Risk Appetite & Enterprise Risk Management Masterclass

• Understand the concept of Risk Appetite, the starting point for all corporate governance systems
• Recognise how ERM overcomes the challenges of “silo” working and enables risk stewards to manage risk on a firm-wide basis
• Appreciate what o ERM means, what it does as well as its scope and purpose.
• Get an overview of the challenges to implementing and establishing an ERM programme
• Have explained to them the cultural challenges, including getting the right sponsor, encouraging collaboration and understanding multiple risk types.
• Gain an understanding of the components of the ERM
• Be appraised of exception-based escalation
• Be advised about how to establish ERM Systems.
• Have an overview of portfolio risk management & ERM systems
• Understand risk management under ERM
• Appreciate the importance of optimising risk and equity allocation as part of ERM
• Get to grips with constant new challenges and ever-changing regulatory considerations

Session 1: ERM; Emergence, scope & purpose

• Traditional Silo risk management
• How does ERM differ
• Definition of risk - types
• Consequences of failing to manage risk
• Internal and external drivers of risk to organisations
• The role of the risk management function
• The purpose and key benefits of risk management
• Corporate Governance and risk management
• Case Study –Creating a new ERM 

Discussion – What do you think of your existing ERM or if none exists, your risk management process 

Session 2:  Risk Appetite

• The key principles
• Appetite, tolerance, and capacity – what do these thresholds mean?
• A sample RAS
• Defining RAS and risk limits
• Using RAS as a management tool
• Case study – Consider a simple RAS 

Session 3: Challenges to implementing and establishing an ERM program – explained in plain terms

• Defining risk, measurement, getting reliable data, confidence level, and time frame
• Chosen measurement approaches, tracking error, duration, etc
• Aggregation, distinguishing firm risks from client risks
• Timescale challenges, amalgamating integrated VaR models
• Risk variance and covariance
• Hidden correlations
• Complexity, collecting and transforming inputs from disparate sources
• Adding narrative to data so key points can be understood/identified
• Case Study - Hidden correlations 

Exercise - Prepare a brief board paper setting out parameters followed by debriefing and discussion 

Session 4: Cultural challenges

• Setting the appropriate “tone from the top”
• Getting the right sponsor
• Gaining acceptance throughout the firm
• Establishing a common risk language
• Overcoming traditional silo mentality/practices
• Encouraging collaboration
• Embedding the approach
• Combining credit and market and operational risk teams
• Different skill types, cultures and different roles
• Understanding multiple risk types 

Role Play – Dealing with objections from a senior colleague, followed by a debrief and discussion 

Session 5:  ERM – the components

• Definition of equity
• The three types of equity; regulatory, economic and actual
• VaR explained
• Procyclicality
• Assessing the risk maturity of the business
• Setting parameters
• Establishing report lines and responsibilities
• Convincing decision-makers that the exercise is more than box-ticking
• Case study –Calculating the three types of equity        

Exercise – Consider your department. Are all risk components covered? What improvements would you suggest and what would you leave out. Followed by debriefing and discussion. 

Session 6:  Establishing ERM systems

• The key principles
• Suggested framework, content, and layout
• Prudence and conservatism
• Period to be covered
• .. how many risks?
• The ERM process from preparation to Board approval
• Challenge and independent review
• Committees and their roles 

Session 7: Portfolio Risk Management & ERM systems

• Portfolio performance measures
• Value at risk
• Stress testing & impacts of stress tests
• Scenario modelling and its impacts
• RAROC
• Embedding ERM in the firm
• Gaining acceptance
• Case study – A sample stress test on the ERM 

Session 8: Risk Management under ERM

• Underwriting process
• CRA and CRR
• Transfer pricing
• Active risk provisioning
• Risk hedging strategies
• Risk allocation
• Case study – A simple risk allocation process 

Session 9: Exception based escalation

• Periodic reporting of risk and control information
• Immediate escalation of risks as they arise
• Immediate escalation of controls as they fail
• Prioritizing
• Setting thresholds and limits
• Aggregated escalation matrix
• Case study – What are the exceptions you need for your department. Are they specific to you or the firm? 

Roleplay – Dealing with a fictional exception in your department. Followed by discussion and debrief. 

