Abstract
The Paper is intended as a means to understand the importance of’ Enterprise risk management’ during the period of financial crunch and market liquidity. The current financial crisis has had a far-reaching effect and the lessons learned will be embedded in risk management for years to come. In this paper, we study how Enterprise risk management (ERM) requires managers to analyze the portfolio of all risks facing the enterprise during the most difficult financial market situation and to ensure that those risks are within stakeholders’ appetite for risk. It discusses the approaches adopted by firms in regards to managing risks, While firms practising ERM is on the rise, little academic research exists about their readiness to respond to circumstances that they have not anticipated in the near future like a financial market turmoil, and in particular about the consequences of ERM on firms performance during market unrest. This seems to be true even the Conference Board has found that a large number of companies are now starting to use ERM, as a strategic management tool (The Conference Board, July 2005).The purpose of this study is to examine the long-term performance of companies practising ERM. The research seeks to find out the level of top management commitment in risk management activities of the firm and to evaluate the effectiveness of risk management practices during the time of market turbulence. Finally, it concludes with a perspective on the future and importance of Enterprise risk management for a firm.
Analysing/Addressing the Importance of Enterprise Risk Management Practices in Times of Financial Market Turbulence
1. Introduction
1.1 Introduction and Background:
The Term Risk is an inevitable component of the dynamics of Business today. The Treasury Board has defined risk as “the uncertainty that surrounds future events and outcomes”. It is the expression of the likelihood and impact of an event with the potential to influence an organization’s achievement of objectives” (TBS 2001). It is though not possible to “create a business that doesn’t take risks” (Boulton et al. 2000). Risk, therefore, is the probability that an event in the future, either good or bad, will occur. As uncertainty abounds in today’s global economy every organization is to some extent, in the business of risk management, no matter what its products or services are. According to the treasury (2006), in recent years all sectors of economy have focused on management of risk as the key to making organisations successful in delivering their objectives whilst protecting the interests of their stakeholders. (Treasury, 2006)
In the Context of Banking and finance ‘Risk’ has always been at the heart of banking transactions and to a degree banking can be defined as the business of managing and transforming risks. For a company ‘Risk’ designates any uncertainty that might trigger losses in the short or long term therefore risk managers constantly attempt to measure and control the risks within their companies. It is not possible to “create a business that doesn’t take risks,” according to Richard Boulton. “If you try, you will create a business that doesn’t make money.” (Boulton et al. 2000) Nearly all operational tasks and processes are now viewed through the prism of risk (Hunt 2001). Although the enormous growth and development in financial and electronic technologies, however, have enriched the palette of risk management techniques available to managers, offering an important new opportunity for increasing shareholder value amidst the global liquidity crisis surrounding all the major multinational companies around the World.
In the Current Business scenario, risk has to be managed by and throughout very large organisations. The report published by KPMG titled ‘Risk Management in banking beyond the credit crisis’ mentions that ‘The collapse of several high profile banks, the emergency bailout of others, departures of CEOs and CFOs, the hundreds of billions of dollars of write-downs, efforts by banks to raise fresh capital were all signs that something had gone very badly wrong’. (KPMG Publication) By now there is a widespread agreement on the proximate and fundamental causes of the current downturn. In this global and dynamic business environment where we have witnessed extraordinary developments in the US financial markets with the collapse of Lehmann Brothers and merger of Merrill lynch and Bank of America, with AIG being rescued by the US treasury (BOE Publication) marks the evolution of a deep downturn for the financial industry which has not only limited itself to the United States of America but has also had a domino effect on all the other major global economies around the world. In Europe and the UK we have witnessed, ‘Northern Rock’ debacle which was among the first casualties in the UK banking sector, and then there was a significant consolidation within the UK banking sector, with Santander purchasing Alliance & Leicester, Nationwide absorbing two smaller building societies, and most recently the merger of HBOS and Lloyds TSB. (Bank of England Publication)
The fundamental issue here is the lack of capital in the banking system due to bad debts and asset write-downs and the consequent inability or un-willingness by banks to lend. This contraction in credit availability is impacting the ability of consumers to buy houses and costly items and restricts the ability of companies to invest and in some cases fund working capital.
The Quarter, Semi and Annual Profit forecasts are being reduced or revised as economies contract, and even the earnings per share figures are being diluted in by some companies because of the need to raise fresh equity and to replace the funding gap as banks cut back on lending. Almost all funding across the sector is frozen and has made it a very difficult task for the management of the firm to raise capital except from the company shareholders for any operational expenses in the business. Therefore, the immediate outlook for consumer spending, which supposedly is the main driver of any developed economy is weak and therefore the economic growth is not predicted to be sufficient or rather more impressive in terms of the results expected by the company shareholders.
It has been an exceptionally difficult period for stock markets around the world as well specially due to the rapidly deteriorating economic background and the forced selling of stocks taking place by mutual funds and hedge funds which have suffered redemptions. But after a watchful study of the broader impact of the crisis in the credit markets which began over a year ago with the downturn in the US subprime housing market the epicentre has remained in the US, and it has already had a major impact on the structure of the entire banking and financial sector in the global economy.
Although most of the companies which had to face liquidation because of the crisis in financial markets either due to Sub-prime mortgage crisis or uncertain market conditions entered the turmoil in fairly sound financial state and generally with capital well above the requirements asked for by the regulatory bodies, however these events led many firms to absorb significant losses, and the prolonged disruption in the market liquidity stressed most firms’ liquidity and crisis.
The turmoil has affected all the financial institutes from the setting of interest rates to the scale, structure and complexity of market operations. The entire economy has had to face the consequences the financial meltdown. Most developed countries are now in recession and previously strong emerging economies such as India and China are slowing sharply as well because their exports have hampered due to weak demand of their products overseas which is a result of reluctance of the importing countries to import and spend amid difficult financial times.
The issue of ‘The credit crisis and bank failures’ have highlighted risk issues with executive compensation arrangements that incentivize management to take significant risk in order to achieve financial targets which would entitle management to obtain certain incentive compensation(Section 111, EESA 2008) and therefore the Emergency Economic Stabilization Act of 2008 requires financial institutions participating in certain programs providedunder the Act to review executive compensation arrangements and to limit those arrangements that encourage management to take “unnecessary and excessive risk” that could threaten the value of the institutions. (Section 111, EESA 2008)
Also when Interpreting and evaluating the growth in terms of the volume and complexity of financial market instruments over the past few years, with added contribution of a handful of notorious financial disasters arising from globalisation of businesses and international transactions has increased concerns over the risks introduced into the global marketplace. Therefore Enterprise risk management (ERM) is an important discipline that is gaining recognition, both as a governance best practice and as “just good management”.
“Enterprise risk management” is the identification and assessment of the collective risks that affect firm value, and the implementation of a firm-wide strategy to manage those risks. (Meulbroek, 2002)
As a business continually changes with the globalised business environment, so do the risks. Stakeholders increasingly want companies to identify and manage their business risks. More specifically, stakeholders want management to meet their earnings goals. Risk management can help them do so. Therefore this action asks for a measure in place to prevent any further reactions of this sort and hence one of the fundamentally best approaches to flight losses in the Business during these uncertain times is to practise risk management at the enterprise level.
Although it has been into existence for a considerable period of time, lately Enterprise risk management (ERM) has emerged as a widespread practice in financial institutions. This is due to the unavoidable nature of the risks associated with the credit, mortgage and the financial markets. In undertaking such a research, ERM uses the firm’s risk appetite to determine which risks should be accepted and which should be mitigated or avoided in the best interest of the organisation, shareholders and the economy as a whole. According to Susan Stalnecker, Vice President and Treasurer of DuPont, “Risk management is a strategic tool that can increase profitability and smooth earnings volatility.” In addition, recent reports by the ‘Financial Stability Forum (FSF)’ and the ‘Institute for International Finance (IIF)’ are now calling for closer scrutiny of the risk management process. (IIF, 2008)
This study is based on the assertion that, although risk management and controls are an integral part of a well established firm and the industry as a whole, they are not a substitute for adequate capital requirements. And the Implementation of Strong and effective risk management within firms promotes stability throughout the entire financial system which helps by protecting the firm against Market, Credit, Liquidity, Operational and Legal Risks within an Enterprise, and to protect the firm from suffering adversely from reputational risk as well.
While there has been a considerable increase in practitioner attention on ERM in recent number of years especially in the past two years, a little academic research exists about ERM and its influence on or after the Financial Crisis and in particular about the Effectiveness of ERM on the organisations performance and its potential significance to the organisation during any kind of market turbulence. As a general practice a large number of companies are now opening up to use ERM as a strategic management tool (Pagach, Donald. P, June 2008). This is a Strategic level activity among the Management of the Firm. Indeed, the goal of enterprise risk management is to maximize value by shaping the firm’s risk profile, shedding some risks, while retaining those that are worth some value they can deliver to the company and thereby managers can analyze and control various risks as a part of a unified or integrated, risk management policy.
1.2 Research Aims and Objectives:
The main aim of this research is to study the Importance of Enterprise Risk Management in Managing Financial Risk in an Organisation. It seeks to Analyse and understand its Importance and to evaluate its Implications on the overall Business Performance during the times of Financial Crunch and Market liquidity.
Research objectives:
- Reviewing a number of known risk management practices that may be associated with negative or positive performance to date with assessment of the key risk management practices that have affected a majority of the firm’s ability to weather the current market turbulence.
- Evaluate the efforts of Individual firms to address weaknesses in risk management practices that emerged during the period of market turmoil.
