Educators the world over seeking to make the management of risk an integral part of management degrees have had great difficulties in providing their students with a definitive ERM text for their course. The Standards and associated Handbooks helped, but until the arrival of Implementing Enterprise Risk Management: Case Stud- ies and Best Practices, there has been no text to enlighten students on the application of an effective program to manage risk across an enterprise so that objectives are maximized and threats minimized. Fraser, Simkins, and Narvaez have combined with a group of contributors that represent the cream of risk practitioners, to pro- vide the reader with a clear and concise journey through the management of risk within a wide range of organizations and industries. The knowledge, skills, and experience in the management of risk contained within the covers of this book are second to none. It will provide a much needed resource to students and practition- ers for many years to come and should become a well-used reference on the desk of every manager of risk.”
—Kevin W. Knight AM, chairman, ISO/TC 262—Risk Management
“The authors—Fraser, Simkins, and Narvaez—have done an invaluable service to advance the science of enterprise risk management by collecting an extensive num- ber of wonderful case studies that describe innovative risk management practices in a diverse set of companies around the world. This book should be an extremely valuable source of knowledge for anyone interested in the emerging and evolving field of risk management.”
—Robert S. Kaplan, senior fellow, Marvin Bower Professor of Leadership Development, emeritus, Harvard University
“Lessons learned from case studies and best practices represent an efficient way to gain practical insights on the implementation of ERM. Implementing Enterprise Risk Management provides such insights from a robust collection of ERM pro- grams across public companies and private organizations. I commend the editors and contributors for making a significant contribution to ERM by sharing their experiences.”
—James Lam, president, James Lam & Associates; director and Risk Oversight Committee chairman, E∗TRADE Financial Corporation;
author, Enterprise Risk Management—From Incentives to Controls
“For those who still think that enterprise risk management is just a fad, the varied examples of practical value-generating uses contained in this book should dispel any doubt that the discipline is here to stay! The broad collection of practices is insightful for students, academics, and executives, as well as seasoned risk man- agement professionals.”
—Carol Fox, ARM, director of Strategic and Enterprise Risk Practice, RIMS
“Managing risk across the enterprise is the new frontier of business management. Doing so effectively, in my view, will be the single most important differentiating factor for many enterprises in the twenty-first century. Implementing Enterprise Risk Management: Case Studies and Best Practices is an innovative and important addition to the literature and contains a wealth of insight in this critical area. This book’s integration of theory with hands-on, real-world lessons in managing enterprise risk provides an opportunity for its readers to gain insight and understanding that could otherwise be acquired only through many years of hard-earned experience.
I highly recommend this book for use by executives, line managers, risk managers, and business students alike.”
—Douglas F. Prawitt, professor of Accounting at Brigham Young University, and Committee of Sponsoring Organizations (COSO)
Executive Board member
“The real beauty of and value in this book is its case study focus and the wide variety of firms profiled and writers’ perspectives shared. This will provide readers with a wealth of details and views that will help them chart an ERM journey of their own that is more likely to fit the specific and typically customized ERM needs of the firms for whom they toil.”
—Chris Mandel, senior vice president, Strategic Solutions for Sedgwick; former president of the Risk Management Society
and the 2004 Risk Manager of the Year
“Implementing Enterprise Risk Management looks at many industries through excel- lent case studies, providing a real-world base for its recommendations and an important reminder that ERM is valuable in many industries. I highly recommend this text.”
—Russell Walker, Clinical associate professor, Kellogg School of Management; author of Winning with Risk Management
“The body of knowledge in Implementing Enterprise Risk Management continues to develop as business educators and leaders confront a complex and rapidly chang- ing environment. This book provides a valuable resource for academics and prac- titioners in this dynamic area.”
—Mark L. Frigo, director, Strategic Risk Management Lab, Kellstadt Graduate School of Business, DePaul University
“The management of enterprise risk is one of the most vexatious problems con- fronting boards and executives worldwide. This is why this latest book by Fraser, Simkins, and Narvaez is a much needed and highly refreshing approach to the sub- ject. The editors have managed to assemble an impressive list of contributors who, through a series of fascinating real-life case studies, adroitly help educate readers to better understand and deal with the myriad of risks that can assault, seriously maim, and/or kill an organization. This is a ‘how to’ book written with the ‘risk management problem solver’ in mind. It provides the link that has been missing for effectively teaching ERM at the university and executive education levels and it is an exceptional achievement by true risk management advocates.”
