Risk management is not a subject that gives a product with clear price tag sold in the market such as life insurance, health insurance, general insurance, pensions etc. Such products have a clear price tag at which it is bought by the customers which see value and sold by insurance players. Such value in the product perceived by the customer in reducing their risk and therefore they pay price for this risk coverage. However, risk management on the other hand does not offer any products at which this could be purchased; what does risk management do to different stakeholders?
The customers of risk management are same players (insurance or any organizations) manufacturing products (and selling products in the market) helping giving them optimum value to their customer and shareholders. This is achieved through reducing volatility or uncertainty of outcome thereby helping organizations in adding value.
Behind these outputs of value addition, there are certain key principles of risk management which sets out clear description of what risk management activity should be in practice (Risk Management initiatives) and what it should achieve ( Risk Management delivery). These lay down very strong foundation on which the structure of risk management is built up.
The key risk management initiatives are:
- Proportional P : Risk management activities must be proportional to the level of risk faced by the Company.
- Aligned A : ERM activities should be aligned with other activities of the Company.
- Comprehensive C : Risk management approach should be comprehensive.
- Embedded E : Risk management activities should be embedded within the organizations.
- Dynamic D : Risk management activities must be dynamic and responsible to emerging and changing risk.
This provides the acronym PACED and provide a very good set of principles that forms a foundation of a successful approach to risk management within any organization.
On setting the foundation stone in a form of a principles, the delivery of risk management within any organization are:
- Compliance C
- Assurance A
- Risk Based decision D
- Efficient operation, Effective Processes and Efficacy of strategy E3
This provide the acronym of CADE3 and confirms that the output from the risk management will lead to less disruption to normal efficient operation, a reduction of uncertainty in relation to change and improved decision in relation to evaluation and selection of alternative strategies.
As resources available to manage the risks are finite so in order to get the optimum results, the risk management exercise should be prioritized.
Having set the clear principles and required output from risk management, all the risk management activities can be set around these two basic ingredients.
History
In the insurance sector risk transfer to reinsurance companies was always there where the excess of mortality, morbidity risks beyond insurance companies appetite used to be transferred in lieu of reinsurance premium paid by the ceding company to reinsurer. As a part of financial risk management in early 1970s, financial derivatives were developed by investment banks to manage the risk of exchange rate movement, commodity price, and interest rate and stock prices. As a part of general management, contingency planning and business continuity planning were used to be part of risk management. This has now been topped up with corporate governance to give the shape of enterprise risk management. Therefore,
Process of ERM
Corporate strategies are made to meet the business objectives of the enterprise and corporate strategies may have risks from various factors that might impact the activities, processes and resources chosen to implement the strategies. There are ranges of external and internal factors that can cause the outcome of a company’s activities that may depart from those set down in its corporate objectives.
Enterprise risk measurement
- Enterprise risk can be measured effectively in terms of an enterprise’s corporate objectives. The degree of risk is the extent to which the actual outcome differs from the activities of an enterprise or fails to meet the corporate objectives.
- Enterprise risk can also be measured through shareholder’s value where the objectives of the shareholder’s are aligned with that of corporate objectives is measured through how does the stock market views the volatility of income stream of the company is through how the stock price.
Risk management
- One way of managing the risk is through the choice of the corporate strategy. If senior management considers a particular strategy to be too risk, an alternate strategy may be worked out with lower risk profile. So enterprise risk management is top-down process.
- Also the choice of using the instrument to hedge the insurance or financial risk is also based on the corporate strategy.
- Many of the risks may not be insured or hedged, so they may have to be retained within the company to finance internally.
- Other way of hedging the risk is to purchase the insurance o financial derivatives.
- Legal mechanism can be used to hedge the risk.
- Divestment and outsourcing is another way of reducing the risk by which risk can be transferred to another party who is better equipped to manage the risk and also uses the economies of scale.
Decision on how much risk to transfer and how much to retain would depend of the scale of potential loss and would also depend of the ability and competency of in-house resources.
Author : Sonjai Kumar