- Addressing deficiencies in senior management oversight in getting a better grip on the conditions that can expose a company (or the economy) to the risks associated with the current financial crisis.
- To identify emerging patterns in risk management that could be useful to companies in times of market dis-order and developing an enterprise-wide risk management system.
1.3 Research question
- Does the Management make visible commitment to the use of ERM?
- Are the business leaders aware of the risk mitigation policy for an active discussion on Progressive Business risks?
- Are the Risk Management practices adopted by the Senior Management in assessing the Enterprise Risks solid and dependable during the Period of Market turbulence and Whether Individual firms have an effective, formal risk assessment practice in place?
1.4 Significance of Study:
This Study is intended as a risk management primer for risk managers and the senior management. It highlights the importance of Enterprise Risk management practices in managing a company’s risk portfolio when the market is highly volatile. As Risk management is a rapidly developing discipline and there are many and varied views and descriptions of what risk management involves, how it should be conducted and what it is for. This paper provides a risk management framework for formulating and designing a risk management system for the firm. Talking about risks, the financial risk is an indisputable and inescapable element of any business venture in operation today. In addition to financial risk, a company is also susceptible to business risk or changes in the overall economic climate that can adversely affect the price of its stocks and securities. Hence, it is in the stakeholders’ best interest that risk be disclosed in a timely manner by the management who is responsible for such disclosures. The increased attention to risk management at the enterprise level can be linked to a number of policy decisions (Beasley, Clune and Hermanson, 2005). And therefore it has become a prerequisite for companies to prepare themselves from overcoming such eventualities.
The Very Importance of Enterprise risk management was made apparent with the deterioration in investor appetite during the summer of 2007 that led to broad and deep market distress in the financial markets, and because those and other innovative financially lucrative products were created during the prior period of more benign market conditions, banks and securities firms had not observed how such products would behave during a significant market downturn and therefore found their risk management practices tested to various degrees.
Presently, Enterprise risk management is a major concern not only for major financial institutions, which are usually subject to stricter regulations in terms of capital competence, but also for securities firms and broker-dealers, all in all it is the entire industry which is under close scrutiny of the financial regulators. ‘It is widely expected that rating agencies will assess Enterprise Risk Management as part of their rating process going forward’ (Standard & Poor’s, May 2008).
In the year 2003, the New York Stock Exchange amended its Corporate Governance Rules addressing risk management to require that audit committees discuss policies of risk management and assessment. In the commentary discussing the rule change it states that “The audit committee is not required to be the sole body responsible for risk assessment and management, but, as stated above, the committee must discuss guidelines and policies to govern the process by which risk assessment and management is undertaken” (NYSE, 2003).
In addition to that, ‘Standard and Poor’ has introduced Enterprise Risk Management analysis into its global corporate credit rating process beginning with the third quarter of 2008 (Standard and Poor’s, May 2008).
Also Studies suggest that risk management departments in financial institutions have been undergoing major transformations (Deloitte, 2007) and the Risk Management framework (2003) explicitly defines risk management as a high-level strategic activity, contributing to board-level decision making, planning, and performance management. Indeed, there is a growing perception that good risk management should be an integral part of running any type of business.
Steve Fowler, chief executive of the Institute of Risk Management said the local authorities were also looking more seriously at risk management after the Icelandic banking crisis, as some of them had substantial sums in now collapsed banks. He said: “The public sector is at- last beginning to discover this message and you’re starting to see much higher-level risk management positions being created” (Financial Times – Samantha Pearson)
A very obvious theme to highlight here is that all banking and financial institutions should seek ways to improve risk management practices, but that the methods to undertake risk management should depend on the size and sophistication of its core business values.
1.5 Brief Literature Review:
Risk�let’s get this straight up front�is good. The point of risk management isn’t to eliminate it; that would eliminate reward. The point is to manage it�that is, to choose where to place bets, and where to avoid betting altogether. (Thomas. A. Feb 7, 2000)
“Risk can be considered as a function of change, and Risk Management may thus be described as a technique for coping with the effect of change.” (Crockford 2005, P.5)
The Treasury Board has described risk management as “a systematic approach to setting the best course of action under uncertainty by identifying, understanding, acting on and communicating risk issues” (TBS 2001). The intent of risk management is to increase the benefits and decrease the costs for uncertain activities.
“Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives”. (Committee of Sponsoring Organizations of the Treadway Commission, 2004)
As per the Literature Enterprise Risk Management includes, aligning the entity’s risk appetite and strategies, enhancing the rigor of the entity’s risk-response decisions, reducing the frequency and severity of operational surprises and losses, identifying and managing multiple and cross-enterprise risks, proactively seizing on the opportunities presented to the entity, and improving the effectiveness of the entity’s capital deployment . (Federal Reserve Publication)
The financial services industry continues to evolve to meet the challenges posed by emerging technologies and business processes, new financial instruments, along with the growing scale and scope of financial institutions, and changing regulatory frameworks.
While, we are still in the midst of the crisis and there may be other shoes still left to drop, some general views are already emerging. There are many reasons why we are in a crisis, but inadequate risk management practices feature high as a contributory factor. (Prakash Shimpi, 2008)
John Hurrell, Airmic chief executive, said companies “are reinvigorating their risk management programmes and making sure they’re robust enough to survive the recession and also eliminate surprises. (Financial Times – Samantha Pearson)
A successful ERM process can help an organization meet many of these challenges by providing a framework for managers to explicitly consider how risk exposures are changing, determine the amount of risk they are willing to accept, and ensure they have the appropriate risk mitigants and controls in place to limit risk to targeted levels.
But this role requires the senior risk officers to possess an understanding of key strategic uncertainties and that they communicate these to senior management and the business lines.
In a survey conducted by ‘Towers Perrin in 2008′ they state that, 72 percent of respondents expressed concern about their own companies’ risk management practices and ability to meet their strategic plans’. (British Insurance Broker’s Association)
Although several tools like Institution-wide position reports, market sensitivity analysis and credit exposure reports, and to complex money-at-risk calculations and simulations are widely available to monitor investments. The risk manager must choose one or more methodologies to combine this data to provide meaningful measures of the risk. This implies that the new regulatory requirements have raised the bar on compliance and expanded the remit of risk management significantly during the period of financial crisis within organisations.
Regulators and industry observers call for the continuing appointment of executives who are exclusively devoted to the role of enterprise-wide risk oversight, particularly since it emerged that the first victim of the subprime credit debacle, Merrill Lynch, lacked a chief risk officer, and the second company, Citigroup, was immediately blamed for its ineffective risk oversight (American Banker, 2008).
Hence, the purpose of this paper is to analyse the importance of ERM during the period of financial turbulence and to establish whether firms Practicing ERM actually manage to achieve observable results consistent with the claimed benefits of ERM. Put another way, it seeks to establish whether ERM works at the time of financial crisis and to what extent does it mitigate the possible firm losses, thereby increases the firms value and performance overall. Also the study tries to explore the fact that, do firms’ adopting ERM improve financial performance relative to past performance and after controlling for the industry performance. The research question provides evidence on the view that ERM has value creating ability during difficult times for companies and thereby; captured in the following statement i.e. “There is clearly a heightened awareness of the need to manage risks more strategically in order to achieve expected shareholder value” (The Conference Board, July 2005). And the function of chief risk officers has been prolonged dramatically in the recent times preceding the current liquidity and credit crunch, with risk functions aspiring to play the twofold role of the compliance champion and the trade partners.
ERM practitioners need to take a necessarily broad and long view. The ERM frameworks,
Processes and dedicated risk analysis and quantification must be dynamic, recognising that
risks may also sometimes emerge from ambiguous threats as “Most of us are too specialized or focused and so accustomed to our own environment that we cannot break out of our current thinking patterns to think broadly about our risks,” and “It is usually the risk that ‘no one ever thought of’ that causes the most harm”.
The business decisions made should involve risk quantification which should most suitably be taken in a long term view as the profit forecasts and revenues tend to decline or become stagnant in the times of financial crisis and the concept of managing the financial risk decisions can better help to affiliate the amount of losses to an acceptable minimum which would help firms to sail through difficult times.
The Flow of Risk Management Process
Key Insights into Risk Management: The traditional risk practices consist of setting risk limits while ensuring that business remains profitable. While modern best practices consist of setting risk limits based on economic measures of risk, while ensuring the best risk-adjusted performances. In both cases, the goal remains to enhance the risk-return profile of transactions. Nevertheless, new best practices are more ‘risk-sensitive’ through quantification of risks.
The only key difference is the implementation of risk measures. Risks are invisible and intangible uncertainties, which might materialize into future losses, while earnings are a standard output of reporting systems complying with established accounting standards.
Risk management protects and adds value to the organisation and its stakeholders through supporting the organisation’s objectives by:
- Providing a systematic framework for an organisations future activity in a controlled and a consistent pattern.
- Improving decision making, planning and prioritisation by comprehensive and structured understanding of business activity, volatility and project opportunities and threats.
- Deriving a thorough plan for a more efficient use/allocation of capital and resources within the organisation.
- Reducing volatility in the non essential areas of the business thereby protecting and enhancing the company assets and its image.
