Risk Governance
eBook - ePub

Risk Governance

Biases, Blind Spots and Bonuses

  1. 210 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Risk Governance

Biases, Blind Spots and Bonuses

About this book

Biases, blind spots and bonuses (or incentives more broadly) have led to numerous risk management disasters. Risk governance is a potential solution to these problems yet is not always as effective as we would like it to be. One reason for that is the current dearth of risk governance expertise.

This book seeks to address this issue, providing:



  • Understanding of the fundamental forces that cause disasters: the biases, blind spots and bonuses. This understanding is drawn from the disciplines of economics/finance and psychology;



  • Explanation of the structures of risk governance and common challenges experienced in their use e.g. board risk committee, risk/compliance function, assurance function, risk appetite statement, risk disclosures;



  • Thorough investigation of risk culture and its importance in risk governance, including the assessment of risk culture;



  • Understanding of the mechanisms of executive compensation and how they link to risk management – one of the most difficult challenges confronting both risk and remuneration committees;



  • Explanation of the risk management process (based on international standards ISO31000), including practical guidance on risk communication, analysis and treatment;



  • Guidance on the management of strategic risk, emphasising the importance of scenario analysis;



  • Application of these principles to cyber risk, climate risk – two pervasive risks affecting almost every organisation;



  • Numerous case studies and examples drawn from various industries around the world; and



  • Discussion of what has been learned about risk governance from the COVID-19 experience.

The book is an essential guide for postgraduate students; participants in professional education programs in governance and risk management; directors; senior executives; risk, compliance and assurance professionals as well as conduct and prudential regulators worldwide.

Trusted by 375,005 students

Access to over 1.5 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Routledge
Year
2021
Print ISBN
9780367642655
Edition
1
eBook ISBN
9781000395693
Topic
Business
Subtopic
Business Ethics
Index
Business