Session 10: Optimising Risk and Equity Allocation

• Risk portfolio theory
• Active risk portfolio management
• Stakeholder perspectives – internal and external
• Inter-relationships
• Collaboration
• Forming an overall picture
• Multi-task forums
• Case study – Looking from the shareholders viewpoint 

Session 11: Accountability 

• Risk control owners
• Departmental responsibility
• Transparent reporting
• Visibility
• Fairness
• Sanctions
• Case study - What report lines would you recommend for your department. How will exceptions be handled? Followed by a debrief and discussion 

Role Play – Persuade a colleague who objects, to taking on this role. Followed by debriefing and discussion 

Session 12: New Challenges 

• Regulatory changes
• Governance and strategic risks
• Refreshing the profile
• Reputational risks
• Systemic risks
• Case study– What must be done to ensure the new ERM reacts to real challenges and not just small changes? Followed by debriefing and discussion 

Session 13:  Regulatory Considerations

• Regulatory issues
• Auditors requirements
• Other Regulatory requirements 

Exercise – who regulates you? What does each want from an ERM? Will we deliver this? Are we meeting these expectations with our ERM? What changes if any might be made? 

Session 14: Course Summary

• Final Exercise in role-play form (as many as time permits) – convince the course director, playing a difficult CEO to implement your ERM. Followed by debriefing and discussion.

The trainer had a highly successful, long and varied “fast track” career in Lloyds Bank which led him to a very senior management position in the bank’s private banking and wealth management division at an early age. He was then “headhunted” to join a merchant bank at main board director level to head both the private bank and the group risk management function. He now has over 40 years of experience in managing risk in the UK banking and financial services sector.

He has been a freelance risk management training consultant since retiring and is currently an external Master Trainer at both HSBC and Bank of China where he has delivered major projects on a wide range of topics. At HSBC he helped design their global flagship Risk Management Programme for senior middle managers and has delivered this globally for the past 5 years. He has also created and delivered training to a vast range of clients, from global giants to small firms and partnerships. He is an accomplished global trainer and has delivered extensive programmes in the UK, USA, South America, Europe, Africa, Asia and the Middle East.

He is a highly adaptive, hands-on and highly sought-after facilitator who always receives excellent feedback from delegates. He is comfortable training at any level of seniority and experience, from “black belts” to novices. In addition to his risk management specialism, his expertise includes but is not limited to Risk Management, Trade Finance, Regulatory Compliance, FCC & AML and all aspects of Corporate, Private & Retail Banking. He is also a highly experienced soft skills trainer and has completed numerous “train the trainer” assignments.

In very simple terms, ERM empowers the Chief Risk Officer (often the Group MD or CEO) to measure, monitor and oversee all the risks the firm is taking in the form of a single, user-friendly report that can be accessed from within a central “command bunker” in real-time. Its purpose is to provide a meaningful risk oversight tool that avoids the pitfalls of traditional “silo” working and “silo” risk-taking. “Silo” working involves business units operating independently of each other and not always in the best interests of the firm as a whole.

Put bluntly, no CEO can attest properly that risk is managed effectively across the firm unless it can be measured, assessed and overseen in a single report that is available on a real-time basis at the click of a button. Anything less involves guesswork.

Within any organisation, there are both tactical and strategic risk-takers. The strategic risk-takers – CEO, directors and senior managers – formulate the business strategy and agree that certain risks can and must be taken, whereas others are to be expressly avoided.  This strategy is communicated throughout the organisation using a risk appetite statement (RAS) which is often called an Operating Plan.

The concept of ERM is not new but became a priority following the 2008 financial crisis which revealed in very harsh terms that many organisations did not actually have a full appreciation of all the risks being taken across the firm. Instead, risks were simply lumped together based on reports from individual business units. ERM requires an integrated risk management process that clearly measures all risks at all levels in all operating units and combines them into a single risk monitoring tool.

This highly interactive and workshop-style course will enable delegates to discuss strategic ERM frameworks, understand the key processes for implementing an effective ERM function and how to put in place the appropriate ERM architecture. It will deal with set up, implementation, operation, management, and exceptional issues and will demonstrate how this important corporate governance tool can be used to manage the risk profile across the firm. It will cover economic capital allocation, risk appetite, risk allocation, and risk budgeting and risk reporting.

Who Should Attend

Anyone with an interest in the topic seeking an update, new information or merely a refresher

Workshop Style & Delivery

Highly interactive and packed with case studies, opportunities to engage in discussion and if applicable, swap “war stories”