� Developing and supporting people and the organisation’s knowledge base and Optimising operational efficiency during boom or bust (Source – Risk Management Standard)
1.6 Overview of remaining topics:
This report is a compilation of important study areas and they are used individually as a separate tool in order to achieve the research aims and objectives. The introduction chapter presents a discussion of the background and causes for the financial crisis and an introduction to the primary research topic of enterprise risk management. This builds a strong foundation for the discussion of the main research study. Following introduction on the research area the report builds up a defined set of the literature based on the various elements the study adopts, it emphasizes on presenting the latest literature by academics and financial expert professionals with regards to their professional experience and exposures on the study topic and with references from governing body published articles, journals and press releases. With active discussion and compilation of the literature review the report marks the need for further research and the methodology that should be adopted in order to successfully achieve the research goals and objectives. The methodology i.e. the layout or a structure which presumably is a very important component of a research report or a study undertaken is discussed. The basic purpose of this chapter is to discuss the research idea, to expound the research strategy including the research methodologies adopted and to introduce the research instruments developed and used in order to achieve the research goals. The use of both primary and secondary sources of research is intended to be used in order to accomplish the research outcome. Primary research is planned to be carried over by using a research questionnaire designed to explore the opinions and experiences of respondents. The results will be analysed and used to answer the research question, any shortcomings found will be highlighted with suggestions and recommendations for exploring further study areas. The study concludes with the recognition of the importance of the research topic during difficult times.
1.7 Summary and Conclusion
The practice of Risk Management at enterprise level is a major concern for all financial institutions around the world and it has gained relatively a lot of attention from practitioners in finance and related industry experts. The scope and impact of the risks identified need careful policies, processes and procedures in place to mitigate the organisation risks. The role of regulators regarding risk management is to seek an assembly of rules and requirements that may, at the lowest possible cost, effectively contribute to prevent an isolated failure or a crisis of small proportions from becoming a systematic problem threatening the market as a whole. The conclusion here is that, at some level, every entity that handles risks should be assessing what would happen if they ended up owning the risk that they thought they would only have temporarily. The Risk management characteristics highlight the benefits that a firm ideally derives from adopting and practicing risk management within the organisation.
Therefore, the research aims to address the growing importance of risk management in the upcoming chapters of this report, namely literature review, research methodology, discussion, research analysis, findings and conclusion.
2.0 Literature Review:
2.1 Introduction to Enterprise Risk Management:
Risk management has evolved from a narrow, insurance-based view to a holistic; all risk encompassing view, commonly termed Enterprise Risk Management (ERM) (Tufano, 1996 et.al).
It is a concept of increasing popularity emerged in the name of Enterprise-Wide Risk Management (EWRM). Such a new concept appears to be a new approach, which ensures that risks are being managed on an enterprise-wide basis with total integration of all activities within the entire company or organization (Lam, 2003).
The term “risk” includes any event or action that “will adversely affect an organization’s ability to achieve its business objectives and execute its strategies successfully.” (Economist Intelligence Unit, 1995)
“Risk can be considered as a function of change, and Risk Management may thus be described as a technique for coping with the effect of change.” (Crockford 2005, P.5)
The COSO Enterprise Risk Management framework (2004) explicitly defines risk management as a high-level strategic activity, contributing to board-level decision making, planning and performance management.
In the current economic environment the businesses are not free from the operational and market surprises and the impact of risks and uncertainties. Number of Incidents in the recent past has resulted in major financial breakdown for the most well known companies and the economy as a whole has suffered the effects of it.
Wholly, Enterprise Risk Management (ERM) builds upon traditional risk management with a different approach (Steinberg et al. 2004) as it does not assume that risks exist in isolated departments of an enterprise (Hoyt and Hall 2003).
In general, ERM proposes a holistic approach of how an enterprise risk portfolio is created and managed. Understanding this can enable organizations to better plan and manage IT adoption and implicate the systems in place to deal with it. It is also pre-emptive in that risks are proactively handled: rather than reacting to problems, risks are anticipated and managed before the problems occur (O’Donnell 2005).
Failure to implement such a holistic risk management policy can lead to a dramatic underestimation of the true risk position. This has been evident in the current financial market crisis. For successful risk management, it is essential to identify concentration risks and a systemic risk for which diversification in the portfolio does not work. (Financial times Internationalisation – risk or opportunity? – Torsten Jeworrek) ‘Enterprise Risk Management’ Continues to Command a great deal of attention in the financial services industry. Clearly, ERM aims to bring holistic, organization-wide and standardized risk management processes to financial institutions and provide them with an integrated view of the range of risks they face. The goal is to have consistent reporting of information across the enterprise, perhaps throughout the organization based on standardized information. (Global risk management survey – fifth edition, Deloitte)
Although there are many variations in the definition of ERM, the basic theme is that ERM is primarily as a way of measuring understanding and controlling the risks facing the firm. In some cases ERM is also viewed as a management tool that can identify profitable opportunities to enhance shareholder wealth. (Don Pagach and Richard Warr, 2008)
2.2 Introduction to Credit Crisis
Amongst the Business Community there is a few that would argue that, the socio-economic environment is not becoming increasingly turbulent. As both Drucker (1980) and Peters (1994) note, there is a very definite need for a different style of management in an increasingly chaotic business world (McClements and Smallman, 1998).
The planet, which we live in at present has changed radically. An obvious feature is the global business environment, which is ever changing with increasing complexity in its international business operations leading to the financial meltdown. The background and evolution of the crisis has indeed exhibited a number of features well-known from previous bank crises worldwide (Honohan, 2000)
When we consider the economic condition that the market is in currently we can accept the fact that there is a desperate need to adopt a very new and a different but widely accepted style of managing risks. Only a few forward looking organizations consider this approach practical, but there is evidence that it can be a useful and rewarding shift in strategy (H�pfl, 1994).
In the financial year 2008, we have seen the most severe banking crisis since the Great Depression. In the United States and most European countries, governments reacted by the part-nationalization and recapitalization of the banking system, promising an overhaul of the regulatory practices and management incentive structures that govern banks. In this environment, regulators, risk professionals and politicians have started to ask questions about the internal risk management practices of banks (Treasury Committee, 2007).
Therefore, very recently the function of calculating risk has emerged as the newest “low latency” financial application on Wall Street. With good reason, in today’s volatile markets, measuring risk in near-time is simply not fast enough. The firms of tomorrow will need to invest vast sums in the technologies that help them manage ever-sophisticated risk management requirements. (Larry Tabb, 2007)
It is rather important to note that the underlying concept of EWRM is to enhance shareholders/stakeholders value and this relates to each type of organization whether profit, non profit, or government agency, provides value for its stakeholders (COSO, 2003). Despite the widespread adoption of enterprise risk management (ERM) in the financial services industry, over the 2007-2008 reporting years, banks suffered hundreds of billions of dollars of losses stemming from risks that few executives had understood (Treasury Committee, 2007a, 2007b).
As a professional group, risk managers need to accommodate the demands of various stakeholder groups: regulators, corporate executives, shareholders, debt holders and the general public. The Risk Management styles/approach can be either Reactive or Proactive depending upon the Market situational factors. (Hood, 1996, pp. 211-4)
Survey findings by Towers Perrin (2008) found that, when asked to lay blame for the current financial crisis, 62 percent of the cross-industry survey respondents pointed to poor or lax risk management at financial institutions as the single greatest contributor.
2.3 Importance of Risk Management to a Firm:
Under the shock of the first subprime-related loss disclosures, many industry observers debated the question: ‘where were the risk managers?’ (Bookstaber, 2007)
In the globalised business environment with competition at par most companies are trying to outperform each other for market supremacy and with the rise of risk management as a distinct discipline in banking and finance, studying its importance during market turmoil has recently become an area of study.
This area of study has its own significance to the organisation and its benefits and costs are subject to debate, (Beasley, Pagach and Warr, 2007) as it includes investment in training and development and incorporating it into the organisational culture of the company. Although adopting and practicing enterprise risk management into the organisation culture costs the company into its training and development efforts it should be viewed as an investment rather than an expense as in the long term view it is still beneficial as it adds value to the organisations efforts.
Proponents argue that ERM benefits firms by decreasing earnings and stock-price volatility, reducing external capital costs, increasing capital efficiency, and creating synergies between different risk management activities (Miccolis and Shah, 2000; Cumming and Hirtle, 2001; Lam, 2001; Meulbroek, 2002).
Although recent work by Nocco and Stultz (2006) argues, that ERM is beneficial to most firms because it allows them to manage risks in a manner that avoids costly left tale outcomes (Lin 2007). Stulz (1996, 2003), Nocco, and Stultz (2006) then present arguments under which risk management activities could be value increasing for shareholders when agency costs and market imperfections interfere with the operation of perfect capital markets.
To a business unit the scope of risk covers all activities, be that any internal or external, that may prevent itself from achieving its objectives. Adding the word management to integrated, business, or enterprise-wide risk implies a “structured and disciplined approach” that “aligns strategy, processes, people, technology and knowledge with the purpose of evaluating and managing the uncertainties the enterprise faces as it creates value.” (James W. DeLoach, 2000) Hence, the goal of an enterprise-wide risk management initiative is to create, protect, and enhance shareholder value by managing the uncertainties that either could negatively or positively influence achievement of the organization’s objectives.
‘The borderless world had undoubtedly facilitated the innovative process of international networking and business ventures. But, such a breakthrough does come at a price. Risks are becoming more sophisticated than ever before and this calls for new approaches and methodologies including Risk Management tools and technologies in managing a global business world which is full of surprises (Hussin, 1996)’.
More than half of Britain’s top companies are looking to strengthen their risk management teams as deepening economic crisis forces directors to question ill fated investments and prepare for new uncertainties. (Financial Times Publication – Samantha Pearson)
‘Jay Keyworth, chairman of the Progress and Freedom Foundation and a member of Hewlett-Packard’s board’ has stated that the most important lesson of the last few years is that board members can no longer claim impunity from a lack of knowledge about business risk.
