An ERM Wake-up Call

The Risk and Insurance Management Society released a white paper this week that examines the role of Enterprise Risk Management in the current financial crisis.  The paper highlights a number of lessons learned that can be applied to companies in all industries, not just financial institutions.   Here is a summary of those lessons learned:

Ultimately, when we look for a cause of the current financial crisis, it is critical to remember that organizations failed to do a number of things:

a) truly adopt an enterprise risk management culture

b) embrace and demonstrate appropriate enterprise risk management behaviors, or attributes

c) develop and reward internal risk management competencies, and

d) use enterprise risk management to inform management decision-making in both taking and avoiding risks.

Enterprise risk management, when designed and implemented comprehensively and systemically, can change future outcomes. When it is practiced fully, enterprise risk management does not just help protect businesses from setbacks, it enables better overall business performance. With that in mind, and with so much economic uncertainty on the horizon, now is the perfect opportunity for organizations to use the many strengths of a solid enterprise risk management program to their advantage.

Wheelhouse Advisors is uniquely equipped to help companies implement a solid enterprise risk management program in a cost-effective way.  Visit www.WheelhouseAdvisors.com to learn more.

What a Difference a Financial Crisis Makes

President Obama's nominee to head the U.S. Securities and Exchange Commission ("SEC"), Mary Schapiro, recently responded to inquiries about her view on compliance with Section 404 of the Sarbanes-Oxley Act ("SOX 404").  This section of the Act has been widely criticized as overly burdensome and costly.  However, in light of the escalating number of financial reporting frauds related to the recent financial crisis, this view is changing.  Here are Ms. Schapiro's thoughts on SOX 404.

Regarding, SOX 404, accurate, robust, and easy-to-understand financial reporting -- and the internal controls that guarantee it -- are critically important to investors and to the efficient functioning of our markets. Right now, we have a system where some issuers are complying with 404 and others are still exempt from it. It’s time that we bring uniformity to the system so that investors know what to expect from companies, while being sensitive to the needs of small businesses. I look forward to working with the small business community in making sure they have the tools they need to comply with 404.

This is certainly an 180 degree about-face for the SEC, who under the leadership of Chairman Christopher Cox worked to delay full compliance for many years.  For those companies hoping for another delay, it will not be coming.  If your company needs assistance with SOX 404 compliance, email Wheelhouse Advisors at NavigateSuccessfully@WheelhouseAdvisors.com to learn more about cost-effective compliance solutions.

Rising Tide of Interest in ERM

A recent article in Business Finance Magazine highlights the rising tide of interest in Enterprise Risk Management. More companies are realizing that risk takes many forms and the agility to address risk events effectively is a key source of competitive advantage.  

Given the focus on risk at many firms, it's not surprising that the concept of "enterprise risk management" is capturing greater interest. In the past, most financial executives could zero-in on their companies' exposure to financial risks and not be as concerned with operational risk, says Carol A. Fox, chair of the ERM Development Committee at the Risk and Insurance Management Society (RIMS). Now, they have to be aware of potential surprises on the operational side, as well. "Risk management can't be siloed and be effective," she says.

Visit www.WheelhouseAdvisors.com to learn more about how we can help your company implement and streamline an Enterprise Risk Management program.

The Winds of Regulatory Change are Blowing

The Government Accountability Office recently released its proposed framework for modernizing the U.S. financial regulatory system.  The report provides a great overview of the evolution of our current, byzantine regulatory agency structure and offers some broad objectives for establishing a new structure.  Here is a summary of their proposed objectives.

1. Clearly defined regulatory goals - Goals should be clearly articulated and relevant, so that regulators can effectively carry out their missions and be held accountable. Key issues include considering the benefits of re-examining the goals of financial regulation to gain needed consensus and making explicit a set of updated comprehensive and cohesive goals that reflect today’s environment.

2. Appropriately comprehensive - Financial regulations should cover all activities that pose risks or are otherwise important to meeting regulatory goals and should ensure that appropriate determinations are made about how extensive such regulations should be, considering that some activities may require less regulation than others. Key issues include identifying risk-based criteria, such as a product’s or institution’s potential to create systemic problems, for determining the appropriate level of oversight for financial activities and institutions, including closing gaps that contributed to the current crisis.

3. Systemwide focus - Mechanisms should be included for identifying, monitoring, and managing risks to the financial system regardless of the source of the risk. Given that no regulator is currently tasked with this, key issues include determining how to effectively monitor market developments to identify potential risks; the degree, if any, to which regulatory intervention might be required; and who should hold such responsibilities.

4. Flexible and adaptable - A regulatory system that is flexible and forward looking allows regulators to readily adapt to market innovations and changes. Key issues include identifying and acting on emerging risks in a timely way without hindering innovation.

5. Efficient and effective - Effective and efficient oversight should be developed, including eliminating overlapping federal regulatory missions where appropriate, and minimizing regulatory burden without sacrificing effective oversight. Any changes to the system should be continually focused on improving the effectiveness of the financial regulatory system. Key issues include determining opportunities for consolidation given the large number of overlapping participants now, identifying the appropriate role of states and self-regulation, and ensuring a smooth transition to any new system.

