eBook - ePub

Risk Governance

Name: Risk Governance
Author: Elizabeth Sheedy

Biases, Blind Spots and Bonuses

Elizabeth Sheedy

Buch teilen

210 Seiten
English
ePUB (handyfreundlich)
Über iOS und Android verfügbar

eBook - ePub

Risk Governance

Biases, Blind Spots and Bonuses

Elizabeth Sheedy

Angaben zum Buch

Buchvorschau

Inhaltsverzeichnis

Quellenangaben

Über dieses Buch

Biases, blind spots and bonuses (or incentives more broadly) have led to numerous risk management disasters. Risk governance is a potential solution to these problems yet is not always as effective as we would like it to be. One reason for that is the current dearth of risk governance expertise.

This book seeks to address this issue, providing:

Understanding of the fundamental forces that cause disasters: the biases, blind spots and bonuses. This understanding is drawn from the disciplines of economics/finance and psychology;
Explanation of the structures of risk governance and common challenges experienced in their use e.g. board risk committee, risk/compliance function, assurance function, risk appetite statement, risk disclosures;
Thorough investigation of risk culture and its importance in risk governance, including the assessment of risk culture;
Understanding of the mechanisms of executive compensation and how they link to risk management – one of the most difficult challenges confronting both risk and remuneration committees;
Explanation of the risk management process (based on international standards ISO31000), including practical guidance on risk communication, analysis and treatment;
Guidance on the management of strategic risk, emphasising the importance of scenario analysis;
Application of these principles to cyber risk, climate risk – two pervasive risks affecting almost every organisation;
Numerous case studies and examples drawn from various industries around the world; and
Discussion of what has been learned about risk governance from the COVID-19 experience.

The book is an essential guide for postgraduate students; participants in professional education programs in governance and risk management; directors; senior executives; risk, compliance and assurance professionals as well as conduct and prudential regulators worldwide.

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?

Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.

(Wie) Kann ich Bücher herunterladen?

Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.

Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?

Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.

Was ist Perlego?

Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.

Unterstützt Perlego Text-zu-Sprache?

Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.

Ist Risk Governance als Online-PDF/ePub verfügbar?

Ja, du hast Zugang zu Risk Governance von Elizabeth Sheedy im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Business & Corporate Governance. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag

Routledge

Jahr

2021

ISBN

9781000395693

Auflage

Thema

Business

Thema

Corporate Governance

PART A
Foundations of risk governance

1
EMERGENCE OF RISK GOVERNANCE

The 2010 Deepwater Horizon incident¹ conjures images of environmental catastrophe as well as the tragic loss of 11 lives. An oil rig operating 66 km off the Louisiana coast, the Deepwater Horizon ignited and exploded after a leak of methane gas. This caused the largest ever accidental oil spill, threatening species from whale sharks to sea grass. For BP, the operator of the oil rig, the incident was also disastrous as it faced billions of dollars in fines and reputational damage.

The Dieselgate scandal engulfed Volkswagen and its subsidiaries² when a ‘defeat device’ was discovered in 2015 for deceiving US regulators. It created the false impression that the diesel vehicles complied with strict environmental standards for protecting the health of the population, crucial for those with chronic respiratory conditions. Volkswagen subsequently spent billions on vehicle rectification and fines.

In 2019, Australia’s oldest bank, Westpac, was accused of 23 million breaches of anti-money laundering laws, ignoring transactions likely to be associated with child exploitation.³ If proven, the allegations will also result in significant fines and reputational damage.

Three different scandals, all in the last decade but in different parts of the world and involving different industries. All three failures arguably could have been prevented by better governance. All three resulted in changes in the executive team, the board or both. In the Westpac case, for example, the CEO, the chairman and the chair of the board risk committee all stepped down in the weeks following the news, accepting accountability for serious failures of risk management. Importantly, the push for resignations came from the shareholder community, through institutional shareholders and proxy advisors.

These examples illustrate a worldwide phenomenon: that directors and senior executives are ultimately held responsible for risk management within their organisations. It is no longer possible to hide behind excuses of ignorance or group decision making. Directors are expected to own the organisation’s risk choices, take responsibility for the risk management framework, challenge the executive in relation to risk issues and ensure that a risk culture is established. In other words, risk governance is an expected norm of modern organisations.

Some directors are outraged by what they see as unrealistic expectations or inappropriate intrusion into areas that should be the remit of the executive. But many if not most shareholders see these risk governance tasks as reasonable. From the perspective of the shareholder, often holding shares in anticipation of retirement, directors are well paid and enjoy high status for exercising independent oversight on their behalf. Directors who feel unable or unwilling to take on these responsibilities are free to leave the field; plenty of others are ready to replace them.

So how did risk governance evolve? What are the forces and societal trends that led us to this point? I will argue that risk governance can be explained by three main forces:

An increasingly litigious and regulated society that led to the development of risk management as a discipline and profession, as organisations defended themselves against reputational damage, legal costs and fines;
The understanding that humans are prone to poor risk management through a range of biases and blind spots;
Incentive conflicts that cause managers, acting out of self-interest, to pay insufficient attention to longer-term risk issues that are important to most other stakeholders.

Table 1.1 highlights some of the important risk governance milestones that have both stimulated and signalled change.