In the wake of a new regulatory era and recent market strains in financial services, senior risk officers are under pressure to demonstrate how they are realizing the risk oversight potential of their function.
Tower Group analyst Rodney Nelsestuen agrees. “Enterprise risk management has taken on new importance as stockholders, board of directors and regulators demand better, more timely analysis of risk and a deeper understanding of how the institution is impacted by the dynamic risk environment of a global financial community.”(Tower Group 2008)
As no professional realm can operate indefinitely if it clashes with the requirements of stakeholders (Gardner et al., 2001)
2.4 Effectiveness of risk management during credit crisis –
Enterprise risk management will have its greatest effect on earnings by reducing their variability through controls on the risk of cost centers and revenue sources. ERM provides the potential benefit of reducing the direct and indirect costs associated with financial distress. (Liebenberg and Hoyt, (2003)
Stulz (1996, 2003) argues that risk management can be value creating if it is able to reduce the likelihood of these negative earnings shocks and in turn, help the firm avoid the direct and indirect costs associated with financial distress.
In actuality, the fallout from unforeseen events tends to affect multiple business areas and the
Interrelationships between risks under the categories of operational, financial and technical risk have been overlooked, often with adverse outcomes.
Therefore, the ultimate goal of risk management is to facilitate a consistent implementation of both risks and business policies.
Page and Spira (2004a) highlighted the use of a “bottom up” approach to risk management, requiring preliminary assessments to be performed by junior “risk identification” teams with follow up “risk evaluation” by more senior teams.
Two groups have recently emphasized the importance of risk management at an organization’s highest levels. In October 1999, the National Association of Corporate Directors released its Report of the Blue Ribbon Commission on Audit Committees, which recommends that audit committees “define and use timely, focused information that is responsive to important performance measures and to the key risks they oversee.” (NACD) Pattie Dunn, vice chairman of Barclays Global Investors and a member of the board of Hewlett-Packard, says:
I think what Boards tend to miss and what management tends to overlook is the need to address risk holistically. They overlook the areas that connect the dots because risk is defined so “atomistically” and we don’t have the perspective and the instrument panel that allows us to see risk in a 360 degree way. (McCarthy and Flynn 2004)
Although risk is generally considered to be the possibility of outcomes that deviate from what was expected, it is primarily negative outcomes that are of most concern to firms.
Consistent with this view of ERM, Standard and Poor’s states that evaluations of firms’ enterprise risk management structures will focus on ensuring that firms are addressing all of their risks, setting proper expectations about which risks are and are not taken and setting methods that ensures that firms’ avoid losses outside tolerance levels. (Standard and Poor’s Ratings Direct, 2008)
With the current credit crisis triggering more than $400 billion (IIF July 2008) in asset write-downs among the financial services industry, enterprise risk management (ERM) programs and components are in high-demand now more than ever to help institutions aggregate risk and treat it holistically. The solution is for board members to learn of the potential for adverse events and be sufficiently aware of the sources of risk within the area of business that they are operating in, to be afforded the opportunity to take pre-emptive action (McCarthy and Flynn 2004).
Risk management industry commentators observe that risk functions are often set up or start a second life in the face of failures, scandals and disasters, when management says: ‘Never again’ (Risk Management, September 2007).
Improved risk management has come into greater focus as a result of the market turmoil. Many of the currently employed risk management measures such as value at risk (VaR) or stress testing is backward looking in nature and lack the ability to take in current data or views about the future. For example, in Asset Back Securities (ABS) and CDOs, one of the key shortcomings made in analyzing the risks in these products was that the underlying mortgage securities were more diversified than they turned out to be. We can now see that the mortgage securities were highly correlated and how sensitive they were to the decline in home prices. That information was not reflected in stress testing. (Report – KPMG)
Stulz (1996, 2003) argues that any potential value creation role for risk management is in the reduction or elimination of “costly lower-tail outcomes.” Lower tail outcomes are primarily negative earnings and cash flow shocks and can have both direct and indirect costs. Direct costs are incurred in events such as bankruptcy and financial distress when the firm must make outlays to creditors, lawyers and courts. Indirect costs of associated with negative earnings and cash flow shocks, include the loss of reputation that may affect customer and vendor relationships. Either ways it affects the overall end results of the company.
Federal Reserve Chairman Ben Bernanke recently said in a speech, “No model regardless of the sophistication can capture all the risk that an institution might face. Those institutions faring better during the recent market turmoil generally placed relatively more emphasis on validation, independent review, and other controls for models and similar quantitative techniques. They also continually refined their models and applied a healthy dose of scepticism to model output.”
‘Standard and Poor’s also states that ERM is not a process to ensure that a firm eliminates all risks or a guarantee that losses will be avoided or a replacement for internal controls’. ERM analysis by Standard and Poor’s will be incorporated into regular credit reviews and will be part of the analysis of risk management culture, which will also include governance, accounting policies, issues and derivatives.
According to a global survey of 316 financial services executives, over 70 percent of respondents believed that the losses stemming from the credit crisis were largely due to failures to address risk management issues. (Reuters, Sept 2008)
The Association of Insurance and Risk Managers (Airmic) said that in a private survey of its 450 corporate members, which included most FTSE 100 companies, 59 per cent had said that their level of interest in enterprise risk management had increased over the past two years. (Financial Times – Recession forces risk management rethink, Samantha Pearson)
Recruitment agencies are also expecting a huge rise in demand for risk managers. GRS, a consultancy, predicts that by the end of 2009, half of financial services companies will have a risk professional on the board compared with only 12 per cent last July. Overall, GRS estimates UK financial risk roles will increase by 1,000 to 4,000 over the next 18 months. (Financial Times – Samantha Pearson)
In a survey conducted by Towers Perrin ’42 percent of the respondents also predicted greater involvement in risk management policies on the part of boards of directors as well as increased employee-level involvement’. (Towers Perrin 2008)
Therefore, with the help of this paper, we can examine whether Practicing ERM on an Enterprise-wide basis has a material change on a range of observable financial measures. We fully recognize that ERM may be working very effectively, but observable financial measures are unaffected. This unobservability could be a result of ERM working properly and mitigating problems such that the firm’s performance is better than if it had not used ERM. We may not observe a direct reduction in risk, through smoother earnings; we might expect changes in capital structure, profitability and asset composition, consistent with the firm being more confident in its management of business risks.
Discussion
Risk Management Framework with varied business practices and techniques.
Learning’s from the Literature review and the recent market events that has eventually traumatized the whole financial sector we have learned that, In the recent past many firms were more vulnerable to a prolonged disruption in the market liquidity than they had expected when the crisis begun in the second half of 2007, but apparently now every business is staggered by the nature, length, scope and impact of the market disruption that has forced them to fund exposures that they had not anticipated into their contingency planning. Nevertheless all firms were able to measure and arrange adequate liquidity to fund their operations; in many cases they were bailed out by national authorities and in certain cases they had to bring in additional assets onto their balance sheets that were not likely to be funded and therefore firms saw facing higher funding costs. Firms were neither universally effective nor ineffective across all relevant dimensions of performing business and managing risks.
A set of actions and decisions taken can differentiate a firm’s performance during such periods of market inefficiency or turmoil that we have experienced for the financial year ending March 2008 and which is still going on for most of 2009. Every firm should make it clear that the senior management i.e. the CEO is responsible for Risk Management and also should establish the board’s essential oversight role in risk management. Notably some firms recognized the emerging additional risks and they took deliberate actions to limit or mitigate them in effect to escape from the crisis or to cover against large scale serious losses, while some others did recognize the risks but accepted them in anticipation that they had a strong Risk Management practice in place, and some did not fully recognize the risks in time to mitigate them adequately.
Therefore the approaches that were adopted were quite different across the business lines, and firms that dealt better with the ongoing market turmoil had a more comprehensive view of their exposures. They used the information developed across the firm to adjust their business strategy, risk management practices, and exposures promptly and proactively in response to changing market conditions. Thus with the background information of the market performance and the strategies adopted by firms to ensure their capital positions are stable, we look at a feature of highly effective risk management practices that would help firms to deal with the crisis more comprehensively in the future.
1. Effective identification and analysis of business exposures and risks
Effective risk management requires a perfect synchronization of the quantitative and qualitative information, so as to identify the potential risks that come ahead in the way and to draw a way out of it with captivating minimum losses or exposures to risks. And the way in which the companies share and communicate the quantitative information in terms of the financial reporting is considered to be very critical and it influences the way in which it delivers value to its shareholders. Therefore the implementation of sound quantitative risk models is always a vital concern for all financial institutions.
Fundamentally the positives for Banks who performed well as compared to others during the recent market turmoil are that they have a stronger internal risk culture. The better the culture of sharing risk information across departments and business line risk owners, the chief risk officers, the chief executive and other senior management, the better it is to recognise the scale and exposure of risk in order to draw business wide plans to deal with those risks and to execute those plans in good time.
There should be a robust risk culture that should be embedded in the way the firm operates across the board, with accountability for risk management being a priority and it is essential to ensure that risks are identified and evaluated in a timely manner in order to enable informed risk management actions to be taken or opportunities to be seized.
Thus after carefully analysing the drift that has accelerated in recent years with regards to financial turmoil and the regulatory bodies gearing with their reporting processes which asks for a continuous response and the need for reporting any financial or firm wide risk, the way or the method of sharing the quantitative information across the organisation is crucial in determining the extent to which they can mitigate or avoid the risks they face in business.
Risk Managers must conduct a quantitative risk analysis to access the profitability of achieving specific project objectives, and to prioritize the risks based on the significance of the overall project risk. The output of Quantitative Risk Management provides information for handling a project’s most threatening risks and promising opportunities.
