Articles: ERM Survey and Benchmarking Data

  • The Future of Risk

    July 31, 2009

    The current economic downturn has caused companies everywhere to question their risk management process and investigate ways to upgrade their risk management efforts. As risk complexity has increased, so too has company spending on risk management. While some companies are committed to increase resources spent on risk management, a majority will attempt to increase risk management efforts with existing resources. This reality can be achieved by balancing risk, cost and value across the enterprise.

  • S&P Issues Progress Report on ERM Integration into Credit Ratings

    July 22, 2009

    Standard & Poor’s recently published a report detailing the focus of their discussions with rated companies regarding ERM and insights gleaned from these discussions to date. So far, ERM discussions have been conducted with over 300 rated issuers and the report shares the seven questions used as the basis for these discussions. An interesting preliminary finding is that few companies have leveraged their ERM programs to identify risky opportunities that they are well-positioned to capitalize upon - most companies are currently focused on identifying and managing downside risks.

  • The State of Enterprise Risk Management at Colleges and Universities

    July 01, 2009

    A survey was conducted in June 2008 of over 600 presidents and chancellors, CFOs, governing board members, chief academic officers, and risk managers from private and public colleges and universities of varying sizes. Key survey findings indicate there is significant room for improvement in enterprise risk management at higher education institutions. Best practices and action steps institutions can take to improve their enterprise risk management efforts are discussed. Additionally, a sample worksheet is provided to help higher education leaders begin the systematic risk assessment process in their institutions.

  • Global Integrity Survey

    July 01, 2009

    Compliance Week conducted a survey analyzing the role of integrity and ethics programs in corporations around the globe. The survey addressed the structure of these programs as well as metrics used to evaluate them. The accountability of integrity programs and its importance in the current economy was assessed and entities were asked to respond with the biggest risks their corporations faced in the world today regarding ethics and integrity.

  • Reputation Risk Management

    March 01, 2009

    A 2008 survey investigated the status of reputation risk management at different companies and found that companies are aware of reputation risks but may not be sufficiently managing these risks. There are several methods for managing reputation risks, including engaging with stakeholders, monitoring the content and volume of media coverage of the company, monitoring performance against external ratings or benchmarks, and crisis management. Ultimately, for reputation risk management to be successful, it should be integrated into broader risk management frameworks and reputation risk factors should become a key aspect of business decision making.

  • Best-in-Class Enterprise Risk Management

    February 01, 2009

    The Aberdeen Group conducted an online survey in January and February 2009 of over 120 enterprises in a diverse set of industries and geographies that are devoting resources to improving their enterprise risk management (ERM). Results from this survey and additional interviews of selected respondents helped identify strategies and frameworks companies are using to realize business benefits from their ERM programs. Additionally, this survey provides a roadmap for companies planning an ERM initiative or augmenting an existing initiative in terms of actionable analysis and recommendations to improve ERM within an entity.

  • ERM is Vital for Businesses and the Economy

    January 01, 2009

    With the recent financial crisis many wonder if risk management could have prevented or minimized the fall out. The answer is yes. However many companies fail to properly implement risk management and therefore they do not fully understand the risk they are undertaking. Failures occurred because companies don’t fully understand the proper steps for effective risk management. This report addresses where companies failed and the areas companies need to improve to prevent another financial crisis.

  • Financial Industry Assesses Role of Risk in Credit Crisis

    January 01, 2009

    This global survey conducted by KPMG in conjunction with the Economist Intelligence Unit in October 2008 summarizes responses from over 500 world-wide risk management senior officers in the banking industry about the role risk management played in the current economic crisis and how enterprise risk management would be used going forward. The report based on this survey highlight several themes permeating banking culture’s utilization of risk management that helped allow the current credit crisis. The report provides insights as to possible solutions, which many of the respondents are planning to or are currently taking.

