RIMS Membership Has a Say in COSO’s New ERM Framework

When Risk & Insurance Management Society (RIMS) members use the new ERM framework published Sept. 6 by the Committee of Sponsoring Organizations of theTreadway Commission (COSO), they may recognize their own ideas prominently displayed. Carol Fox, RIMS vice president of strategic initiatives announced the call for public comment on Risk Management Monitor in June 2016. She said feedback from the industry, and particularly RIMS members, is reflected in COSO’s ERM Framework: Integrating with Strategy and Performance.

“RIMS members took advantage of the unique opportunity to influence one of the industry’s major guidance documents. For several weeks, members collaborated and drafted a response, which was publicly available through the end of last year,” said Fox, who participated on the project’s advisory council. “We were very appreciative that COSO reached out to RIMS and other professional associations, whose input strengthened the content, ideas and approaches featured in Integrating with Strategy and Performance.

A summary of the public comment feedback includes:

  • More than 200 responses–double that of the internal control update
  • Over 70% of responses from individuals
  • Over 50% of participation outside of North America
  • Almost 50% had affiliations beyond COSO memberships
  • Almost 50% of respondents had 10 or more years of risk management experience
  • Positive ratings outnumbered negative ratings by 4.5 to 1

The new publication serves as an update to 2004’s Enterprise Risk Management – Integrated Framework, which is internationally regarded as the standard for applied risk management frameworks. Developed by PwC under the direction of the COSO Board, its simple, five-component structure considers various viewpoints and operating structures while highlighting the importance of enterprise risk management in strategic planning. It also emphasizes embedding ERM throughout an organization, as risk influences strategy and performance throughout the organization.

“The complexity of risk has changed, new risks have emerged, and both boards and executives have enhanced their awareness and oversight of enterprise risk management while asking for improved risk reporting,” said COSO Chair Robert B. Hirth Jr. “Our overall goal is to continue to encourage a risk-conscious culture.”

Enterprise Risk Management: Integrating with Strategy and Performance is available in printed form, e-book, on-line subscription and pdf licensing for large organizations, accounting and consulting firms. Additionally, COSO is planning for the framework to be translated into several languages, including Chinese, Japanese, Spanish and French.

Visit www.coso.org for purchase information and for a link to the framework’s executive summary.

The ERM Value Connection

Research has shown that enterprise risk management (ERM) adds value. One research paper showed that ERM adds to the value metric called Tobin’s Q. Other award-winning research has shown that ERM enables better decision making. The authors of that research state:

“Specifically, as companies implement an ERM process, the new knowledge it provides them about objectives, risks, oversight, information and communication, and the internal environment leads to enhanced management, as evidenced by increased management consensus, better-informed decisions, better communication with management regarding risk taking, and increased management accountability. This enhanced management, in turn, leads to improved performance.”

ERM and Reputation
As an extension, it would make sense that there would be some impact on reputation risk if a company does ERM well, is sophisticated at ERM, and has developed a mature process. While this common sense may prevail, empirical data and testing is lacking. This is primarily because measuring both ERM and reputation risk is not so easy. But the questions remain:

  • Is there a relationship between ERM effectiveness and reputation?
  • Furthermore, does this relationship show up in performance metrics?

While we cannot answer these questions here, we can explore some simple relationships and at least gain a few insights. Admittedly, reputation risk and ERM are still young disciplines and more data is needed to explore these and other questions. Any attempt to answer these questions with current data carries some caveats. First, this is complicated data from nonfinancial firms and all data was before the year 2014. Second, these are simplistic looks at the data as split into the upper and lower percentiles (split at 50%). Third, the information discussed below reveals levels that have not been tested for statistical significance. In spite of these, let’s examine what may be obvious to some business risk experts.

What data reveals about ERM and Reputation Level
The big question might be, “Do we see higher reputation levels associated with better ERM?” The answer is not yet (at least in this data at this point in time). Companies in the sample with lower reputation scores have higher ERM effectiveness scores than companies with higher reputation scores.