So a probabilistic analysis assists the risk manager with estimating contingency reserves to ensure stakeholder comfort. Therefore a sensible implication of Quantitative Risk Management helps to assess the probability of meeting time and cost objectives. Prioritizing high-threat risks allows one to respond proactively before the iceberg has hit. Also monitoring trends enables the day to day management to adjust risk management activities over time.
With regards to the analysis of Qualitative risks, it assesses the impact and likelihood of identified risks in a quick and cost effective manner. When considering the priority of such risks, close attention must be paid towards its scope, schedule, quality and its impact on the balance sheet of the firm. Risk management functions and its pre set protocols pave a foundation for a more detailed and focused approach towards managing risk in the business. The firms that performed well during the much known and genuinely disastrous financial crunch shared their quantitative and qualitative information more effectively across all forms of their operations.
Thus in order to obtain high level of operational excellence it is necessary to identify the sources of risks so as to evaluate the magnitude of those risks and to implement plans to reduce exposures while it is still practical and not prohibitively expensive. It mandates that the top management should develop an aggressive plan to reduce those risks and not rely on the hope that business lines would make decisions individually that would benefit the firm’s exposures collectively.
On the other hand firms that experienced greater difficulties during the credit crisis had a more apparent picture of the management’s incapability in providing proactive and prompt discussions on the firms risk in the light of the continuously evolving market conditions with respect to stock price volatility and or industry and policy decisions towards the crisis. This would effectively lead firms to make important decisions like Business growth and expansion in complete isolation and thereby would increase rather than mitigate the exposure to risks. Therefore avoiding the aforesaid mistakes and enabling the smooth functioning of the risk identification practices within firms would bring a greater control and or shield the risks that the firm is exposed to, to a large extent.
2. A steady application of independent and rigorous valuation practices across the firm
The established way in which the business process functions should inculcate a set of rigorous valuation practices that would enhance the fair valuation of the firms’ assets as we have already witnessed potential weaknesses in valuation practices and disclosures, and, the difficulties associated with fair valuation in circumstances in which the markets become unavailable which has become more apparent from the recent turmoil. Therefore the management should establish a set of rigorous internal processes requiring critical judgement and discipline in the valuation of holdings of complex or potentially illiquid securities.
As a general practice they should develop an in-house expertise to conduct independent assessments of the credit quality of assets to enable them to value their exposures appropriately. Consequently they should use those values consistently across the firm, and subsequently they can also test their valuation estimates by selling a small percentage of their relevant assets to observe a price as this would effectively convey any disputes that might arise in valuation or accuracy of their valuations of the same or similar other portfolio assets. If the senior management does not actively encourage sufficient discipline over valuation process, they would tend to rely too passively on the external views of credit risks by the rating agencies and pricing services to determine the values for their exposures. Therefore there must be a steady application of strict valuation practices across the firm.
3. Effective Management of Funding, Liquidity, capital and the Balance sheet
The very significance of successful management of any business is to effectively manage all the functions of that business. The importance of maintaining a firm-wide perspective is also evident in differences in the enforcement of more dynamic controls over the consolidated organizations balance sheet, liquidity and capital positions.
In order for the firms to avoid more significant problems throughout the period of turmoil they should align their treasury functions more closely with the firms risk management processes and incorporate information from all the businesses in global liquidity planning, including actual and contingent liquidity risk.
There is a need to create internal pricing mechanisms that would enable individual business lines to control activities that might otherwise lead to significant balance sheet growth or unexpected reductions in capital. In particular they should charge business lines appropriately for building contingent liquidity exposures to reflect the cost of obtaining liquidity in a more difficult market environment. Better performing firms always better manage their contingent liquidity needs.
When implementing their business plans firms should exhibit greater discipline in adhering to limits in the face of changing market conditions. The firms that have experienced greater problems during the past one year tended to have weaker controls over their potential balance sheet growth and liquidity and a mismatch of alignment with the risk management process. Some firms base their funding on the basis of incomplete information and did not consider properly the risk of certain exposures thereby failing to create incentives for business lines to manage such potential scenarios prudently.
4. Instructive and reactive risk measurement and management reporting and practices
The firms should implement a thorough plan of action to measure and manage risk across all the channels of its operation.
Because firms are reluctant to exhibit the high levels of volatility in their profits which can be very unsettling for shareholders, and a sustained period of significant losses can threaten the commercial viability of the organisation. So there should be a defined set of practices that would enable a risk manager to measure the type of risk and its severity in order to comprehensively deal with it.
They must have their management information systems in place to assess their risk positions against any correlated risk that increases the exposures for the firm. The management must focus on undertaking a more adaptive risk measurement process that would enable them to rapidly alter the underlying assumptions in risk measures and hence reflect their strategy to suit the current market circumstances.
Subsequently they can take corrective actions and could customize forward-looking scenario analyses to incorporate management’s best sense of changing market conditions. Managers must be prepared to concentrate on a wide range of measures of risk in order to gather more information and different perspectives on the same exposures. The Integration of Quantitative and Qualitative analysis provides a high level of insight and consistent communication to the management about evolving conditions, enabling the firm to pursue opportunities as they emerge and, more importantly, to reduce exposures when risks outweigh expected rewards.
Conclusion: Failure to appreciate risk exposures at the firm wide level can be costly, for example during the recent episode; the senior managers of some firms did not fully appreciate the extent of their firms’ exposure to U.S. subprime mortgages. They did not realize that, in addition to the subprime mortgages on their books, they had exposures through the mortgage holdings of off-balance-sheet vehicles, through claims on counterparties exposed to subprime, and through certain complex securities. It was apparent that, at some firms, business lines did not share vital information relevant to risk positions and business tactics, with adverse implications for profitability.
It is emphasized that the Risk Management framework and policies is considered necessary for any company that is engaged in Risk Management activities. The framework would provide the necessary guidelines for the management to follow. Furthermore, the framework and guideline make it easier for the management to communicate all necessary risk management insights to other parties in the company. Therefore, it is important to continuously update and monitor the risk assessment framework.
3. Research Methodology
3.1 Research Foundation:
This Chapter demonstrates the Primary framework used for conducting this research. It is the overall approach to studying the topic and includes or highlights the issues that need a thought. It is a sketch of the research to be conducted which is conceived of, in terms of the research idea subscribed to, the research strategy employed and the research instruments utilised, in pursuit of achieving the research goal, the research objectives set and the quest for the solution of a problem i.e. the research question. The Research Question is outlined in chapter 1 of this study. The basic purpose of this chapter is to discuss the research idea, to expound the research strategy including the research methodologies adopted and to introduce the research instruments developed and used in order to achieve the research goals. It is just a philosophy or the general principle which will guide this entire research.
The research Idea is a belief about the way in which data about a particular phenomenon should be gathered, analysed and used for research purposes. It is essentially my motivation for conducting the research. The motivation behind this research is derived from my interest in this topic of risk management and the current issue of credit and global financial crisis; hence with my literature search skills, organisation skills and time management expertise it will help me adopt a methodology best suited for this research. This research encompasses the use of qualitative and quantitative techniques in order to collect data for the research. Although it has been observed (Benbasat et al. 1987) that no single research methodology is intrinsically better than any other methodology, many authors call for a combination of research methods in order to improve the quality of research (e.g. Kaplan and Duchon,1988). Academic researchers highly recommend that a methodology best suited to the problem under consideration as well as objectives of the researcher must be used for the research. The main and the only concern is that the research undertaken should be relevant to the research question under consideration.
This Research study seeks to explore and understand the conceptual and practical implications of the Enduring Importance of Enterprise Risk Management for companies during financial downturn. The research is not intended to deduce from the case studies a uniform framework for risk management. If anything, the research indicates that when it comes to risk management, one model does not fit all companies. This research aims to provide an insight into the way in which companies measure the Importance of Enterprise risk management and eventualities like Credit and market liquidity crunch, and are there any associations of the risk management practices on future firm performance. Research experiments, if conducted precisely can enable a better understanding of the relationship between a causal hypothesis and a particular phenomenon of theoretical or practical interest. One of the biggest challenges is deciding which research methodology to use. “Research that tests the adequacy of research methods does not prove which technique is better; it simply provides evidence relating to the potential strengths and limitations of each approach.” (Howard, 1985)
3.2 Research Strategies:
There are a number of ways in which a research methodology can be designed or structured to achieve the research goal, but the process of selecting the best suitable method seems to be the most important decision in a research undertaken. Instances where the research is undertaken for a particular segment like Liquidity risk management, or Credit Risk Management which involves measuring and assessing risks in targeted financial institutions and industries the VAR (Value at Risk) approach is most widely acknowledged and is used as a standard for measuring and quantifying risks. But all risk management implementations require a degree of compromise, regardless of the methodology adopted. These compromises range from convenient assumptions about return distributions, through coping with incomplete data, to approximations when modelling the return of an asset. But for this study we analyse which of the two i.e. quantitative or qualitative methods is best suited to our research needs.
3.2.1 Qualitative and Quantitative Methods
3.2.1(a) Qualitative research: is mostly explanatory in nature, involving small number of respondents (Rusli and Ali, 2003).This type of research is used when there is concern of understanding how things happen and how they are related rather than only measuring the relationship between variables. Consequently the qualitative methodology can provide the investigator with meaningful insights by delivering more deeply and examine the intangible aspects of complex issues of the process (Rusli and Noor Azman, 2003). It intends to explore the attitudes, behaviour and experiences of the respondents through the use of methods such as Interviews or focus groups, which supposedly is an attempt to get in-depth opinion from participants. With regards to the research topic which is Risk Management and the profile of the target respondents within financial sector companies or companies in other sector but the main focus being their financial unit because of the attitudes, behaviour and experiences that we are looking for and considering what the market has bought to their attention in the past one year, fewer people tend to participate or show interest in participating mainly because they are not allowed or restricted by the ‘ company policy’ or ‘No time’ to participate in any form of research and that makes it very difficult to find and persuade the respondents to be a part of the academic research.
