Enterprise Risk ManagementFrom Incentives to Controls
Wiley Finance 2. Aufl.
A fully revised second edition focused on the best practices of enterprise risk management Since the first edition of Enterprise Risk Management: From Incentives to Controls was published a decade ago, much has changed in the worlds of business and finance. That's why James Lam has returned with a new edition of this essential guide. Written to reflect today's dynamic market conditions, the Second Edition of Enterprise Risk Management: From Incentives to Controls clearly puts this discipline in perspective. Engaging and informative, it skillfully examines both the art as well as the science of effective enterprise risk management practices. Along the way, it addresses the key concepts, processes, and tools underlying risk management, and lays out clear strategies to manage what is often a highly complex issue. Offers in-depth insights, practical advice, and real-world case studies that explore the various aspects of ERM Based on risk management expert James Lam's thirty years of experience in this field Discusses how a company should strive for balance between risk and return Failure to properly manage risk continues to plague corporations around the world. Don't let it hurt your organization. Pick up the Second Edition of Enterprise Risk Management: From Incentives to Controls and learn how to meet the enterprise-wide risk management challenge head on, and succeed.
Preface xiii Acknowledgments xvii Section One Risk Mangement in Context 1 Chapter 1 Introduction 3 The Benefits of Risk Management 6 Integration Adds Value 9 Cautionary Tales 12 Chapter 2 Lessons Learned 21 Lesson #1: Know Your Business 23 Lesson #2: Establish Checks and Balances 24 Lesson #3: Set Limits and Boundaries 25 Lesson #4: Keep Your Eye on the Cash 26 Lesson #5: Use the Right Yardstick 27 Lesson #6: Pay for the Performance You Want 27 Lesson #7: Balance the Yin and the Yang 28 Chapter 3 Concepts and Processes 31 Risk Concepts 32 Risk Processes 36 Risk Awareness 38 Risk Measurement 40 Risk Control 42 Risk Is a Bell Curve 48 Chapter 4 What Is ERM? 51 ERM Definitions 53 The Benefits of ERM 53 The Chief Risk Officer 57 Components of ERM 61 Section Two The Enterprise Risk Management Framework 67 Chapter 5 Corporate Governance 69 Codes of Conduct 71 Best Practices 72 Linking Corporate Governance and ERM 77 Chapter 6 Line Management 83 The Relationship Between Line and Risk Functions 84 Key Challenges 89 Best Practices 92 Chapter 7 Portfolio Management 99 The Theory of Active Portfolio Management 100 Benefits of Active Portfolio Management 102 Practical Applications of Portfolio Management 105 Chapter 8 Risk Transfer 111 A Brief History of ART 112 Advantages of ART 116 Pitfalls of ART 119 A Look to the Future 122 Case Study: Honeywell 124 Case Study: Barclays 124 Chapter 9 Risk Analytics 127 Risk Control Analytics 128 Risk Optimization Analytics 133 Market Risk Analytics 135 Credit Risk Analytics 138 Credit Portfolio Models 141 Operational Risk Analytics 142 GRC Systems 143 Chapter 10 Data and Technology 147 Early Systems 147 Data Management 149 Interface Building 151 Middleware 152 Distributed Architectures 153 Key Factors for a Successful Implementation 154 Chapter 11 Stakeholder Management 157 Employees 158 Customers 161 Regulators 164 Rating Agencies 166 Shareholder Service Providers 167 Business Partners 169 Section Three Risk Management Applications 173 Chapter 12 Credit Risk Management 175 Key Credit Risk Concepts 176 The Credit Risk Management Process 184 Basel Requirements 192 Best Practices in Credit Risk Management 196 Case Study: Export Development Corporation (EDC) 200 Chapter 13 Market Risk Management 209 Types of Market Risk 210 Market Risk Measurement 211 Market Risk Management 224 Best Practices in Market Risk Management 227 Case Study: Market Risk Management at Chase 230 Chapter 14 Operational Risk Management 237 Operational Risk—Definition and Scope 240 The Operational Risk Management Process 246 Best Practice in Operational Risk Management 257 Emerging IT Risks 259 Case Study: Heller Financial 264 Chapter 15 Business Applications 271 Stage I: Minimizing the Downside 271 Stage II: Managing Uncertainty 272 Stage III: Performance Optimization 274 The Further Evolution of Risk Management 275 Chapter 16 Financial Institutions 277 Industry Trends 278 Risk Management Requirements 283 Systemic Risk 287 A Look to the Future 289 Case Study: CIBC 292 Chapter 17 Energy Firms 297 Industry Trends 298 Risk Management Requirements 301 A Look to the Future 310 Lessons Learned from Enron 313 Lessons Learned from the BP Oil Spill 314 Chapter 18 Non-Financial Corporations 317 Risk Management Requirements 317 Best Practices in Corporate Risk Management 326 Case Study: Microsoft 333 Case Study: Ford 335 Case Study: Airbus and Boeing 336 Section Four A Look to the Future 339 Chapter 19 Predictions 341 The Profession of Risk Management 342 Technology and the Convergence of Risk Management 345 Ten Predictions 348 2013 Looking Back 353 Chapter 20 Everlast Financial 357 Section Five ERM Implementation 361 Chapter 21 ERM Implementation 363 Benefits of Corporate Governance and ERM Practices 364 ERM Implementation Requirements 366 ERM Maturity Model 373 Other ERM Maturity Models 377 Risk Culture 378 Chapter 22 Role of the Board 381 Board Oversight Requirements 381 Current Board Practices 383 Case Study: JP Morgan Chase 386 The Last Line of Defense 388 Chapter 23 Risk Assessment 399 Risk Assessment Methodology 401 Best Practice Case Studies in Risk Assessment 414 Appendix: Risk Assessment Self-Evaluation Checklist 415 Chapter 24 Risk-Based Decision Making 423 ERM Decisions and Actions 423 Creating Value through ERM 427 Case Study: Duke Energy 437 Chapter 25 Dashboard Reporting 439 Traditional versus Dashboard Reporting 441 General Dashboard Applications 442 ERM Dashboard Implementation 444 Evolving Best Practices 450 Notes 451 Index 465