  • The Top Ten Risks for Global Business in 2009

    January 01, 2009

    This report compiles views of industry commentators, sector experts, and Ernst & Young practice professionals as to the major business risks facing “leading global firms” in each of their sectors. The risks identified as the top ten risks for global business in 2009 were rated as having the greatest impact across the largest number of sectors, and these risks will likely do the most to influence markets and drive corporate performance in the coming year. Several of the top ten risks identified were on the list last year: the credit crunch, regulation and compliance, radical greening, cost cutting, and executing alliances and transactions. Three of the top ten risks, non-traditional entrants, managing talent, and reputation risks, moved up from lower rankings the previous year. There were also two new risks that were not identified last year, deepening recession and business model redundancy.

  • Global Risk Management Survey

    January 01, 2009

    AON conducted a global risk management survey in October and November 2008 with risk managers and chief risk officers comprising two-thirds of respondents. Responses represent 551 organizations of various sizes and industries in over 40 countries. A similar survey was conducted two years ago and there is a comparison of the key and emerging risk issues highlighted. The top ten risks facing businesses, overall risk preparedness, and losses related to risks are addressed. Key business topics such as identifying, assessing, measuring, and managing risk; board oversight and involvement; and risk management departments and functions are discussed. One consistent theme through all the findings is that the worldwide economic downturn has had an enormous impact on how risk is approached and managed.

  • ERM Benchmarking Survey

    January 01, 2009

    An ERM benchmarking survey of chief audit executives and heads of internal auditing was conducted that garnered 240 responses from organizations across many industries and nations. From those 165 respondents with a risk management program or process in place, information was gathered about risk management philosophies and drivers, program implementation and structure, communication and reporting, and technology practices. The survey also reports on recommendations and leading practices for risk management programs and processes identified by the respondents.

  • Costs Associated with Regulatory Risks

    December 31, 2008

    A significant portion of an organization’s enterprise risk management efforts in both time and dollars may be spent on compliance and regulatory risks. Compliance with federal regulations cost approximately $1.157 trillion in 2007. There were 159 economically significant rules under consideration in 2007, each having an estimated cost of at least $100 million annually. Regulatory compliance costs are important to all businesses, but can be higher per-employee for small businesses since some costs are imposed regardless of size. Federal regulations provide a means of funding government programs without using tax dollars, essentially becoming a form of off-budget taxation that minimizes public scrutiny. The significant impact of these regulatory compliance costs and their overall lack of visibility suggest a need for increased disclosure, transparency, and accountability related to federal regulations.

  • Managing Information Technology Risk:  A Global Survey for the Financial Services Industry

    December 31, 2008

    Ernst & Young’s first global survey for the financial services industry that provides industry data, trends, leading practices, and opinions on the components of effective information technology (IT) risk management. Based on survey responses, many financial institutions are seeking ways to better integrate IT risk management with their overall risk management program and processes.

  • Strategic Business Risk – Top 10 Risks in Business for 2008

    December 31, 2008

    Ernst & Young conducted a survey of industry analysts in order to identify the top 10 strategic business risks for 2008. It became clear that there is significant variation in risks between sectors of the economy. Nevertheless, the risks that were rated as having the greatest impact across the largest number of sectors were identified and ranked.

  • Enterprise Risk Management Benchmark Survey

    December 01, 2008

    Deloitte conducted a survey of 151 companies over 2006 and 2007 to gauge the current state of ERM implementation. The survey found that interest in ERM is growing, driven primarily by regulations. The status of ERM programs is such that the primary uses and benefits are in traditional risk management areas, with little integration into the business areas focused on growth where respondents expect to see benefits. Survey results indicate the biggest challenge to ERM is demonstrating its value to the organization. There were many findings related to ERM implementation according to industry, region, and listing status; ERM program organization; and ERM policies, processes, and systems. The survey demonstrated that many companies are implementing ERM but are not realizing its full potential because they are focusing on asset protection and have not yet moved to incorporating value creation in their ERM programs.

  • Diversity of Risk Management in Europe

    October 30, 2008

    This report details the key findings in the fourth biennial benchmarking survey conducted by the Federation of European Risk Management Association (FERMA) in collaboration with AXA Corporate Solutions and Ernst & Young. The report reveals how risk management has become more important in European companies and the wide diversity of how companies approach risk management.

