Published on March 3, 2014
Emerging Risks: Identification, Assessment and Mitigation
Agenda Defining Emerging Risks Regulatory Guidance 4 Incorporating emerging risk into ERM framework 2 3 5 © 2014 Protiv iti Inc. CONFIDENTIAL
What are emerging risks? Emerging risks are newly developing or changing risks which are perceived to be potentially significant but which may not be fully understood or allowed for in business and strategic planning. Detailed definition Emerging risks may not be fully understood or identified and hence comprehensive risk management options to assess, quantify, monitor and control such risks are difficult for organizations to create and implement. Systemic Nature Emerging risks are linked to other risks giving them a systemic nature. The risks can cut across geographies, industries and economic systems and are generally outside the scope of any organization. The impact of an emerging risk that has not been identified and mitigated by an institution can sometimes be destructive. Impact Quantification Emerging risks are difficult to define, assess and quantify in monetary terms to the necessary level of accuracy leading to ineffective standard approaches to likelihood and impact projections. Emerging vs. Evolving Emerging risks are new or unique risks. They differ from evolving risks which have been previously identified and are merely shifting or changing from original conditions. 3 © 2014 Protiv iti Inc. CONFIDENTIAL
Regulatory guidance on emerging risks is evolving and always starts with a solid ERM framework • • Set up emerging risk committees to discuss potential threats and how they might be mitigated or managed • Identify appropriate indicators that provide early warning of an increased risk of future losses • Indicators are usually forward-looking and reflect potential sources of risk • Use a variety of channels and windows to gain perspectives on emerging risks • Increase focus on potential risks before concerns become real problems • Perform stress testing on the trends in outcomes to understand how risk is changing • Take action based on quantification of risk • Review and analyze prior failures to mitigate emerging risks to determine ways to better quantify the build-up of risks • Maintain a healthy skepticism of the ability of regulatory capital requirements to prevent risk concentrations • Financial Services Authority1 Active consideration of emerging risks and a process for assessing their impact Examination and analysis are important in identifying emerging risk concentrations • The entity’s risk management function should be assessed by senior management and the board of directors including how emerging and/or prospective risks are identified, tracked, assessed and managed OCC2 NAIC3 1 2 3 4 Enhancing Frameworks in the Standardized Approach to Operational Risk, Financial Services Authority, January 2011 Act Now to Address Emerging Risks , Darrin Benhart - OCC, October 25, 2012 Implications of the Financial Crisis for Insurance Regulation, Terri Vaughan - NAIC, April 15, 2010 © 2014 Protiv iti Inc. CONFIDENTIAL
Incorporating emerging risk into your existing ERM framework • • • • Exam ple Activities: Determ ine if em erging risks present a barrier to strategic objectives Consider em erging risks as part of strategic planning Allocate dedicated resources to em erging risk Establish em erging risks repository Establish Risk Management Goals, Objectives and Infrastructure • • Assess Risk • Exam ple Activities: Ensure that the risk assessments are refreshed, new and em erging risks are identified, captured and com m unicated • Identify • Assess • Categorize • Calculate Continuously Improve Risk Management Capabilities • • • Exam ple Activities: System atically m onitor em erging risks and resource adequacy Update stress testing, reverse stress testing and scenario analysis w ith em erging risk scenarios Escalate em erging risks and status of risk m itigation efforts as part of standard risk reporting Develop Risk Management Strategies Avoid – Reduce – Retain – Exploit – Transfer Design / Implement Risk Management Process • • • © 2014 Protiv iti Inc. CONFIDENTIAL Information for Decision Making Measure / Monitor Risk Management Performance • 5 Exam ple Activities: Identify em erging risks through a variety of channels: cross-functional team s, external resources, analysis, etc. Incorporate em erging risks into the risk inventory Exam ple Activities: Identify and allocate responsibility for em erging risk m anagem ent Design and im plem ent procedures for em erging risk m anagem ent Exam ple Activities: Determ ine the m ost appropriate risk response and action plans Allocate capital to m anage dow nside risks
6 © 2014 Protiv iti Inc. CONFIDENTIAL
Current Director, Protiviti Software Services at Protiviti Past Associate Director, Software Services at Protiviti, Associate Director of Development, Risk ...
View 12336 Protiviti posts, presentations, ... Exciting news on the Protiviti front ... Protiviti's Investigations & Fraud Risk ...
“Identifying Emerging Risks” ... ©2016 Protiviti Inc. All Rights Reserved. Protiviti Inc. is an Equal Opportunity Employer, M/F/Disability/Vet ...
... for identifying emerging risks because not all risk are driven internally-natural disasters can have a profound impact. Protiviti's Jim DeLoach ...