ERM is reaching new heights as risk exposures multiply and rising insurance premiums drive a search for options.
Enterprise risk management is having a moment amid a seeming explosion of risk exposures facing corporates since the pandemic began. And as the function grows in importance, at least a few ERM teams are heading toward inclusion in corporate strategy groups—a trend definitely worth watching.
- One member at a late March meeting of NeuGroup’s Corporate ERM group said his goal since recently taking over the position “is to make ERM more strategic, to move it from ‘safety net’ to adding value.”
- This means contextualizing ERM and company risks from a strategy perspective and making ERM “action-oriented,” or more proactive. “We want to change the mindset” around ERM, he said.
Strategic decisions. At some companies, a strategic approach to ERM is refining the decision-making process.
- In a session on decision quality, the presenting member said that since business leaders and managers solve complex business problems every day, they need help making more informed decisions.
- They can achieve this with a better understanding of the implications of strategic decisions and instill an “acute awareness” of resulting outcomes, intentional and unintentional.
- One member joked that this was a good way of fixing mistakes before they’re made.
Where does ERM belong? Historically, one of the issues around ERM’s role within a corporate has been where it is housed and who runs the function.
- Initially, when COSO (the Committee of Sponsoring Organizations of the Treadway Commission), elevated enterprise risk back in the early 2000s, it was seen as a way to reassure investors and credit ratings agencies. But it gave no indication as to where it should be housed.
- As a result, ERM landed in a variety of places, including treasury, internal audit, compliance and sometimes legal. ERM’s placement within these functions meant the practitioner was usually doing it as a part of their regular job.
- For example, in treasury, the role often fell to an assistant treasurer.
Elevating ERM in treasury. Today, at some companies, ERM is being elevated to the top of corporate treasury’s to-dos. At a recent NeuGroup meeting of mega-cap companies, one treasurer said he now has responsibility for ERM in addition to everything else he’s doing.
- The additional headcount and responsibilities are one reason his world has been turned “upside down,” forcing him to redefine his role and figure out how to split time between groups.
Another treasurer in charge of ERM said the function is now taking up significantly more time relative than debt capital markets, which has quieted down after a busy 2020. Today, business continuity management, weather and insurance risk are among his major priorities.
Eliminating check-the-box thinking. Several members of the ERM group said that when they took over the role, ERM had become a little too rote. “Aspects of ERM do lend themselves to a check-the-box setup,” said one participant. “Sure, you do your risk registers and scorecards,” but it needs to go deeper than that to achieve strategic value.
- This is what many members and guests at the ERM meeting were attempting to do by infusing risk awareness into company culture. It’s no small task; one member said he’d tried to kickstart a company-wide risk awareness culture, but it didn’t take.
- The first time around, his audience—risk owners and business unit heads—were enthusiastic about the concept of making risk awareness part of the culture. But in practice, they weren’t that active. “They were happy to see me doing the actual work,” he said.
Insurance. Rising insurance premiums are key to understanding some of the spotlight shining on ERM. Companies are looking at ways to spend less, and through this lens, ERM is seen as an exercise in knowing better which risks require an insurance policy and which can be mitigated through thoughtful application of good risk management protocols.
- For instance, instead of shelling out cash for extensive coverage of a cyber-risk policy, why not analyze where the weaknesses are and mitigate them through increased vigilance?
- “We’re a facing hard insurance market,” said one member of NeuGroup’s Treasurers’ Group of Thirty. “If there’s opportunity to revisit risk retentions, ERM can help put it into context,” a discussion this member’s company is having around ERM.