JAMES LAM is widely recognized as the first ever Chief Risk Officer and a pioneer in the field of enterprise risk management. In a Euromoney survey, Mr. Lam was nominated by clients and peers as one of the world’s leading risk consultants. He currently serves as President of James Lam & Associates and Director and Chairman, Risk Oversight Committee of E*TRADE Financial. Previously, he held positions including Partner of Oliver Wyman, Founder and President of ERisk, Chief Risk Officer of Fidelity Investments, and Chief Risk Officer of GE Capital Markets Services, Inc. In 1997, Mr. Lam received the inaugural Risk Manager of the Year Award from the Global Association of Risk Professionals. Treasury & Risk magazine named him one of the “100 Most Influential People in Finance” in 2005, 2006, and 2008.
Successful risk management requires balance—of risk and reward, controls and culture, art and science. In the fully revised and updated Enterprise Risk Management: From Incentives to Controls, Second Edition, James Lam leads you on a thorough exploration of ERM from the unique perspective of one of the world’s foremost authorities on risk and business management. With an abundance of first-hand experience, Mr. Lam provides practical guidance from his work as a chief risk officer, a trusted board advisor and management consultant, and a public company director. Throughout the book, he provides case studies and real-world examples—every aspect of risk management is distilled and discussed—from the perspective of highly effective and proven corporate leadership. Business executives and risk management professionals are tasked with identifying and taking intelligent risks. In this book, Mr. Lam explains how an over-reliance on quantitative risk measurement has directly contributed to some of the high-profile risk management failures of recent years. Most risk models are simply incapable of accurately predicting the complex scenarios that could lead to financial disaster, which is why Enterprise Risk Management: From Incentives to Controls, Second Edition posits that your company’s risk profile—and ultimately the success or failure of its risk management strategy—is driven by the decisions and actions of its leadership and employees. Based on direct experience with more than 50 ERM programs, Mr. Lam explains how to establish best practices and overcome common barriers. In this updated Second Edition, a new section dedicated entirely to ERM Implementation articulates the importance of effective board risk oversight, risk assessment, risk-based decision making, and risk dashboard reporting in a way that is accessible for board members, business executives, risk professionals as well as their employees and stakeholders. Enterprise Risk Management: From Incentives to Controls, Second Edition takes you far beyond quantitative risk measurement and predictive modeling to a comprehensive understanding of how to build and nurture a corporate culture that encourages successful enterprise risk management.
Praise for Enterprise Risk Management, Second Edition “The concept that it takes a lifetime to build a company but that it takes moments to destroy it is a very valuable mantra for business leaders. The impact of the recent financial crisis brought that perspective into sharp and, for some, painful relief. Companies, however, need to innovate and grow and to take appropriate risks to do so. The joy of James Lam’s new book is that it recognizes the need for innovation and growth but also acknowledges in a very practical way the role of the ever-evolving risk framework around that growth. The book offers a credible and implementable nexus between growth and risk control, and as such, will be a highly valued tool for boards and management everywhere.” —Rodger A. Lawson, Chairman of the Board of Directors, E*TRADE Financial, Member of the Board of Directors, UnitedHealth Group, Retired President, Fidelity Investments “All too often, organizations focus on the process of risk management at the expense of incorporating risk management principles into the governance, leadership, and management of their enterprises. James Lam is a long-time leader in risk management and his substantial experience has enabled him to produce a comprehensive and practical guide for anyone committed to creating an organization capable of effectively evaluating risks versus returns.” —Matthew R. Feldman, President and Chief Executive Officer, Federal Home Loan Bank of Chicago “A key success factor in any ERM program is practical and effective implementation. In order to provide sustainable, long-term enterprise value, risk management must be integrated into an organization’s governance model, business analytics, strategic and tactical decisions, and dashboard reporting. Based on his hands-on experience, James Lam has very clearly outlined and articulated the best practices and implementation requirements for ERM. I highly recommend this book to anyone who is engaged in ERM oversight and implementation.” —Paymon Aliabadi, Executive Vice President and Chief Risk Officer, Exelon Corporation