3.2.1(b) Quantitative research: Data in quantitative research are obtained from samples and observation seeking for relationship and patterns than can be expressed in numbers than words (Johansson and sparredal, 2005). It generates information through the use of large scale survey research. Survey method that this research tends to see as a possibility is a structured questionnaire. The reason being it is at the respondents own convenience he/she can fill in the survey, it can be either e-mailed or send by post to his/her office or residence address and it helps us to reach many more people and thereby increase the chance to get to the target level of completes, hence the contact with respondents is much quicker and the concern of ‘strike rate’ i.e. the number of respondents actually participating and completing the research questionnaire is also taken care of as for this research the strike rate is estimated to be a ‘two completes out of ten invites sent’. Methods like surveys enable to obtain data about practices, situations or views at one point in time through questionnaires. Quantitative analytical techniques used to draw inferences from this data regarding existing relationships. The use of a Questionnaire form of a research permits the researcher to study more variables at one time than is typically possible in other forms and the data can be collected about real world environments or experiences. So depending upon the set research aims and objectives the research strategy be carefully selected and be accordingly adopted.
3.3 Research Design/Instrument:
The Research design is an invaluable part of the research methodology as it helps us guide the research process. This Research is a designed and a co-ordinated attempt to use resources from the Primary Data, which will be collected from a research questionnaire. It is designed to give a more focused understanding on the research topic. The use of secondary resources which was reviewed and studied was in the form of published research journals on risk management from credible reference journal sites like Emerald Insight, Financial Times Express (FT-Xpress), Basel Committee Reports, Business white papers like Senior Supervisors Group, and newspaper, magazines and Year end Published financial reports for data that was available to interpret in a desired form. The Credible Published Reports by KPMG Titled ‘ Beyond the Credit Crisis : Impact and Lessons Learnt for Investment Managers’ , and a report by Ernst & Young Titled ‘ Business Risk Report -The top 10 risks for Global Business’ were studied before doing the actual empirical research. As the primary objective of the study is to examine and analyse the changes in financial characteristics around the firm’s approach of practising Enterprise Risk Management during the period of Market Turbulence, firms usually do not publicly announce their Risk Management Practice that they usually follow. They tend to disclose only minimal details of their risk management programs, (Tufano, 1996). Here the secondary data or method has certain limitations in helping us find the outcome and survey reports can just help us guide towards the possible outcome, Hence, the Primary data which is very important for this study will be collected from a research questionnaire that is being designed in such a way that it explores the views of financial market professionals and provides an imperative view from them on the Risk Policy that they either practice or think is important or have in place for dealing with such market eventualities.
3.3.1 Questionnaire: The Questionnaire is the first step to obtain and gather information to analyze and compare different Risk management practices. The research instrument in the form of a structured questionnaire was sent to respondents either as an Email invite or by post for participation after taking their prior consent to participate in the research so that the responses are prompt and timely. Based on the literature and references from reports and observations of the current market condition, the research anticipates answering the most productive research question. The questionnaire was developed with reference taken prominent survey analytics like ‘SAS’ and ‘KPMG’
Prospective respondents for this research are classified, as financial experts working in as senior finance, fund accountants, strategy analyst’s, management accountants and risk management professionals (see Appendix 1 for a list of the interviews). The other source of data collection is a direct observation of the market and its behaviour to changing market conditions. As we can appreciate that the asset portfolio of the firms exposed to levels that they had never expected, hence this research observes the ways in which firms are prioritising their efforts to shield its portfolio of assets in order to minimise losses from the crisis. Within the boundaries of confidentiality, some companies did provide historical and other source documents, such as annual reports, presentations and internal reports, which constitute an additional supply of data for this research. The research results may display some biased answers because the research aims to explore the importance of Risk management practices during the period of financial turmoil and as, business managers and we academics have already witnessed the great deficiencies in the way firms weigh their risk management practices. The questionnaire designed to gain a broad perspective. Eventually during evaluation of responses, I intend to take greater care to not displaying biased responses, as it would defy the purpose of this research. What I expect to discover from this research is ‘The attribute that weighs heavy in terms of applied practices during difficult times and the most effective tool – An Effective Enterprise Risk Management Practice’.
Summary and Conclusion:
On the basis of the research question under consideration and the research objectives to be achieved the report makes an attempt to undertake the research in such a way that will most positively bring the desired results with the help of the techniques available to use and conduct this research. After identifying the survey method as the most beneficial method to carry out a primary research with the help of a questionnaire, we hereby follow the analysis of the data gathered from the research methodology used.
Analysis of Data
Introduction
The Increasing enthusiasm and density of the modern global economy has put Enterprise Risk Management on high agenda of many companies. For this research we used a Questionnaire form asking financial executives for their opinions on Risk Management in the current business environment. Following the Survey Questionnaire that was sent to respondents via Email and the responses received from them on the same, the report hereby makes an attempt to present the findings with the help of charts and Pie diagrams and active discussions on the findings. The research findings are based on the number of complete responses received which was 15 completes of the approximate 70 Email Invites sent for their participation. The strike rate/ success rate of this research strategy and the tool used in the form of a questionnaire is 21%. The Survey findings are summarised below along with a graphical representation of data gathered.
Section One
Section one includes a set of few profiling questions that would help us to classify the Survey respondents amongst a group of respondents. The Classification is based on the Industry type and the total annual turnover of the organisation sites across all the locations worldwide. Respondents are classified under their basic job functions which are risk management within further disciplines namely group risk, market risk, credit risk and operation risk. Respondents represented finance operations, fund management, audit job functions, change management and Technology strategist.
Section Two
Q.1. In your opinion, how much, if any, have recent events including the Collapse of Lehman Brothers, Merrill Lynch, Northern Rock and Madoff Scandal changed your company’s financial prospects over the next 12 months?
On their opinions on the most recent market turbulence, when asked how well did the recent events change their company’s financial prospects over the next 12 months? 50 %( 5/10*100) of the respondents replied with a extremely well reply and 20 % (2/10*100) replied with very well response. So if we add the responses that said either extremely well or very well it is 70 % of the respondents saying these recent events have had some impact on their financial prospects over the next 12 months. 30% replied with neither good nor bad, means that they perceive these events are not going to make any changes to their financial prospects over the next 12 months, with no response on very or extremely poor that is they are pretty sure that their company’s financial prospect is likely to be affected as a result of any of the above mentioned events.
Q.2. Have these recent events made you more or less concerned about which of the following issues at your company?
All the respondents expressed their concerns on these recent events depending upon their level of priority to those factors. When asked to highlight two most important issues the most common issue was the ability to access short and long term financing i.e. 70 % (7/10*100) and that was followed by risk management with 40 % (4/10*100). The third most important factor or concern was long term viability of firms operations or outsourcing strategy and employee layoff processes which means companies being compelled to lay off staff because of budgetary constraints. A number of respondents expressed their concerns about their own firm’s risk management practices and the ability to meet strategic plans. This suggests that business executives regardless of the industry perceive a need to invest in risk identification, measurement and management procedures.
3. Which of the following contributed to the current financial crisis in your opinion?
When asked for the major cause of the financial crisis, the response from finance executives was quite predictable as they themselves were also a part of the whole drama. The respondents rated highest for risk management practices at banks and other financial institutions with 40 % (4/10*100) and Complexity of financial instruments being rated at 30 % (3/10*100). The rest of the responses were even for financial market speculators and irresponsible homebuyers together contributing 30 % (3/10*100). Half of the total number of respondents state that they saw a more comprehensive involvement of the board of directors in implementing risk management practices in the recent past. Moreover, some rated good points on the employee level engagement to abide by the risk management practices in the firm. In addition, around 20% of the respondents expressed their concerns on access to short -term capital.
About half of the total responses received from the survey reveal that the finance executives account poor risk management as a major contributor to the Global financial crisis. Rest had common views on issues like complex financial instruments and financial market speculators.
Section Three
Q.1. Which of the Following Best Describes the Risk Management Strategy in your Organisation?
In this section when asked to respond on the risk management with in their organisation the following responses were received. Of all the responses received surprisingly no company answered that they do not have any form of risk management strategy. Of the responses 50 % (5/10*100) state that they have a well formulated and communicated strategy in place and 30 % (3/10*100) responses state that they have policies in place but they are not supported or is committed by the top management, whereas 20 % (3/15*100) of the responses state that they weren’t sure of the level of strategy in place.
Q.2. which of the following Regulatory authorities for Risk Management are you aware of?
With Regards to Compliance priorities the respondent’s awareness of the regulatory authorities for risk management was as follows, 70 % (7/10*100) respondents know well about Basel II and consider it as a number one priority, and 60 % respondents are aware about Sarbanes – Oxley (SOX) (6/10*100) and consider it as a number two priority for compliance purposes.
Q.3. Does your Organisation have written or otherwise formalized policies and procedures that set forth a system for the management of risks?
Firms with a formalized and written procedures and policies for the management of risks were rated as 40 % -Yes and 60 % as No. Among the number of respondents who replied as yes, the goals of the system include constant monitoring of various organisations risks that would enable smooth earnings for firms. Among the firms that do have formal policies, some of the stated goals are as follows:
Follow Conservative funding and cash management strategies, which ensure adequate liquidity under extreme adverse market conditions and maintain a highly liquid balance sheet and significant cash equivalents to ensure immediate funding availability.
