VideoAs CFO of RWE npower, Volker Beckers is used to discussing risks at the UK energy company during presentations with analysts and investors. After all, in a sector being shaken up by major regulatory upheavals, price volatility and a host of other uncertainties, the company, which is part of Germany's RWE, faces plenty of risks. Fortunately for Beckers, RWEn has a group-wide risk management system that would turn other CFOs green with envy. Along with risk committees run at the group, divisional and business unit levels by finance executives like Beckers, the company's enterprise risk management (ERM) framework calls for thorough risk reporting and action schemes at its retail and other businesses, covering strategy, day-to-day operations and even gritty processes such as budgeting and planning.
But the best thing about the ERM system is that it also delivers tangible, bottom-line value to the company. At a road show in October, Beckers cited risk management — spanning technical areas such as integrated hedging through to credit-risk management — as one the "strong financial drivers" that underpinned 2006's double-digit growth revenue and operating results, and helped RWEn reach its target of 10% return on capital employed.
If more ERM programmes were like RWEn's, they wouldn't get such a bad rap. Despite several years of toiling over ERM projects — all aiming for the day-to-day, systematic identification, integration, and mitigation of strategic, financial and operational risks — many risk managers report that they're nowhere near where they want to be. Some programmes are still on the drawing board, while others are languishing half-complete or are working in only isolated parts of an organisation, defeating the all-encompassing aim of ERM. Even at many companies that believe they have full-blown ERM programmes in place, there's uncertainty about whether they're as good as they could be. Sergio Beretta, a professor of planning and control at Bocconi University in Milan, recalls how when he attended a conference on ERM, "I had the perception that in at least a couple of cases what they were describing was not a system that is working but a system they wanted to be working."
According to the preliminary findings of a survey of more than 100 companies in the US and Europe to be published by Deloitte later this year, most respondents — nearly 90% — cited "difficulty measuring and assessing risks" as the biggest challenge of ERM implementation. But two other oft-cited challenges were "insufficient understanding of the benefits" and "difficulty proving the business case," suggesting that CFOs such as RWEn's Beckers are in the minority when it comes to drawing a link between ERM and the bottom line.
How companies find that link — or whether they should even try — will be a matter for further debate as more risk management programmes mature, going beyond the box-ticking required under various European and US corporate governance codes.
New Ammunition
It's not just law makers and regulators who are exerting pressure to bolster ERM efforts. In 2005, Standard & Poor's, a ratings agency, introduced a set of criteria for its analysts to assess ERM at insurers. Last year, the agency made these criteria a standalone category in the ratings process, stating, "We expect ERM to be a competitive advantage for these insurers over time."
AM Best, another ratings agency, also has ERM on its radar, but its approach differs from S&P, says Edward Easop, vice president of rating criteria and rating relations. "They have a separate analytical team that meets with companies and assesses their risk management practices separately from assigning a rating on the company. We thought we really couldn't separate the two because how well a company does at risk management is going to be evident in how strong its balance sheet is, etc." But what is AM Best looking for? "We don't believe every company has to have exactly the same process," says Easop. "It will depend on products and scale, the strength of the management team and board, what the risk appetite of the company is, and so on."
Yet even with that increased attention from arbiters of corporate financial health, "there's a credibility issue about what it is that risk management is delivering to the bottom line," asserts Paul Hopkin, technical director of Airmic, the UK professional organisation of risk managers. And he believes CFOs are partly to blame. "In the minds of CFOs, many are thinking, 'Okay, I have to do this risk management,' but for compliance, not for business efficiency, or that ERM is costing them money and adding work."
That's why Airmic — along with Norwegian consultancy Det Norske Veritas — recently began a project to study ERM's influence on the bottom line, the first project of its kind, according to Hopkin. Around 20 companies are included in the project, each with ERM projects at least three years old and having some form of value analysis. The challenge of distilling ERM's value "has been ever present," he concedes, but he hopes the study "will give risk managers some ammunition when they go to their CFOs with ERM projects." Airmic expects to publish its findings early next year.
Reader Comments» Post a comment