Other Explanations
A good researcher knows to develop the theory first and also to consider alternative explanations. It is wise to follow that process. For example, in this sample companies with greater reputation are bigger than the lower tier reputation companies. It might be true that larger companies have more difficulty building a more mature ERM capable company because they are so large and spread around the globe. It could also be true that smaller companies are over confident in the ERM processes. Either theory (and others) could explain why the high ERM and high reputation levels do not match up. This testing is left for future research.

The Volatility Theory
An alternative theory (what academics explore and test) is that the level of reputation is not what’s important because the company already had their long-standing (developed over many years) reputation when they established ERM. Instead, it might be true today that the real reputation value of ERM is that it helps manage the volatility around reputation because the company is better prepared, sees the reputation risk, correlated risks, helps get the companies ahead of the risk events, and helps them understand how these events might play out and impact the organization’s reputation.

Examining the data shows that the answer on volatility is that this could be true. The data show that at set reputation levels (meaning when the data is split on high and low reputation volatility levels), better ERM leads to lower volatility in reputation at both levels and that is probably a very good thing for most organizations. It appears that ERM does have an impact on reputation but the impact is likely on reputation volatility.

Prior research shows ERM adds value and helps improve decision making. With further testing, future research may be able to confirm another obvious truth, that better ERM improves reputation. But it may be doing so in a surprising way via reduced volatility of reputation.

Combating Risks to the Electric Grid

Electricity is the foundation of society, making the electric grid one of our most critical infrastructures. It is also one of the most vulnerable, and is subject to a number of variables, according to, Lights Out: The risks of climate and natural disaster-related disruption to the electric grid, a study by students of Johns Hopkins University’s School of Advanced International Studies, funded by Swiss Re.

According to the report, in recent years there has been a trend of more natural disasters globally, with 191 natural catastrophes in 2016 and a 24% increase from the level in 2007. In the United States, 43 natural catastrophes caused huge property losses in 2016, almost double those of 2007.

Lights Out focuses on the Pacific Northwest, which is an “illustrative case study in climate and natural disaster related electric grid disruption. The region is prone not only to high-frequency, low-intensity natural disasters such as droughts and flooding, but also at risk of catastrophes like the Cascadian Subduction Zone (CSZ) event, an earthquake-tsunami combination that is expected to devastate the coastline from northern California to southern British Columbia,” according to the report.

As climate change alters the seasonality of water runoffs in the Pacific Northwest, the study found that electricity generation and the operation and maintenance of hydroelectric dams face greater challenges. What’s more, different parts of the grid are vulnerable to different perils. For example, above-ground lines are vulnerable to weather events, while underground lines are susceptible to earthquakes. In Oregon, for example:

More than 50% of substations would be damaged beyond repair in the event of a magnitude 9.0 earthquake. In addition, the vulnerability of the electric grid is highly interdependent with other critical infrastructure systems, including roads, water and sewage treatment, and natural gas pipelines. In the event of a major earthquake, damage to road networks can make it impossible to repair transmission and distribution lines, thereby preventing the restoration of all other electricity-dependent lifeline services (water, sewage, telecommunications).

The costs of outages for construction and restoration of the grid are estimated to be 1.59 times higher in highly populated locations versus flat land areas with fewer inhabitants. Costs are also higher when infrastructures such as emergency roads are destroyed, which would slow down repairs to roads, in turn delaying restoration of electric power and impacting telecommunications, water and sewage services.

There may be long-term financial implications as well, as entire communities would be impacted, leading to a possible migration of residents to areas not effected by the disaster. Following Hurricane Katrina in 2005, for example, the population of New Orleans dropped dramatically, and 10 years later, had only returned to 90% of its pre- 2005 levels.