**TABLE 1.1** Milestones in Risk Management
1960s	Consumer movement emerges following cases such as the *Ford Pinto*.
1970s	Occupational health and safety regulations proliferate. Black and Scholes publish landmark paper on option theory in 1972⁶, contributing to growing use of derivatives, risk transfer mechanisms, for treating financial risk. *3 Mile Island* incident in 1979 is a catalyst for concern about man-made disasters⁷ and the inevitability of accidents.
1980	Zohar publishes first paper on safety climate,⁸ focusing on management commitment as a prerequisite.
1984	*Bhopal gas tragedy* kills and injures thousands,⁹ raising issues of corporate negligence and employee sabotage. Perrow publishes ‘Normal Accidents’¹⁰, arguing that accidents are unavoidable in complex technological systems.
1986	*Chernobyl nuclear accident* highlights numerous causal factors including flawed reactor design and poor safety culture.¹¹ *Space Shuttle Challenger* disaster underscores problems in NASA’s organisational culture and decision making processes.¹² Institute for Risk Management, one of the first associations for risk professionals, is established in the UK.¹³
1987	*Black Monday October 19, 1987* – share markets in many countries fall by more than 20% in one day. This event emphasised the evolving interconnectedness of financial markets and the need for central bank intervention.¹⁴
1988	Basel Accord I announced – international regulations relating to bank capital, highlight the importance of equity capital as the last line of defence against risk.
1992	Bankers Trust publishes ‘The Risk Management Revolution’, promoting the quantification of risk and the use of these risk measurements for business decisions such as determining capital needs, pricing and allocation of resources.¹⁵
1994	JP Morgan publishes Value-at-Risk (VaR) methodology on the internet, influencing capital management and regulation worldwide. VaR is a measure of potential losses from speculative trading positions, at a specified confidence level. This is another milestone in the quantification of risk.
1995	*Barings collapse* – arguably the most famous rogue-trader case. Nick Leeson’s losses from unauthorised and concealed derivatives trades amounted to US$1.3 billion due to governance failures.¹⁶ Internal controls, such as segregation of duties, were not present. Managers and directors provided inadequate oversight. First risk management standards (AS/NZS4360) published in Australia and New Zealand.
1996	Bernstein publishes ‘Against the Gods’,¹⁷ arguing that the notion of controlling risk is one of the central ideas that distinguishes modern times from the distant past. *Asian banking crisis* starts with a range of contributing factors including rapid expansion, crony capitalism and fixed exchange rates. Many firms had too much debt. When the bubble burst, defaults exploded especially in Thailand, Indonesia and Malaysia, and a number of banks failed. Poor governance (protection for minority shareholders), allowing managerial expropriation, is cited as a contributing factor.¹⁸
1998	Russian bond crisis brings down the hedge fund *Long-Term Capital Management (LTCM).* The case illustrates the consequences of simplistic, flawed risk models to guide business decisions.¹⁹
1999	Turnbull report, revised in 2005, introduces risk assessment and internal controls to corporate governance for UK listed companies.
2001	*9/11 catastrophe* illustrates how terrorists can exploit behavioural biases (dread risks) to their advantage; brings greater focus on geopolitical risks. Dread risks are risks that produce disproportionate fear and induce sub-optimal responses. After 9/11 many people reduced air travel in favour of car travel, causing many additional and needless road deaths. Air travel remains one of the safest modes of transport given the vanishingly small probability of terrorist attack.²⁰ *Enron bankruptcy* underscores many risk governance issues including failure of the board to understand the risks of the business, failure of auditors to uncover managerial fraud, preventing the flow of accurate information to investors.²¹
2002	Sarbanes-Oxley Act responds to governance failures at Enron. The Act aimed to enhance the quality of financial disclosures by addressing audit quality, the quality of internal controls and impose greater responsibilities on directors serving on the audit committee. It also included enhanced whistle-blower protections and the possibility of clawback of bonuses following fraud. *SARS epidemic* focuses attention on risk of infectious disease and relevant risk management practices e.g. scenario planning, business continuity planning.²² Kahneman, a pioneer in the field of behavioural biases, wins Nobel Memorial Prize in Economic Sciences for work completed in the late twentieth century.
2003	*NAB foreign exchange option scandal*. Rogue traders caused losses of $360 million. This case was one of the first to explicitly identify culture as an underlying cause, contributing to the failure of controls in a financial institution.²³
2004	COSO Enterprise Risk Management (ERM) framework launched.²⁴ COSO defined ERM as ‘a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives’. Basel II published with expanded use of internal quantitative risk models for banks in the regulation of capital for risk mitigation purposes. OECD revises corporate governance principles, extending the responsibilities of directors in relation to risk management.²⁵
2007	Taleb publishes ‘The Black Swan’²⁶ describing biases associated with low probability events. During the global financial crisis Taleb becomes one of the most strident critics of quantitative risk models. *Global Financial Crisis* begins as the sub-prime mortgage market deteriorates.²⁷ A US housing boom, driven by securitisation and loose lending to high-risk borrowers, comes to an end when these borrowers start defaulting.
2008	*Lehman Brothers bankruptcy* results from risky assets (financing housing and sub-prime mortgages) and excessive reliance on short-term debt; the legacy of infamous CEO Dick Fuld.²⁸ Many other financial institutions share the same fate or are bailed out or taken over by rivals.
200...