Enterprise Risk Management (ERM)
Everyone in an organization has some responsibility in managing risk across the organization, not just the chief risk officer. Shareholders, rating agencies, and regulators and policy makers request that companies involve their top management and even their boards. However, the right structural and organizational choices, the description of roles and responsibilities, as well as the appropriate definitions of organizational units and reporting lines, are critical to ensuring robust and effective enterprise-risk management. We help clients define overall governance as well as the organization of the relevant risk, finance, and other control functions, and determine how they should interact with one another and other parts of the organization.
Risk Transparency and Culture
Many risk-management activities at the enterprise level are influenced by various types of pressure. Some are external, such as compliance or regulatory changes, for example. Sometimes, unfortunate events in one’s own company or in the industry prompt internal soul searching regarding whether existing risk-management approaches are adequate. In more and more cases, however, CEOs and business leaders take a more proactive stance, as their goal is to further develop risk-management capabilities (proactively based on their economic priorities and growing aspiration levels) into a true competitive advantage—ultimately improving business decisions and increasing the value of the company in a risk-conscious way.
We have worked with clients in many different industries, including finance, energy and basic materials, automotive, pharmaceuticals, infrastructure, logistics, and travel. We have also assisted public entities, as many of them are increasingly aiming to improve their enterprise-risk-management (ERM) capabilities. Our recent work includes supporting clients in targeted initiatives for upgrading ERM capabilities. Economic crises motivated our clients to work on stress testing and rapid-recovery programs. Natural or operational disasters resulted in the creation of effective crisis-response projects. Far-reaching regulatory and supervisory actions triggered work to articulate strategic risk appetite and strengthen internal-control frameworks.
Risk Ownership and Strategy
Companies should choose consciously what types and levels of risk to take and what to avoid and mitigate (“risk ownership”). We help clients gauge their unique strategic, financial, and operational circumstances in order to ensure that their risk choices are aligned with their strategy and with their financial and operational risk-taking capabilities (“risk strategy and risk appetite”), so that they can optimize the risk-return trade-off.
We support owners planning mega projects by developing business cases aligned with their long-term strategic objectives, by ensuring rapid and effective decision making through our proprietary tools, and by performing key analyses to monitor the progress, economics, and risk associated with projects.