Enterprise Risk Management Example in Banking Toronto-headquartered TD Bank organizes its risk management around two pillars: a risk management framework and risk appetite statement. The enterprise risk framework defines the risks the bank faces and lays out risk management practices to identify, assess, and control risk. The risk appetite statement outlines the bank's willingness to take on risk to achieve its growth objectives. Both pillars are overseen by the risk committee of the company's board of directors. Risk management frameworks were an important part of the International Organization for Standardization's 31000 standard when it was first written in 2009 and have been updated since then. The standards provide universal guidelines for risk management programs. Risk management frameworks also resulted from the efforts of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The group was formed to fight corporate fraud and included risk management as a dimension. Once TD completes the ERM framework, the bank moves onto the risk appetite statement. The bank, which built a large U.S. presence through major acquisitions, determined that it will only take on risks that meet the following three criteria: The risk fits the company's strategy, and TD can understand and manage those risks. The risk does not render the bank vulnerable to significant loss from a single risk. The risk does not expose the company to potential harm to its brand and reputation. Some of the major risks the bank faces include strategic risk, credit risk, market risk, liquidity risk, operational risk, insurance risk, capital adequacy risk, regulator risk, and reputation risk. Managers detail these categories in a risk inventory. The risk framework and appetite statement, which are tracked on a dashboard against metrics such as capital adequacy and credit risk, are reviewed annually. TD uses a three lines of defense (3LOD) strategy, an approach widely favored by ERM experts, to guard against risk. The three lines are as follows: A business unit and corporate policies that create controls, as well as manage and monitor risk Standards and governance that provide oversight and review of risks and compliance with the risk appetite and framework Internal audits that provide independent checks and verification that risk-management procedures are effective Source : https://www.smartsheet.com/content/enterprise-risk-management-examples

Question 1  

All organizations need to implement the best possible framework for optimizing strategy and performance. With this in mind, discuss the benefits of Enterprise Risk Management (ERM).

Question 2  

Discuss how an audit committee would have to test the effectiveness of the risk management arrangements in place.        

Question 3 

Process risk relates to the objectives of a business that are not met due to the process designed by the business failing to support the business model. Discuss the characteristics or variables which contribute to the failure of a business designed process (process risk) 

Question 4 

Provide six (6) examples of process risk and explain how they affect business operations. 

Question 5

Discuss the five (5) biases which people have when investing. Outline how these biases impact investment decision-making and portfolio management.