends to be siloed in human resources departments, away from the companywide assessment and mitigation processes of enterprise risk management (ERM). This arrangement prevents information about HCR from having a role in the comprehensive, aggregate view of risks, root causes, interactions, and impacts through which leaders set priorities and determine overall strategy.

Out of eleven risk categories, executives ranked HCR as having the fourth highest impact on business results, ahead of financial, reputational, supply chain, and IT risks. This high ranking is evidence that HCR should be taken seriously as an enterprise risk.  However, less than one-third (31 percent) of companies believe they effectively assess human capital risk, and 24 percent believe they do an ineffective job.

During an economic crisis such as the one we have experienced, many companies lose sight of what really drives a business – people.  Understanding the risks associated with the primary business driver is certainly a no-brainer.

Waves of Reform Impacting ERM Efforts

As Enterprise Risk Management (“ERM”) has evolved as a discipline over the last decade, it has been largely shaped by waves of reform efforts resulting from corporate fraud in the early 2000’s to economic catastrophes and widespread corruption in the latter half of the decade. According to a recent article by Mary Driscoll in Business Finance Magazine (a partner publication of The ERM Current), a new wave of ERM change and focus is at hand. Through several sources, Mary offers her view of the most recent wave and the one on the horizon.

The third wave, which is proving just as significant, came in early 2010 in the form of SEC Rule 33-9089, which “mandates disclosure of risk oversight and risk reporting lines, risk assessment by business unit, and assessment of the risk associated with compensation plans,” explains Paul Walker, Associate Professor of Commerce at the University of Virginia and a leading academic in the field.

“Furthermore, the recent Dodd-Frank Wall Street Reform and Consumer Protection Act has raised the risk bar by mandating risk committees and risk experts on those committees. Add to this the fiduciary duty pressure on boards and the potential risk-related lawsuits, and you end up with risk getting attention at every level of the organization,” adds Walker.

Now consider this twist. According to an article by Deloitte Financial Advisory Services LLP’s Toby Bishop, “The Dodd-Frank Act has created a large financial incentive for whistle-blowing in companies across all industries.” An area of particular concern relates to violations of the Foreign Corrupt Practices Act, and that could mean higher potential liabilities for companies moving aggressively into emerging markets where local officials expect to trade access for cash.

What has your company done to prepare for the potential impacts of these waves?  If you would like to learn more about practical, cost-effective solutions, let us know by emailing us at