—Dr. Chris Bart, FCPA, founder and lead faculty, The Directors College of Canada
“The Institute of Risk Management welcomes the publication of this highly practi- cal text which should be of great interest to our students and members around the world. Implementing Enterprise Risk Management brings together a fine collection of detailed case studies from organizations of varying sizes and working in differ- ent sectors, all seeking to enhance their business performance by managing their risks more effectively, from the boardroom to the shop floor. This book makes a valuable contribution to the body of knowledge of what works that will benefit the development of the risk profession.”
—Carolyn Williams, technical director, Institute of Risk Management
IMPLEMENTING ENTERPRISE RISK MANAGEMENT
The Robert W. Kolb Series in Finance provides a comprehensive view of the field of finance in all of its variety and complexity. The series is projected to include approximately 65 volumes covering all major topics and specializations in finance, ranging from investments, to corporate finance, to financial institutions. Each vol- ume in the Kolb Series in Finance consists of new articles especially written for the volume.
Each volume is edited by a specialist in a particular area of finance, who develops the volume outline and commissions articles by the world’s experts in that partic- ular field of finance. Each volume includes an editor’s introduction and approx- imately thirty articles to fully describe the current state of financial research and practice in a particular area of finance.
The essays in each volume are intended for practicing finance professionals, grad- uate students, and advanced undergraduate students. The goal of each volume is to encapsulate the current state of knowledge in a particular area of finance so that the reader can quickly achieve a mastery of that special area of finance.
IMPLEMENTING ENTERPRISE RISK MANAGEMENT
Case Studies and Best Practices
John R.S. Fraser Betty J. Simkins Kristina Narvaez
The Robert W. Kolb Series in Finance
Cover Design: Wiley Cover Image: © iStock.com/clauiad
Copyright © 2015 by John R.S. Fraser, Betty J. Simkins, Kristina Narvaev. All rights reserved.
Published by John Wiley & Sons, Inc., Hoboken, New Jersey. Published simultaneously in Canada.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.
For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Cataloging-in-Publication Data:
ISBN 978-1-118-69196-0 (Hardcover) ISBN 978-1-118-74576-2 (ePDF) ISBN 978-1-118-74618-9 (ePub)
Printed in the United States of America. 10 9 8 7 6 5 4 3 2 1
To Wendy, my wonderful wife and my inspiration, and to my parents who instilled in me a lifelong thirst for learning.
To my husband (Russell) and our family: sons and daughters- in-law (Luke & Stephanie and Walt & Lauren), daughter and son-in-law (Susan & Jason), and our youngest daughter (April). Thank you for your love, support, and encouragement!
I would like to thank my husband and four children for support- ing me on my journey of writing two chapters and co-editing this book. I would also like to thank the Risk and Insurance Manage- ment Society for supporting me during my educational years and providing great workshops and conferences on enterprise risk management.
1 Enterprise Risk Management Case Studies: An Introduction and Overview 1 John R.S. Fraser, Betty J. Simkins, and Kristina Narvaez
PART I Overview and Insights for Teaching ERM 17
2 An Innovative Method to Teaching Enterprise Risk Management: A Learner-Centered Teaching Approach 19 David R. Lange and Betty J. Simkins
PART II ERM Implementation at Leading Organizations 37
3 ERM at Mars, Incorporated: ERM for Strategy and Operations 39 Larry Warner
4 Value and Risk: Enterprise Risk Management at Statoil 59 Alf Alviniussen and Håkan Jankensgård
5 ERM in Practice at the University of California Health System 75 Grace Crickette
6 Strategic Risk Management at the LEGO Group: Integrating Strategy and Risk Management 93 Mark L. Frigo and Hans Læssøe
7 Turning the Organizational Pyramid Upside Down: Ten Years of Evolution in Enterprise Risk Management at United Grain Growers 107 John Bugalla
8 Housing Association Case Study of ERM in a Changing Marketplace 119 John Hargreaves
9 Lessons from the Academy: ERM Implementation in the University Setting 143 Anne E. Lundquist
10 Developing Accountability in Risk Management: The British Columbia Lottery Corporation Case Study 179 Jacquetta C. M. Goy
