What is enterprise risk management?
Abstract
Enterprise risk management (ERM) is the set of activities used to affect the management of risk across the whole institution, as opposed to discrete risks inside business silos. Most financial institutions have highly developed, specialised risk functions or ‘risk stripes’ that focus on the key individual risk types. Historically, these risk stripes have concentrated on financial threats like credit risk and market risk. More recently, nonfinancial risks like operational, compliance and cyber risk have captured the attention of risk managers. For the most part, risk stripes address the risks of the individual business silos, which typically include deposit taking, lending and trading. This overview paper seeks to explain the objectives of an enterprise approach to risk management as distinct from a purely risk-stripe and silo-based approach. What are some of the recent trends that make the ERM aspect of risk management more important than ever, and what does a good ERM framework look like, given the comparative advantage of ERM, namely the enterprise-wide view (the E in ERM)? This paper presents the four pillars of ERM: a coordinating role through the ownership of the risk management framework; the creation of the risk appetite statement, a foundational element of that framework; development of aggregating risk measures; and rounding up of cross-cutting risks – the stuff that is hard to identify and quantify. In addition to these core pillars, The paper describes a set of ‘nice-to-have’ functions, such as stress testing and risk data ownership, and we discuss some organisational features and capabilities one looks for in an effective ERM group.
The full article is available to subscribers to the journal.
Author's Biography
Jeffrey Brown is a partner in Oliver Wyman’s Financial Services practice. He focusses on model risk management, risk governance and supervisory expectations for bank risk management. Prior to joining Oliver Wyman in August 2013, Jeff was the Senior Deputy Comptroller for Economics and International Affairs at the Office of the Comptroller of the Currency, where he created that agency’s Risk Analysis Division, which pioneered the provision of modelling expertise in bank exams and played a leadership role in developing and implementing the supervisory approach to model risk. Jeff has a PhD in economics from Brown University and a BA in political science from the University of Iowa.
Michael Duane is a Principal in Oliver Wyman Financial Services’ Finance & Risk practice, based in New York. He has consulted to banks, insurers and public institutions across a range of risk and regulatory topics, including many engagements on enterprise-wide stress testing. He is a graduate of Princeton University.
Til Schuermann joined Oliver Wyman in August 2011 as a Partner in the Finance & Risk and Public Policy practices. His focus is on stress testing, capital planning, enterprise-wide risk management and corporate governance. Prior to Oliver Wyman, Til was a Senior Vice President at the Federal Reserve Bank of New York where he held numerous positions, including head of Financial Intermediation in Research and head of Credit Risk in Bank Supervision.
Citation
Brown, Jeffrey, Duane, Michael and Schuermann, Til (2019, September 1). What is enterprise risk management?. In the Journal of Risk Management in Financial Institutions, Volume 12, Issue 4. https://doi.org/10.69554/AKXU4657.
Publications LLP