5 benefits of an integrated risk management program

By Neil Amato

Risks facing companies can come from anywhere—currency-fluctuation risk related to the U.K.’s decision to leave the European Union is a recent example—which is why enhancing enterprise risk management (ERM) efforts is a popular topic among boards and the C-suite.

Here are five benefits of an integrated ERM program from the proposed framework released by the Committee of Sponsoring Organizations of the Treadway Commission (COSO):

Increase the range of opportunities. By considering all possibilities—both positive and negative aspects of risk—management can identify new opportunities and challenges associated with current opportunities. “Take the extra five minutes as you make a decision,” COSO Chair Bob Hirth said. “Ask, ‘What have we missed here? What have we left out? Is there some unintended consequence?’ As you have that discussion, you end up confirming your decision, or you say, ‘Wow, I didn’t realize we could look at it that way.’ This richer discussion gets you more possible opportunities.”

Identify and manage risk entitywide. Risks can affect many parts of an organization. Sometimes, a risk can emanate from one part of the business but have an effect on another part. As a result, management identifies and manages these entitywide risks to sustain and improve performance. The framework document cites the example of a bank that developed a system in response to trading risks it faced. The system combined internal transaction and market information with external information to provide an aggregate view of risks and allow the bank to quantify relative risks.

Reduce negative surprises and increase gains. ERM allows organizations to improve their ability to identify risks and establish appropriate responses, reducing surprises and related financial loss, and allowing them to profit from advantageous developments. “If you have richer discussions about alternatives and unintended consequences, bad things aren’t just going to stop, but over time, you will be less surprised,” Hirth said. For example, a manufacturing company setting delivery schedules realized that not all delays in highway traffic can be avoided, but it developed alternate routes and protocols to alert clients about potential delays.

Reduce performance variability. The challenge for some entities has less to do with surprises and more to do with variability in performance. For example, a public transportation system can aim for better on-time performance, but having buses and trains go from running 10 minutes late to 10 minutes early is too wide a swing in performance. Hirth said that having an integrated ERM program means doing a better job of judging performance on more than one target.

Improve resource deployment. Having a wealth of information on risk allows businesses to assess overall resource needs and enhance resource allocation. For example, a thorough risk assessment of a gas distribution company’s infrastructure enabled the organization to decide what parts were so old that they needed replacing and what parts could function a few more years with repairs. Having a greater focus on resources makes those resources—time, money, and people—more efficient, Hirth said.

COSO released its proposed framework on enterprise risk management in mid-June, and public comment is open until Sept. 30. Specifics of the framework update, Enterprise Risk Management: Aligning Risk With Strategy and Performance, could change as a result of feedback from stakeholders. COSO is a committee of five sponsoring organizations, including the AICPA. Comments on the exposure draft can be made by visiting coso.org.

Neil Amato (namato@aicpa.org) is a JofA senior editor.


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.