  • Embedding ERM: 2008 Global Insurance Sector Survey Results

    October 27, 2008

    More than 350 Chief Financial Officers, Chief Actuaries and Chief Risk Officers responded to a global ERM survey of the insurance industry which found that European insurers are more advanced in ERM implementation than insurers in North America and Asia. Large insurers are more advanced in most aspects of ERM implementation. Economic capital standards are emerging for risk measurement, with a shift toward using a one-year value at risk approach.

  • Preparing For S&P Integration of ERM

    October 01, 2008

    Standard and Poor’s (S&P) is integrating an evaluation of enterprise risk management (ERM) into corporate credit ratings beginning in 2009. S&P has considered ERM when rating financial institutions and insurance companies previously and decided to expand the consideration of ERM to all rated companies. This incorporation of ERM into the credit rating process signals that S&P believes that companies with strong ERM capabilities are a better credit risk. This article highlights key aspects of ERM that S&P intends to consider when evaluating ERM preparedness at organizations they evaluate.

  • Companies Employing an Entity-Wide Risk Management Program Better Prepared for Credit Crisis

    October 01, 2008

    The CFO Europe Research Services paired with ING Wholesale Banking to research chief financial officer’s opinions on the current credit crisis. More than 450 senior executives across Europe responded in the summer of 2008, to questions about market, operational, and financial threats to their companies in the summer. The major finding was that companies employing a structured entity-wide risk management program were much better prepared for the credit crisis and accompanying rising commodity prices. Most companies without an ERM system were taking steps to implement one.

  • C-suite Influence on Excellence in Risk Management

    October 01, 2008

    This abstract summarizes the 2008 Excellence in Risk Management Survey conducted by the Risk and Insurance Management Society (RIMS) and Marsh. This is the fifth year that they have conducted an Excellence in Risk Management Survey. They find that senior management’s attention has shifted to the value of a strategic, broad approach to risk management in the wake of the current financial crisis. The survey cites disconnect within a company between risk managers and C-suite executives. It also explores organizations’ objectives in implementing and maintaining an ERM system. These objectives include internal and external expectations for the ERM system, which risks to consider, who is responsible, and the impact on the company. While the desire for a strategic risk management process seems to have leveled-off, businesses who have undertaken ERM implementation continue strong development and have continued support from the senior level.

  • The Changing Role of the Finance Organization

    September 30, 2008

    Today’s focus on the rapid embrace of globalization initiatives has substantially increased the complexity and pace of change that risk executives face. Dealing with the volume and complexities of these uncertainties is becoming one of the most pressing strategic concerns. Responsibilities for addressing these challenges often reside with the finance organization within an enterprise, often led by the chief risk officer (CFOs). This study not only summarizes insights about the challenges CFOs face, but it also highlights best practices of finance organizations in high-performance organizations. It notes that the finance organization in most global companies is not sufficiently integrated into the businesses to promote strategy development or value creation and very few are very satisfied with the performance of the finance organization in the management of financial and non-financial risks. Masterful finance organizations identified by the study excelled in creating a shared services structure, a strategic approach to outsourcing and talent management, and the implementation of enterprise resource planning systems

  • Better Enterprise Risk Management May Prevent Future Crisis

    September 01, 2008

    The Economist Intelligence Unit, in conjunction with SAS Inc., conducted a world-wide on-line survey of 316 senior executives from the financial service industry, complimented by interviews with industry experts. Their study was focused on enterprise risk management in the financial services sector. Enterprise Risk Management (ERM), or firm-wide risk management, is defined in this study as “an approach whereby all categories of risk across each business unit and geography are aggregated at the enterprise level and treated holistically, while at the same time recognizing the need to maintain levels of granularity.” They found: financial services firms are placing a growing emphasis on enterprise-wide or firm-wide risk management, but for many the implementation is still in the early stages; an expectation of growing regulatory pressure is one factor driving the implementation of ERM; lack of relevant data is hampering financial services firms’ approaches to risk management; and creating a culture for risk management is a challenging proposition for most firms.