PART A
Foundations of risk governance

1
EMERGENCE OF RISK GOVERNANCE

The 2010 Deepwater Horizon incident1 conjures images of environmental catastrophe as well as the tragic loss of 11 lives. An oil rig operating 66 km off the Louisiana coast, the Deepwater Horizon ignited and exploded after a leak of methane gas. This caused the largest ever accidental oil spill, threatening species from whale sharks to sea grass. For BP, the operator of the oil rig, the incident was also disastrous as it faced billions of dollars in fines and reputational damage.
The Dieselgate scandal engulfed Volkswagen and its subsidiaries2 when a ‘defeat device’ was discovered in 2015 for deceiving US regulators. It created the false impression that the diesel vehicles complied with strict environmental standards for protecting the health of the population, crucial for those with chronic respiratory conditions. Volkswagen subsequently spent billions on vehicle rectification and fines.
In 2019, Australia’s oldest bank, Westpac, was accused of 23 million breaches of anti-money laundering laws, ignoring transactions likely to be associated with child exploitation.3 If proven, the allegations will also result in significant fines and reputational damage.
Three different scandals, all in the last decade but in different parts of the world and involving different industries. All three failures arguably could have been prevented by better governance. All three resulted in changes in the executive team, the board or both. In the Westpac case, for example, the CEO, the chairman and the chair of the board risk committee all stepped down in the weeks following the news, accepting accountability for serious failures of risk management. Importantly, the push for resignations came from the shareholder community, through institutional shareholders and proxy advisors.
These examples illustrate a worldwide phenomenon: that directors and senior executives are ultimately held responsible for risk management within their organisations. It is no longer possible to hide behind excuses of ignorance or group decision making. Directors are expected to own the organisation’s risk choices, take responsibility for the risk management framework, challenge the executive in relation to risk issues and ensure that a risk culture is established. In other words, risk governance is an expected norm of modern organisations.
Some directors are outraged by what they see as unrealistic expectations or inappropriate intrusion into areas that should be the remit of the executive. But many if not most shareholders see these risk governance tasks as reasonable. From the perspective of the shareholder, often holding shares in anticipation of retirement, directors are well paid and enjoy high status for exercising independent oversight on their behalf. Directors who feel unable or unwilling to take on these responsibilities are free to leave the field; plenty of others are ready to replace them.
So how did risk governance evolve? What are the forces and societal trends that led us to this point? I will argue that risk governance can be explained by three main forces:
  • An increasingly litigious and regulated society that led to the development of risk management as a discipline and profession, as organisations defended themselves against reputational damage, legal costs and fines;
  • The understanding that humans are prone to poor risk management through a range of biases and blind spots;
  • Incentive conflicts that cause managers, acting out of self-interest, to pay insufficient attention to longer-term risk issues that are important to most other stakeholders.
Table 1.1 highlights some of the important risk governance milestones that have both stimulated and signalled change.
TABLE 1.1 Milestones in Risk Management
1960s
  • Consumer movement emerges following cases such as the Ford Pinto.
1970s
  • Occupational health and safety regulations proliferate.
  • Black and Scholes publish landmark paper on option theory in 19726, contributing to growing use of derivatives, risk transfer mechanisms, for treating financial risk.
  • 3 Mile Island incident in 1979 is a catalyst for concern about man-made disasters7 and the inevitability of accidents.
1980
  • Zohar publishes first paper on safety climate,8 focusing on management commitment as a prerequisite.
1984
  • Bhopal gas tragedy kills and injures thousands,9 raising issues of corporate negligence and employee sabotage.
  • Perrow publishes ‘Normal Accidents’10, arguing that accidents are unavoidable in complex technological systems.
1986
  • Chernobyl nuclear accident highlights numerous causal factors including flawed reactor design and poor safety culture.11
  • Space Shuttle Challenger disaster underscores problems in NASA’s organisational culture and decision making processes.12
  • Institute for Risk Management, one of the first associations for risk professionals, is established in the UK.13
1987
  • Black Monday October 19, 1987 – share markets in many countries fall by more than 20% in one day. This event emphasised the evolving interconnectedness of financial markets and the need for central bank intervention.14
1988
  • Basel Accord I announced – international regulations relating to bank capital, highlight the importance of equity capital as the last line of defence against risk.
1992
  • Bankers Trust publishes ‘The Risk Management Revolution’, promoting the quantification of risk and the use of these risk measurements for business decisions such as determining capital needs, pricing and allocation of resources.15
1994
  • JP Morgan publishes Value-at-Risk (VaR) methodology on the internet, influencing capital management and regulation worldwide. VaR is a measure of potential losses from speculative trading positions, at a specified confidence level. This is another milestone in the quantification of risk.
1995
  • Barings collapse – arguably the most famous rogue-trader case. Nick Leeson’s losses from unauthorised and concealed derivatives trades amounted to US$1.3 billion due to governance failures.16 Internal controls, such as segregation of duties, were not present. Managers and directors provided inadequate oversight.
  • First risk management standards (AS/NZS4360) published in Australia and New Zealand.
1996
  • Bernstein publishes ‘Against the Gods’,17 arguing that the notion of controlling risk is one of the central ideas that distinguishes modern times from the distant past.
  • Asian banking crisis starts with a range of contributing factors including rapid expansion, crony capitalism and fixed exchange rates. Many firms had too much debt. When the bubble burst, defaults exploded especially in Thailand, Indonesia and Malaysia, and a number of banks failed. Poor governance (protection for minority shareholders), allowing managerial expropriation, is cited as a contributing factor.18
1998
  • Russian bond crisis brings down the hedge fund Long-Term Capital Management (LTCM). The case illustrates the consequences of simplistic, flawed risk models to guide business decisions.19
1999
  • Turnbull report, revised in 2005, introduces risk assessment and internal controls to corporate governance for UK listed companies.
2001
  • 9/11 catastrophe illustrates how terrorists can exploit behavioural biases (dread risks) to their advantage; brings greater focus on geopolitical risks. Dread risks are risks that produce disproportionate fear and induce sub-optimal responses. After 9/11 many people reduced air travel in favour of car travel, causing many additional and needless road deaths. Air travel remains one of the safest modes of transport given the vanishingly small probability of terrorist attack.20
  • Enron bankruptcy underscores many risk governance issues including failure of the board to understand the risks of the business, failure of auditors to uncover managerial fraud, preventing the flow of accurate information to investors.21
2002
  • Sarbanes-Oxley Act responds to governance failures at Enron. The Act aimed to enhance the quality of financial disclosures by addressing audit quality, the quality of internal controls and impose greater responsibilities on directors serving on the audit committee. It also included enhanced whistle-blower protections and the possibility of clawback of bonuses following fraud.
  • SARS epidemic focuses attention on risk of infectious disease and relevant risk management practices e.g. scenario planning, business continuity planning.22
  • Kahneman, a pioneer in the field of behavioural biases, wins Nobel Memorial Prize in Economic Sciences for work completed in the late twentieth century.
2003
  • NAB foreign exchange option scandal. Rogue traders caused losses of $360 million. This case was one of the first to explicitly identify culture as an underlying cause, contributing to the failure of controls in a financial institution.23
2004
  • COSO Enterprise Risk Management (ERM) framework launched.24 COSO defined ERM as ‘a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives’.
  • Basel II published with expanded use of internal quantitative risk models for banks in the regulation of capital for risk mitigation purposes.
  • OECD revises corporate governance principles, extending the responsibilities of directors in relation to risk management.25
2007
  • Taleb publishes ‘The Black Swan’26 describing biases associated with low probability events. During the global financial crisis Taleb becomes one of the most strident critics of quantitative risk models.
  • Global Financial Crisis begins as the sub-prime mortgage market deteriorates.27 A US housing boom, driven by securitisation and loose lending to high-risk borrowers, comes to an end when these borrowers start defaulting.
2008
  • Lehman Brothers bankruptcy results from risky assets (financing housing and sub-prime mortgages) and excessive reliance on short-term debt; the legacy of infamous CEO Dick Fuld.28 Many other financial institutions share the same fate or are bailed out or taken over by rivals.
200...

Table of contents

  1. Cover
  2. Half Title
  3. Series Page
  4. Title Page
  5. Copyright Page
  6. Dedication Page
  7. Contents
  8. List of figures
  9. List of tables
  10. Biography
  11. Foreword
  12. Preface
  13. Part A Foundations of risk governance
  14. Part B The risk management process
  15. Part C Case studies
  16. Risk governance glossary
  17. Index

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Risk Governance by Elizabeth Sheedy in PDF and/or ePUB format, as well as other popular books in Business & Business Ethics. We have over 1.5 million books available in our catalogue for you to explore.