Guru Speak

ERM provides the integration of riskmanagement processes so that risks are managed and explicitly correlated from an organisationwide perspective. It facilitates the study and analysis of risk interactions, rather than treating risks on a standalone basis.

ERM needs to be tailored for effective implementation and to best serve the institution's business goals and corporate values. Some institutions begin by establishing objectives for ERM, developing ERM governance structure, framework and policy. However, more importantly, the institution must identify its key risks and know its risk appetite. A formal, approved statement of risk appetite is a key guiding document for an ERM programme. It conveys the level of risk that the institution is willing to take and therefore guide decisionmaking by the institution's business management.

While one of the factors driving ERM in financial institutions is to provide an integrated management of key types of risks under Basel II - namely credit risk, market risk and operational risk - the ERM value proposition goes beyond meeting minimum regulatory or ratingagency expectations.

ERM can provide substantial benefits such as improving shareholder value, enhanced focus on internal controls and better corporate governance through improved reporting of the institutions' complete risk exposures and consideration of risk offsets in its capital requirements. However, to gain these benefits, many institutions will need to continue to broaden the scope of their ERM programmes to include the full range of risks they face as well as to ensure that ERM is well integrated across the enterprise.

We believe that the broad goals of an ERM programme should be to:

n Enable the board and senior management to understand how the risks for which they are ultimately responsible are being managed on a daytoday basis

n Aggregate and integrate/correlate significant risk information up through the institution to create an enterprisewide view of the firm's risk profile and its "in control" status

n Equip business and corporate areas with the capabilities to proactively identify, assess and report on the control of their significant financial and nonfinancial risks at any time within the context of the firm's business objectives.

Implementation of ERM is not without challenges. One of the significant challenges an organisation faces is to define ERM in a way that supports a structured costbenefit analysis and implementation planning. This challenge stems from a lack of organisational objectives and from confusion surrounding the array of puzzling and contradictory terminology. In addition, issues surrounding data, culture, tools/supporting technology systems and consolidation of risk information for reporting are typical obstacles facing ERM implementation during organisationalwide rollout. Finally, some institutions may find it difficult to keep business units engaged throughout the course of ERM implementation.

Among the institutions that have implemented ERM, most have found the effort worthwhile. In terms of the kind of value ERM has brought, executives most often cited "improved understanding of risks", "improved regulator perception", "improvements in rating agency perception", "earnings quality and reputation" and "transparency for shareholders".

 Suttharug Panya is partner of Deloitte Touche Tohmatsu Jaiyos Advisory, Consulting - Financial Services Industry