Bryan’s Blog: Thoughts on Enterprise Risk Management Conference This Week

Hi Everyone, Attended the Institute of Actuaries of Australia conference on Enterprise Risk Management in Sydney this week. A well run event with some very good speakers.  The first speaker, Craig Dunn, CEO of AMP provided one of the best insights into ERM from a CEO I have had the pleasure to hear.

Some of the key points Craig made included:

  • Recognition that over measurement of risk was as bad as no measurement.
  • Facing up to the fact that some people think of risk as a bad thing. He was determined to turn his staff around on this and set them the challenge of making sound choices around appropriate risk taking.
  • The challenge of defining risk appetite.

This last dot point was most interesting to me given my last newsletter covered my views on the topic. Craig explained how they handled risk appetite at AMP which is to:

  • Describe it simply in terms of the extent the organisation was willing to allow profit to vary for any given period – I believe he was indicating that during times of great economic uncertainty the tolerance would need to be greater as it would be harder to predict, whereas in good times there should be no excuses.
  • Once this was established they then drove the risk appetite down through the organisation by requiring business units to set their risk appetites based on profit.
  • Even more importantly they said to business units that “risk is a scarce resource”.   Hence you may or may not be able to put at risk the amount of profit you are indicating.   We will need to weigh up your request with the other business units.

From my point of view this was an excellent approach and follows my methodologies for risk being measured financially. However, I also include other areas such as reputation. By including reputation you are able to provide another measure that will allow for longer term decision making. With a strict profit model for the annual budget, management can be extremely short sighted and make decisions that ultimately damage reputation and cost in the long run.

Another excellent observation by Craig was his view that the test of a good ERM program was whether or not people were making decisions because of it. I could not agree more. If people are not making risk-based decisions while considering the defined risk appetite, an ERM program is not functioning very well at all.

Net result is I gave Craig and his risk team at AMP an 8 or even 9 out of ten for talking the right talk. Without getting in and hearing the conversations and seeing the reporting in action I can’t be certain how well things are working, however, if I were a betting man I would say that it is working pretty well.