Q.4. Is this system reviewed on a regular basis?
On asking whether the system is reviewed on a regular basis, respondents who answered yes, they review the system on a annual basis, with the Board of Directors making approvals on the policies and procedures review.
Q.5. Does your firm have a particular funding system or strategy in the event of a “liquidity crunch”?
Of the responses received on asking whether they have funding system in place during liquidity firms stated that their funding and liquidity policies and procedures are reviewed annually with the rating agencies. Firms indicated reliance on the parent entity without any further procedures in place or measures to be taken in the event of a “liquidity crunch”. Others limit their strategy to the maintenance of a certain liquidity cushion, which is deemed sufficient in the event of market stress. Another firm has a contingency financing plan in place in response to the financial crisis, and the CFO of the company reviews it on a semi annual basis.
Q.6. What according to you are the Benefits of Practising Risk Management at the Enterprise Level?
When asked to respond to the benefits of practising risk management at the enterprise level, the respondents rated reduction in losses as the most important benefit with 60% (6/10*100), with the second most benefit being greater levels of compliance with 50% (5/10*100).
Q.7. What are the important factors that drive the development of Enterprise Risk Management in times of financial difficulties?
The important factors that drive development of ERM in times of financial difficulties rated No.1 Increased shareholder pressure for better governance highest with 60% (6/10*100) and No. 2 Compliance with International and Domestic Regulations at 50% (5/10*100)
No.3 Concerns over increased levels of credit losses at 30% (3/10*100)
No.4 Internal and external best practices benchmarking exercise at 20% (2/10*100)
No.5 other factors at 10% (1/10*100)
Q.8. How well designed and developed is your current Risk Management system?
Most of the responses received in the survey revealed that they have fully up to date systems and they are satisfied with them, scoring 67% (10/15*100), while the rest 27% responses revealed that they have their own risk management systems in place for now but would expect to upgrade them in the future. Just the last 6% of the responses received state that they are looking for a new system with a more comprehensive impact on the company goals and objectives.
Section four
1. Finally the ratings on a likert scale revealed the following results.
Q.1. “Practising Enterprise Risk Management leads to positive performance in business during times of Market Liquidity”
Responses were 70% (7/10*100) respondents strongly agree with the statement, while 20% (2/10*100) rated with slightly agree to the above statement. Just 10% (1/10*100) rated the above statement with slightly disagree. So overall we can measure that very high responses were directly rated as either slightly or strongly agree i.e. a positive response to the question under consideration. Eventually all the firms have understood the importance of enterprise risk management during the recent market liquidity crisis.
Q.2. “There should be a strong and a dedicated support of the senior management for effective implementation and functioning of ERM”
Of the total number respondents 50% (5/10*100) agreed strongly with the statement and 40% (4/10*100) agreed slightly with the statement, whereas 10% (1/10*100) respondents replied with neither agree nor dis agree with the statement. So again the majority of the responses were strongly or slightly agree and a single response with neither agrees nor disagrees with the above statement. Highlight here is that there is no response received that states any level of dis-agreement to the statement.
Q.3. “The Risk Management strategy adopted by your company is Solid and Dependable even during financial crisis”
Responses received state that 40% (4/10*100) of the survey respondents replied with strongly agree to it, 30% (3/10*100) of the responses stated that they agree slightly to the statement. 20% (2/10*100) of the responses state that they slightly disagree and the rest i.e. 10% (1/10*100) were neutral with neither agree nor dis agree with the statement.
Findings from the study show the commitment and support from the top management to all parties concerned. The respondents involved in the survey strongly suggested that the management overall must be able to demonstrate their concerns on various Risk Management issues. Importantly, they have to develop and promote an environment of support and be more conscious about risks.
The respondents surveyed also suggested that all Risk management activities, which are being carried out by companies, should be structured and ought to assist them in minimizing future expected losses. Companies should be able to appreciate the justification of adopting and implementing the ERM Program as it undoubtedly adds value to the company and shareholders. They asserted that the practice and application of ERM should not be done just for compliance purposes only.
Answering the Research Question
Further recommendations
Following the study of the literature and findings from the primary research, this report hereby makes an attempt to present some recommendations to help enhance the risk management function more effectively in the future.
Based on the issues identified by the empirical findings, it is recommended to consider the following:
To begin with, a high priority action should be to bring risk management back from the compliance function into the boardroom. The acting board members and the management should primarily create a strong culture of reporting and practising effective risk management within all the employees irrespective of their job roles or responsibility.
The Management should assess the organization’s risk management capabilities with the chief executive’s participation in it and helping to bring together department heads and key functional staff to discuss an initial assessment of the enterprise risk management, its capabilities, functionalities and effectiveness to the organisation.
The team should be vigilant about where the risks can come from and conduct an annual risk assessment exercise that defines key risks and weighs probability and impact on business drivers.
The chief risk officers must evaluate the organisation’s ability to manage the risks that they identify and in particular ensure that the risk management process is always linked to the actual risks that the business faces at a given point in time. Whatever the form, an initial assessment should determine whether there is a need for, and how to proceed with, a broader, more in-depth evaluation of the problem and the way to deal with it.
They should enhance their capability to be proactive in identifying these risks with a rigorous and disciplined approach. The attempt of practicing ERM across all sections of the organisation and having risk culture embedded in the organisation’s internal culture are ultimately the driving factors in order to avoid the high value risks during financial downturn.
Limitations associated with research
The analysis of the answers to the questionnaire revealed some areas where further research is desirable, either because of incomplete answers or due to important topics not covered in the questionnaire, and because of its very nature the focus, being on risk management at firm level and there remains room for improvement. This study provides a valuable insight of ERM as an important concept of managing risks on an enterprise-wide basis among major corporations. Such a concept is a value added tool in enhancing the economic value of the business enterprises involved in the industry survey conducted as part of the research work.
Conclusion
As stated at the outset, the purpose of this paper is to promote awareness of the need of sound risk management and related internal controls at financial firms. It highlights particularly commendable practices and identifies areas for improvement for the firms.
To summarize, the almost unprecedented nature, depth, and duration of the current market turmoil have raised major challenges for nearly all major participants in the financial markets including major investment banks and mortgage bankers. Under such an environment, participants face increasing pressure to understand the risks they face, to measure and assess such risks appropriately, and to take the necessary steps to reduce, hedge, or otherwise manage such risk exposures.
The turmoil in credit markets underscores some important principles for risk management, including the value of proper risk identification and measurement, the need for robust and objective valuation methods, the importance of preparing for liquidity disruptions, and the critical role of strong oversight by senior managers. Recent events have also demonstrated the importance of generous capital cushions for protecting against adverse conditions in financial and credit markets.
Therefore, with renewed attention to these principles and the restoration of strong incentives for sound risk management, institutions should be able to overcome the difficulties we have seen in the recent application of the originate-to-distribute model and begin to use it successfully again. Equally important, improvements in banks’ risk management will provide a more-stable financial system by making firms more resilient to shocks. Supervisors must insist on effective risk management and provide as much support as possible for the implementation of needed changes.
The results from this research study are very encouraging and have demonstrated that firms have begun to devote time and resources to addressing the area of risk. The survey has resulted in conclusions that are applicable multinationally. From observing the practice of firms, it has been possible to derive a certain number of principles for sound management of firm risks. This paper has attempted to highlight commendable practices while drawing out areas where certain firms could benefit from devoting greater attention and care.
Given the current economic environment and credit crisis, as well as the far reaching and serious challenges it provides to the banking and financial services industry, it is clear that addressing issues that causedthe crisis require the establishment of processes to identify these risks before they create problems in the future. Although the problems that causedthe credit crisis are complex, they highlight the fact that senior management did not fully grasp the scale and complexity of risks. Without over simplifying these issues, it appears that the starting point for avoiding these issues going forward requires the implementation of enterprise risk systems that identify, monitor and address risk.
References:
- Thomas A. Stewart, “Managing Risk in the 21st Century,” Fortune (February 7, 2000): 202.
- Richard E. S. Boulton, Barry D. Libert, and Steve M. Samek, Cracking the Value Code�How Successful Businesses Are Creating Wealth in the New Economy (New York: Harper Business, 2000): 181.
- Treasury Board of Canada Secretariat (TBS). 2001. Integrated risk management framework. Available at:
http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=12254§ion=text#sec3.2 retrieved on 12th January 2009 - Economist Intelligence Unit, written in cooperation with Arthur Andersen & Co., Managing Business Risks�An Integrated Approach (New York: The Economist Intelligence Unit, 1995): 2.
- James W. DeLoach, Jr., Enterprise-Wide Risk Management�Strategies for Linking Risk and Opportunity (London: Financial Times, 2000): 5.
- Institute of International Finance report on Principles of Conduct and Best Practice Recommendations, July 2008
- Source: Reuters1 Available at
http://www.reuters.com/article/pressRelease/idUS127052+18-Sep-2008+BW20080918 retrieved on the 20th January 2009. - Tower Group. Back to Basics, Into the Future: Risk Management and Growth Through Enterprise Intelligence. Rodney Nelsestuen, May 26, 2008.
- Boulton, R.E.S., Libert, B.D., and Samek, S.M. (2000) Cracking the Value Code – How Successful Businesses are Creating Wealth in the New Economy, Harper Business, New York.