  • Does ERM Matter?: Enterprise Risk Management in the Insurance Industry

    June 01, 2008

    The recent upheaval in the banking industry, which is heavily regulated and an early adopter of enterprise risk management (ERM) strategies, has caused other businesses to question the efficacy of an ERM program. A recent study by PricewaterhouseCoopers, LLP makes it apparent that ERM is not fully embedded in many businesses. Failing to consider risk in business decisions makes it unlikely that businesses will achieve their ERM objectives, and increases the difficulty of realizing strategic objectives.

  • Standard & Poor’s Applies ERM Analysis to Ratings

    May 01, 2008

    Beginning in the third quarter of 2008, Standard and Poor’s will incorporate Enterprise Risk Management (ERM) into discussions at regularly scheduled credit review meetings. The discussions of ERM will focus on the organization’s risk management culture and strategic risk management. This abstract provides a brief overview of S&P’s ERM evaluation plans.

  • NC State ERM Initiative Responds to S&P Request for Comment

    January 31, 2008

    The NC State ERM Initiative has responded to the request for comment issued by Standard & Poor's on their proposed expansion of ERM analysis to nonfinancial companies as part of their overall credit ratings process. The ERM Initiative strongly endorses the S&P proposal to incorporate ERM analysis as an important component of the credit ratings decision and a copy of the comment letter submitted to S&P on January 31, 2008 and the link to the original S&P request for comment are provided.

  • Tax Governance Institute: Tax Risk Management eSurvey

    December 31, 2007

    Tax risk can arise within several aspects of a company’s business. KPMG conducted a survey among board members, senior management, CFOs, tax executives, and finance and accounting professionals concerning tax risk management. Some of the results indicate that 53% of the respondents claimed that financial reporting risks are the most significant aspects of tax risk currently facing their organization, 60% of the respondents claimed that tax risk assessment and management has become more of a priority for their organization’s leadership, yet, 60% stated that their organization does not have a formal, document, tax risk management strategy. Though many organizations do not have a formal tax risk management strategy, these organizations are taking steps toward creating a formal strategy. The steps are taken mainly due to increasing regulatory pressures.

  • Enterprise Risk Management: The Full Picture

    December 01, 2007

    An Aon Global Risk Consulting survey conducted among 103 organizations in July 2007 aimed at supporting global organizations in developing enterprise risk management (ERM) strategies throughout various organizational cultures and utilizing sufficient resources to support ERM development and maturity. Key issues are addressed that challenge organizations ability to successfully implement an ERM function, all varying across corporate cultures and regions of the world.

  • The Global CFO Study 2008:  Balancing Risk and Performance within an Integrated Finance Organization

    October 01, 2007

    This IBM study of 1,200 CFOs and senior finance professionals reveals that CFOs may be taking the wrong approach to resource and risk management on a global scale. Organizations are turning to global markets deploying assets worldwide and establishing both vertical and horizontal operations in countries well beyond headquarter operations. As they do so, they face an undeniably riskier landscape. In fact, 62 percent of those surveyed encountered material risk events in the last three years, but nearly half (42 percent) were unprepared to manage those risks. Furthermore, risks arise from multiple sources often beyond financial activities. Eighty-seven percent of risk events were strategic, geopolitical, environmental, operational, or legal. Ironically, the study finds that supporting and managing enterprise risk ranked low in importance by survey respondents. Findings suggest that enterprises are looking to the CFO for leadership in risk management to close these performance gaps.

  • Deloitte’s Risk Management Survey

    May 01, 2007

    Deloitte recently published a fifth risk management survey titled, Global Risk Management Survey: Accelerating Risk Management Practices, that provides feedback from 130 global financial institutions about the status of ERM implementations. Even though much progress is shown in risk management practices, there is still the need for businesses to fully implement an integrated, enterprise-wide program for success. Some areas of concern include the management of less traditional risks such as operational and geopolitical risks. The clear indication of value enhancement for companies that fully utilize enterprise risk management (ERM) has been slow to motivate approximately one-third of the businesses that still do not have an ERM program in place.