Total population of New Orleans 2000-2015; Hurricane Katrina hit New Orleans in 2005:

With the increase in natural disasters, the recent destruction caused by Hurricane Katrina and Superstorm Sandy as well as the prospect of a magnitude 9.0 Cascadia earthquake, “It is imperative that public and private sector entities explore potential solutions for combating and mitigating damage to the electrical grid and disruption from power outages.” The report urged utilities to increase the resilience of their systems in a number of ways, beginning with conducting utility vulnerability assessments to identify vulnerable infrastructure and develop resilience plans. While many utilities have taken the initial step of identifying the resilience and mitigation strategies that they intend to implement, their implementations after these assessments vary widely by utility.

Utilities have several options for hardening the resilience of their systems, depending on the specific types of natural hazards they face. For example, checking poles for rot and moving infrastructure out of flood zones and landslide-prone areas helps to maintain distribution and transmission infrastructures, keeping them from going down in regions with heavy rainfall and flood risk. Pruning trees to protect wires from falling branches is also important in regions experiencing higher intensity storms, according to the report.

Highlighted trends:

  • Climate change is causing more severe and frequent natural disasters, meaning power systems face increased strain from catastrophes.
  • The interdependence of systems creates further complications: if the electric grid is down for an extended period, collateral effects can lead to disruptions in other services such as water, sewage and telecommunications.
  • The economic implications are challenging governments and energy providers. Not only do they require pre-disaster financing provided by insurance, they must address how to make their systems more resilient to future flooding, droughts and earthquakes.

GM Halts Venezuela Operations Following Plant Seizure

General Motors has ended its operations in Venezuela after authorities in the strife-torn country seized the company’s plant there on Wednesday.

In a statement Thursday, General Motors said that assets, including vehicles, were also seized from the plant as it was taken over by Venezuelan officials while demonstrations surged throughout the country. The company said in a statement that the facility was taken without due process and that it intends to defend its interests.

General Motors has about 2,700 workers and 79 dealers employ 3,900 in Venezuela, according to the Detroit News, which added that “GM’s Venezuelan operations have been a drag on earnings for several years.” Last year the company lost $400 million before taxes in South America, which accounted for roughly 6% of global sales at 583,000 vehicles. GM also took a $720 million charge in the second quarter of 2015 for currency devaluation and asset valuation write-downs as Venezuela’s economy crumbled.

Losses such as the plant and possibly even including the currency hits may or may not be covered by political risk insurance. The challenge in securing such coverage is in accurately predicting when and where it might be needed—companies cannot wait until a threat emerges before securing cover, which is likened to attempting to buy home insurance after your house has caught fire. GM did not immediately respond to an inquiry asking whether the plant was insured for misappropriation.

In its statement, GM said workers at the seized plant would get separation benefits if the government allows such. The statement added that dealers in Venezuela will continue to service vehicles and provide parts.

In its “Credit and Political Risk Insurance Report & Market Update, January 2017,” insurance broker Arthur J. Gallagher ranked Venezuela as one of the world’s riskiest nations, describing the county’s risk potential as “very high,” ranking it just above Libya.

Indeed, this is not the first instance of Venezuela’s government appropriating private assets amid rising nationalist sentiments and domestic unrest. “It fits a broader pattern, in the sense that the government’s response to surges in opposition activity tends to be the deepening of the revolution,” Phil Gunson, a Venezuela-based analyst for the International Crisis Group, told The Washington Post.

Opposition forces on Thursday called for further mass protests against the government. Venezuela has been in crises as forces opposing the government of President Nicolas Maduro accuse the hand-picked successor of populist leader Hugo Chavez of running a dictatorship. Runaway inflation and shortages of food, fuel and goods have stoked nationwide protests that killed three on Wednesday, including a 17-year-old male and a National Guard sergeant.

The fuel shortages are especially ironic given that Venezuela holds the world’s largest proven oil reserves with 298.4 billion barrels, topping Saudi Arabia’s 268.3 billion barrels of reserves, according to 2015 figures from the U.S. Energy Information Agency.