- Reaffirming Y our Company’s Commitment to ERM in Light of the Financial Crisis by Prakash Shimpi
- Senior Finance Executives on the Current Financial Turmoil. A report prepared by CFO Research Services in collaboration with Towers Perrin. November 2008. http://www.towersperrin.com/tp/getwebcachedoc?webc=USA/2008/200811/TP_Financial_Crisis_Survey_Report.pdf.
- Meulbroek, L., 2002, “The promise and challenge of integrated risk management,” Risk Management & Insurance Review, 5:1, 55-66
- http://www.deloitte.com/dtt/cda/doc/content/dtt_fsi_Global%20Risk%20Management%20Survey-Fifth%20Edition_20070328.pdf
- Pagach, Donald P. and Warr, Richard S. The Effects of Enterprise Risk Management on Firm Performance (June 28, 2008).
- Treasury, 2007, http://www.publications.parliament.uk/pa/cm/cmtreasy.htm
- Treasury 2007a, 2007b – Treasury Committee (of the United Kingdom Parliament House of commons),2007. http://www.publications.parliament.uk/pa/cm200607/cmselect/cmtreasy/cmtreasy.htm
- Bookstaber, R. Where are risk managers? (2007)
http://blogs.wsj.com/economics/2007/10/16/bookstaber-asks-where-were-the-risk-managers/ - American Banker (2008), Risk Chiefs: As the Bar raises, So Does Demand. Publication date: 31 January 2008.
- Standard & Poor’s (2008),. Enterprise Risk Management: Standard & Poor’s to Apply Enterprise Risk Analysis to Corporate Ratings. Ratings Direct� May 2008
- Risk Management (September 2007): A view from the top.
http://www.allbusiness.com/company-activities-management/management-risk/8911274-1.html - McCarthy, M.P. and Flynn, T.P. (2004) Risk from the CEO and Board Perspective,
McGraw Hill, New York. - Hunt, B. (2001) “Issue of the Moment: The Rise and Rise of Risk Management”, in Mastering Risk Volume 1: Concepts, editor James Pickford, Pearson Education Ltd, UK
- Larry Tabb(2007) http://www.intelfasterfs.com/2007/12/comment-credit-crunch-prompting-a-new-age-of-risk-management/
- Hussin, M.R. (1996). An examination of responses to risk in ASEAN Industry and Commerce. PhD thesis. Glasgow Caledonian University, Glasgow, Scotland, United Kingdom. London: British Library.
- Crockford, G.N. (2005). The changing face of risk management. The Geneva Papers, 30, 5-10.
- Lam, J. (2003). Enterprise Risk Management. New Jersey: John Wiley & Sons, Inc.
- Lin, Pantzalis and Park (2007) find that corporate use of derivates reduces asymmetric information.
- Drucker, P.F. (1980), Managing in Turbulent Times, Butterworth-Heinemann, Oxford.
- Peters, T. (1994), The Tom Peters Seminar: Crazy Times Call for Crazy Organizations, Macmillan, London
- McClements, J.R., Smallman, C. (1998), “Managing in the new millennium: reflections on change, management and the need for learning”, Management Decision, Vol. 36 No.1, pp.3-8.
- Hopfl. H. (1994), “Safety culture, corporate culture: organizational transformation and commitment to safety”. Disaster prevention and management, vol. 3 No .3 pp 49-58
- COSO. (2003). Enterprise Risk Management Framework: Draft. Retrieved September 17, 2005, http://www.enterprise_wise_risk_management+&De+Loach+html
- Liebenberg and Hoyt, (2003); Beasley et. al. (2005); and Slywotzky and Dzik (2005) for discussions of the development and adoption of ERM.
- Ching, W. R. H. (1997), Enterprise Risk Management: Laying a Broader Framework for Health Care Risk Management in The Risk Management Handbook for Health Care Organizations, eds R. Carroll, (5th edn), John Wiley & Sons Inc., 3-13.
- Steinberg, R. M., Everson, M. E. A., Martens, F. J. and Nottingham, L. E. (2004), Enterprise Risk Management – Integrated Framework, COSO, New York
- Hoyt, R. E., and Hall, E. B. (2003), Evidence Shows Changing Roles of Health Care Risk Managers, Journal of Health Care Risk Management, 23, 2, 7-11
- O’Donnell, E. (2005), Enterprise Risk Management: A Systems-Thinking Framework for the Event Identification Phase, International Journal of Accounting Information Systems, 6, 177-195
- Miccolis, Jerry and Samir Shah, 2000, Enterprise Risk Management: An Analytic Approach, Tillinghast – Towers Perrin
- Cumming, C.M. and Hirtle, B.J., 2001, The Challenges of Risk Management in Diversified Financial Companies, FRBNY Economic Policy Review, March.
- Lam, James, 2001, The CRO is here to stay, Risk Management, April, 16-20
- Meulbroek, Lisa K., 2002, Integrated Risk Management for the Firm: A Senior Manager’s Guide, Journal of Applied Corporate Finance, 14, 56-70
- Committee of Sponsoring Organizations of the Treadway Commission (COSO), September 2004. Enterprise Risk Management Framework. Available on http://www.coso.org/documents/COSO_ERM_ExecutiveSummary.pdf
- Gardner, H., Csikszentmihalyi, M. & Damon, W. (2001), Good Work: When Excellence and Ethics Meet (Basic Books)
- Beasley, M.S., R. Clune, and D. R. Hermanson. (2005). Enterprise risk management: An empirical analysis of factors associated with the extent of implementation. Journal of Accounting and Public Policy, 24 (6), 521-531.
- S&P Ratings Direct. (2008) Standard and Poor’s to apply Enterprise Risk Analysis to Corporate Ratings. Standard and Poors, New York (May).
- New York Stock Exchange (NYSE), 2003. NYSE Rulemaking, Securities and Exchange Commission, NYSE, New York. Available from: http://www.sec.gov/rules/sro/34-47672.htm
- Deloitte, 2007. Global Risk Management Survey: Accelerating Risk Management Practices. Fifth edition.
- http://www.deloitte.com/dtt/research/0,1015,cid%253D151389,00.html
- Tufano, P. (1996). Who manages risk? An empirical examination of risk management practices in the gold mining industry. Journal of Finance, 51 (4), 1097-1137.
- Peters, T. (1994), The Tom Peters Seminar: Crazy Times Call for Crazy Organizations, Macmillan, London.
- Drucker, P.F. (1980), Managing in Turbulent Times, Butterworth-Heinemann, Oxford
- McClements, J.R., Smallman, C. (1998), “Managing in the new millennium: reflections on change, management and the need for learning”, Management Decision, Vol. 36 No.1, pp.3-
- H�pfl, H. (1994), “Safety culture, corporate culture: organizational transformation and the commitment to safety”, Disaster Prevention and Management, Vol. 3 No.3, pp.49-58.
- Tufano, (1996); Liebenberg and Hoyt, (2003); Beasley et. al. (2005); and Slywotzky and Dzik (2005) for discussions of the development and adoption of ERM
- 3. Beasley, Pagach and Warr (2007) find no significant stock price reaction (positive or negative) to ERM adoption.
- Lin, Pantzalis and Park (2007) find that corporate use of derivates reduces asymmetric information
- Hendricks, D. and B. Hirtle, 1997, “Bank Capital Requirements for Market Risk: The Internal Models
- Approach,” Federal Reserve Bank of New York Economic Policy Review, December, 125-128.
- Benbasat, I., Goldstein, D. & Mead, M. (1987) “The Case Research Strategy in Studies of Information Systems” MIS Quarterly
- Kaplan, B. & Duchon, D. (1988) “Combining Qualitative and Quantitative Methods in Information Systems Research: A Case Study” MIS Quarterly
- Howard, George, Basic Research Methods in the Social Sciences, Scott, Foresman and Company 1985
- Risk Management Standard
www.theirm.org/publications/documents/Risk_Management_Standard_ 030820.pdf - Meulbroek, L., 2002, “The promise and challenge of integrated risk management,”http://resourcecenter.virchowkrause.com/resources/ermarticle2cosomodel.pdf
- Rusli, A. And Noor Azman, A. (2003) “The use of cognitive mapping technique in management research: Theory and practice” management research news journal.
- Johansson, J. And Sparredal, J. (2005) “CRM in e-business” department of business administration and social science, Lulea university of technology, master’s thesis.
- Treasury (2006) Thinking About Risk, London, HM Treasury available at:
http://www.scotland.gov.uk/Publications/2008/08/25142353/4 retrieved on the 12th January 2009. - Financial Times – Recession forces risk management rethink, Samantha Pearson available at http://www.ft.com/cms/s/0/a0609114-f61f-11dd-a9ed-0000779fd2ac.html accessed on 11/03/09.
- Financial Times – Internationalisation- risk or opportunity? Torsten Jeworrek, available at http://www.ft.com/cms/s/0/74d43adc-b43e-11dd-8e35-0000779fd18c.html
accessed on 05/03/2009. - Section 111, EESA 2008 available at http://financialservices.house.gov/essa/final_bill_section-by-section.pdf accessed on the 11/03/2009.
- Bank of England Publication available at – http://www.bankofengland.co.uk/publications/speeches/2008/speech358.pdf accessed on 01/19/2009
- KPMG Publication, available at –
http://www.kpmg.co.za/images/press/never_again_risk_management_in_banking.pdf accessed on 9/01/2009. - British Insurance Broker’s Association Compliance Rules, available at
http://www.biba.org.uk/PDFfiles/08ComplianceRules4.pdf accessed on the 12/01/2009. - Federal Reserve Publication available at and accessed on the 12/01/2009 http://www.federalreserve.gov/newsevents/speech/bies20070111a.htm