  • Survey by KPMG- ERM in the US

    January 31, 2007

    A survey published by KPMG titled, Enterprise Risk Management in the United States, reflects senior executive perspectives about risk management practices and on-going efforts to successfully implement and monitor ERM processes. The report provides feedback about ERM practices from US companies that span diverse industries such as aerospace, transportation, financial services, healthcare, and manufacturing

  • How Managing Political Risk Improves Global Business Performance

    December 31, 2006

    A study was completed by PricewaterhouseCoopers Advisory and Eurasia Group dealing with political risk and how it affects multinational companies. The results of the study showed that multinational companies are not happy with how political risk is being managed. This is an unfortunate situation because political risk affects how companies protect their investments and assess new opportunities. PwC believes that by using an integrated approach based on the COSO model, companies can improve their management of political risk.

  • A Changing Risk Landscape – A Study of Corporate ERM in the U.S.

    November 01, 2006

    A survey administered to financial professionals of large public companies that explores their views on the key risks facing their companies and how they are managed. The consensus is that the nature of risk is changing due to new business models. Enterprise Risk Management (ERM) has emerged as a possible solution to many of the risks indicated.

  • ERM Maturing in Australia and New Zealand

    November 01, 2006

    Companies in a variety of industries based in Australia and New Zealand were asked to rate their implementation of ERM. The survey found that a majority of companies in these countries had made strong improvements in the implementation of ERM in their organizations. The article examines the various strengths and weaknesses of ERM in the companies as seen by top management.

  • The 2006 Oversight Systems Financial Executive Report on Risk Management

    June 15, 2006

    "The market may reward companies who take strategic risks, but many executives are discovering the consequences of overlooking their day-to-day operational risks. As companies place a greater emphasis on managing their operational risk, Oversight Systems surveyed financial executives to gauge corporate America’s progress in implementing enterprise risk management."

  • Conference Board Releases Research Report About Boards and ERM

    June 06, 2006

    The Conference Board issued a July 2006 research report, “The Role of U.S. Corporate Boards in Enterprise Risk Management,” that provides insights about board of director perspectives on their role in overseeing enterprise risk management processes at organizations where they serve. Mark Beasley, NC State’s ERM Initiative Director, served as a member of the Advisory Board for the Project. Based on a research approach that involved personal interviews with 30 board members, analysis of Fortune 100 board committee charters, and a broad survey of 127 board members, the report finds that while ERM processes have improved in some companies, directors serving on multiple boards reported significant variations in the quality of risk dialogue and fewer boards seem to have well-established risk processes. Only 54% have clearly defined risk tolerances and only 47.6% of the boards rank key risks. Almost 50% of the directors would like to see more data analysis related to the company’s risk profile.

  • Evolution of ERM

    September 30, 2005

    Business professionals have varied personal definitions of enterprise risk management (ERM) based on their limited exposure to the new idea and their specific encounters with its effects given their roles within their companies. However, in order to better understand risk management, and especially ERM, risk itself must be better understood with greater uniformity than that with which it has been understood in the past. Misconceptions have kept business professionals from understanding risk as measurable in both negative and positive outcomes, as existent even without the occurrence of an event, and as affective of businesses in many areas, not just in the consideration of insurance.

  • Survey Data: ERM Trends

    December 31, 2004

    This study provides data obtained from surveys of nearly 1400 chief executive officers (CEOs) about risk trends and related expectations for effective ERM practices. With CEOs note that they are more aggressive risk takers than in the past, many note that they believe enterprise risk management practices will help them manage risks proactively to create value. They also agreed that risk management is a growing board of director priority and emphasis

  • Tax Risk Management: The Evolving Role of Tax Directors

    December 31, 2004

    In 2004, Ernst & Young administered a survey with findings that offer insight to tax directors and executives to help them better comprehend the changing scope of the tax function, the rise of tax risk management and how companies are responding. This report also discusses emerging practices as they relate to three key components of tax risk management: awareness and alignment; assessing and managing; and communication and reporting.