11 Starting from Scratch: The Evolution of ERM at the Workers’ Compensation Fund 207 Dan M. Hair
12 Measuring Performance at Intuit: A Value-Added Component in ERM Programs 227 Janet Nasburg
13 TD Bank’s Approach to an Enterprise Risk Management Program 241 Paul Cunha and Kristina Narvaez
PART III Linking ERM to Strategy and Strategic Risk Management 251
14 A Strategic Approach to Enterprise Risk Management at Zurich Insurance Group 253 Linda Conrad and Kristina Narvaez
15 Embedding ERM into Strategic Planning at the City of Edmonton 281 Ken Baker
16 Leveraging ERM to Practice Strategic Risk Management 305 John Bugalla and James Kallman
PART IV Specialized Aspects of Risk Management 319
17 Developing a Strategic Risk Plan for the Hope City Police Service 321 Andrew Graham
18 Blue Wood Chocolates 335 Stephen McPhie and Rick Nason
19 Kilgore Custom Milling 363 Rick Nason and Stephen McPhie
20 Implementing Risk Management within Middle Eastern Oil and Gas Companies 377 Alexander Larsen
21 The Role of Root Cause Analysis in Public Safety ERM Programs 397 Andrew Bent
22 JAA Inc.—A Case Study in Creating Value from Uncertainty: Best Practices in Managing Risk 427 Julian du Plessis, Arnold Schanfield, and Alpaslan Menevse
23 Control Complacency: Rogue Trading at Société Générale 461 Steve Lindo
24 The Role of VaR in Enterprise Risk Management: Calculating Value at Risk for Portfolios Held by the Vane Mallory Investment Bank 489 Allissa A. Lee and Betty J. Simkins
25 Uses of Efficient Frontier Analysis in Strategic Risk Management: A Technical Examination 501 Ward Ching and Loren Nickel
PART V Mini-Cases on ERM and Risk 523
26 Bim Consultants Inc. 525 John R.S. Fraser
27 Nerds Galore 529 Rob Quail
28 The Reluctant General Counsel 535 Norman D. Marks
29 Transforming Risk Management at Akawini Copper 539 Grant Purdy
30 Alleged Corruption at Chessfield: Corporate Governance and the Risk Oversight Role of the Board of Directors 547 Richard Leblanc
31 Operational Risk Management Case Study: Bon Boulangerie 555 Diana Del Bel Belluz
PART VI Other Case Studies 559
32 Constructive Dialogue and ERM: Lessons from the Financial Crisis 561 Thomas H. Stanton
33 Challenges and Obstacles of ERM Implementation in Poland 577 Zbigniew Krysiak and Sl̄awomir Pijanowski
34 Turning Crisis into Opportunity: Building an ERM Program at General Motors 607 Marc S. Robinson, Lisa M. Smith, and Brian D. Thelen
35 ERM at Malaysia’s Media Company Astro: Quickly Implementing ERM and Using It to Assess the Risk-Adjusted Performance of a Portfolio of Acquired Foreign Companies 623 Patrick Adam K. Abdullah and Ghislain Giroux Dufort
About the Editors 649
Enterprise Risk Management is an evolving discipline focused on a com-plex and still imperfectly-understood subject. In such a situation, science isadvanced best by collecting data from multiple, independent sites. A rich set of observations educates the field’s scholars and practitioners and provides the foundation for them to develop descriptive and normative theories as well as cod- ified best practices about the subject.
The authors—Fraser, Simkins, and Narvaez—have done an invaluable service to advance the science of enterprise risk management by collecting an extensive number of wonderful case studies that describe innovative risk management prac- tices in a diverse set of companies around the world. This book should be an extremely valuable source of knowledge for anyone interested in the emerging and evolving field of risk management. We should be grateful to the editors and to each chapter author for expanding the body of knowledge for risk management professionals and academics.
Robert S. Kaplan Senior Fellow, Marvin Bower Professor of Leadership Development, Emeritus
Enterprise Risk Management Case Studies An Introduction and Overview
JOHN R.S. FRASER Senior Vice President, Internal Audit, and former Chief Risk Officer, Hydro One Networks Inc.
BETTY J. SIMKINS Williams Companies Chair of Business and Professor of Finance, Oklahoma State University
KRISTINA NARVAEZ President and Owner of ERM Strategies, LLC
Businesses, business schools, regulators, and the public are now scrambling to catch up with the emerging field of enterprise risk management.
—Robert Kaplan (quote from Foreword in Fraser and Simkins, 2010)
Most executives with MBA degrees were not taught ERM. In fact, there are only a few universities that teach ERM. So some business school graduates are strong in finance, marketing, and management theory, but they are limited in terms of critical thinking, business acumen, and risk analysis skills.