Risk Management Committee
A risk management committee comprises people who are responsible for developing and supervising the risk management programme in an organisation. This committee is mainly responsible for carrying out the following functions:
- Knowing the level of organisation’s exposure to market risks
- Creating the risk control programme
- Developing a strategy for funding risks
Table of Content
Risk management committees are basically useful for non-profit organisations or for those organisations that have limited budget. A non-profit organisation should look for the risk management committees that have people with expertise and in-depth knowledge to deal with risks. Big non-profit organisations take the services of risk managers for activities that include:
- Mitigating the impact of loss
- Reporting claims
- Purchasing group insurance
- Executing safety programmes
Risk management committees prove to be the most cost-effective bodies in supporting the risk management needs of an organisation. Risk management committees can operate as either an organisation’s department or a separate strategic partner of the organisation.
While forming the committee, creative problem-solving technique and unique perspective towards risk should be kept in mind.
The various responsibilities of risk management committees are as follows:
- Reviewing risk management policy, strategy, implementation plan and risk appetite
- In-depth analysis and judgements of potential risks
- Improvising the organisation’s capability to absorb the impact of risks
- Enhancing the ability of the organisation to recover from the financial and operational losses with the help of risk identification and mitigation policies
- Carrying out internal audit for tracking the performance of risk management programme
Audit Committee in Risk Management
An audit committee consists of a specific number of members who assist an organisation’s board of directors in managing risks. Though such auditors are directly related to the organisation, they perform independently of the management.
According to the Audit Committee Charter, the Audit Committee (“Committee”) shall assist the Board of Directors (the “Board”) in the oversight of (1) the integrity of the financial statements of the Company, (2) the effectiveness of the internal control over financial reporting, (3) the independent registered public accounting firm’s qualifications and independence,
(4) the performance of the Company’s internal audit function and independent registered public accounting firms, and (5) the Company’s compliance with legal and regulatory requirements, (6) the effectiveness of the Company’s enterprise risk management program, and (7) the performance of the Company’s compliance function.
Today, ERM has become one of the most important tools of audit committees as it covers all the organisation’s perspectives on risk. It offers numerous benefits by implementing the following steps:
- Improve internal control: For the success of an organisation, internal control plays a key role. It means that if the roles of the employees are properly defined, it helps in increasing the process efficiency and reduces wastage of time, money and effort.
- Improve financial management: One of the key concern areas for audit committee is to improve the financial management and its reporting to the organisation. It helps in knowing the creditworthiness of the competitors as well as the current market position of the organisation.
- Clarify roles of board of directors: Board of directors are considered responsible for carrying out audit work. However, if the duties and responsibilities are not assigned properly, it increases the risk of unsatisfactory and incomplete task. An audit committee helps in explaining the responsibility of each member on the board clearly.
- Understand the value of audit expenses: The process of audit is often considered an expensive and unnecessary activity.
However, when an audit committee actively works with the organisation, it helps in identification of various risks at early stages only. This ultimately helps the organisation in maintaining its profitability in the long run.
Council in Risk Management
According to the mission and purpose of International Risk Governance Council (IRGC), IRGC is an independent non-profit organisation, based at École Polytechnique Fédérale de Lausanne (EPFL) in Lausanne, Switzerland. IRGC works to improve the understanding, management and governance of emerging systemic risks that may have significant adverse consequences on human health, environment, economy and society.
RGC is involved in activities such as risk governing, increasing awareness about key risks and recommending shareholders about risk governance policies.
IRGC is an international independent body that was established after experiencing regulatory and risk management failures in the year 1990. It was established by Swiss Federal Assembly and aimed at bridging the gaps between science, technological upgradation, decision makers and public.
As per IRGC, in June 2012, the IRGC Secretariat moved its offices from Geneva to the École Polytechnique Fédérale de Lausanne (EPFL) in Lausanne, Switzerland. IRGC signed a formal collaboration agreement with EPFL that came into effect on January 1, 2013, according to which EPFL will support IRGC’s mission and activities.
According to IRGC, as a non-profit organisation, IRGC receives funding from both public and private sources.
IRGC’s sponsors and partners include:
- Swiss State Secretariat for Education and Research (Switzerland)
- École Polytechnique Fédérale de Lausanne, Lausanne (Switzerland)
- Swiss Re (Switzerland)
- Oliver Wyman (USA)
- Center for Strategic Futures (Singapore)
- Treasury Board Secretariat (Canada)
An effective risk process depends on team work, open communication, and strong and effective actions and solutions. Risk champions are the ones who possess the qualities of coordinating effectively in a team, communicating effectually and thinking logically.
All these qualities enable them to deal with any risk situation with much ease and effectiveness. It is not necessary for them to be an expert in risk management, but their ability to coordinate with the team and fundamental knowledge about risks makes them champions.
According to National Treasury (Republic of South Africa), a risk champion can be defined as a person who by virtue of his/her expertise or authority champions a particular aspect of the risk management process, but who is not the risk owner.
Risk champions help in assisting the risk management process in various areas of management. However, the main responsibility of a risk champion is to illustrate an organisation about how risk management could help it in achieving its objectives and improving its position in the market by analysing threat from competitors, market risk, etc.
According to National Treasury (Republic of South Africa), a risk champion is a person with the skills, knowledge, leadership qualities and power of office required to champion a particular aspect of risk management.
It is the responsibility of the risk champion to identify the instances where the risk management efforts are being hindered in an organisation. Lack of co-operation by the management and lack of institutional skills and expertise are some reasons that may hinder the possibility of risk identification in an organisation. A risk champion not only identifies these reasons but also tries to lessen the chance for the occurrence of such instances.
Apart from this, a risk champion also provides guidance and support to manage potential risks that require a multiple-participant approach. Therefore, the risk champion also adds value to the risk management process.
Risk champions often act as change agents in a risk management process. However, they are different from risk owners and facilitate resolution of risk-related problems. A risk owner, on the other hand, is any individual who manages, monitors and controls an identified risk. The risk champions only help the risk owners in resolving problems.
In order to be effective, risk champions need to possess the following:
- Thorough knowledge of risk management concepts and processes
- Knowledge of activities that could support in integrated risk management
- Good analytical skills to identify the root cause of the risk problems
- Strong leadership and motivational skills
- Effective communication skills