6. Consistent consumer and investor protection - Consumer and investor protection should be included as part of the regulatory mission to ensure that market participants receive consistent, useful information, as well as legal protections for similar financial products and services, including disclosures, sales practice standards, and suitability requirements. Key issues include determining what amount, if any, of consolidation of responsibility may be necessary to streamline consumer protection activities across the financial services industry.

7. Regulators provided with independence, prominence, authority, and accountability -Regulators should have independence from inappropriate influence, as well as prominence and authority to carry out and enforce statutory missions, and be clearly accountable for meeting regulatory goals. With regulators with varying levels of prominence and funding schemes now, key issues include how to appropriately structure and fund agencies to ensure that each one’s structure sufficiently achieves these characteristics.

8. Consistent financial oversight - Similar institutions, products, risks, and services should be subject to consistent regulation, oversight, and transparency, which should help minimize negative competitive outcomes while harmonizing oversight, both within the United States and internationally. Key issues include identifying activities that pose similar risks, and streamlining regulatory activities to achieve consistency.

9. Minimal taxpayer exposure - A regulatory system should foster financial markets that are resilient enough to absorb failures and thereby limit the need for federal intervention and limit taxpayers’ exposure to financial risk. Key issues include identifying safeguards to prevent systemic crises and minimizing moral hazard.

These objectives were based on the GAO's analysis (see below) of the developments leading to the current financial crisis and regulatory shortcomings.  



As the report shows, it has taken more than a century to create the current regulatory structure.  The change required to achieve the GAO's objectives is massive and will require strong leadership and determination to succeed.

Where Did the Money Go?

The current Special Inspector General of the Troubled Asset Relief Program ("SIGTARP") is working to begin a formal audit of the TARP as a result of the lack of transparency into how the initial funds have been utilized by financial institutions.  The head of SIGTARP, Neil Barofsky, detailed his concerns last Thursday in a letter to Charles Grassley, the ranking member of the U.S. Senate Finance Committee.  Here is an excerpt from that letter.

"the current lack of transparency with respect to what recipients are doing with the money could hamper the ability of SIGTARP - as well as the other oversight bodies and of Congress -  to assess the effectiveness of various TARP initiatives over time.  In the context of a program this large and this important to the Nation's economic recovery, addressing the basic question, "Where did the money go?" is critical to credible and effective oversight of TARP."

Here is Senator Grassley's response to Mr. Barofsky's letter.

"The mindset expressed by the Special Inspector General in this letter gives me hope that greater transparency can be achieved for the taxpayers with the massive effort to rescue America's financial system. Lack of transparency, lack of accountability, and taking advantage of others were major factors in creating the financial crisis. The rescue effort won't succeed if it's got those same problems. I encourage the Special Inspector General to be as aggressive as possible in achieving full disclosure of how TARP dollars have been spent and will be spent so that program assessments can be made and future actions are as effective as possible."

Let's hope the SIGTARP finds an answer to their basic question quickly so that future funds are utilized in an efficient and effective way.

A Recipe for Failure

The lack of transparency into the TARP program is well known and a primary source of criticism.  The Wall Street Journal has presented new information into the side deals by our elected officials that are plaguing the rescue effort. In an article yesterday, they noted the following:

The goal of aiding only banks healthy enough to lend -- laid out by the Treasury when the program began -- clearly seems to have shifted, but in a way that's hard to pin down and that the Treasury has declined to explain. Part of the problem is that some powerful politicians have used their leverage to try to direct federal millions toward banks in their home states.

One of those politicians is none other than Barney Frank, chairman of the U.S. House Financial Services Committee. According to the Wall Street Journal, Rep. Frank directed the issuance of $12 million in TARP funding to OneUnited, a small bank in Rep. Frank's home state of Massachusetts.  Just prior to issuing this money, OneUnited had been given a "cease and desist" order by the FDIC due to poor lending practices and executive compensation abuses.  In addition, the bank was ordered to dispose of a 2008 Porsche sports-car that had been reserved for executive use.  Given the depreciation of high-end sports-cars, the Porsche must have qualifed as a "troubled asset".  

Back door dealings and excessive pay practices led us into this current financial crisis.  Continuing these practices under the guise of a rescue effort will certainly doom it to failure.  Here is Rep. Frank discussing his planned bill to place restrictions on use of TARP funds.  Let's hope he includes a Porsche restriction provision in the bill.

We Need to Make It Work

President Obama's nominee for Secretary of Treasury, Timothy Geithner, finally testified at his Senate confirmation hearing yesterday after a week delay caused by the disclosure of his failure to pay income taxes several years ago. Evidently, this issue was discovered in early December and disclosed to the Senate panel responsible for examining Mr. Geithner's nomination.  However, it was not disclosed to the public until last week.  Only then did the Senate Finance Committee decide to delay his confirmation hearing to investigate further.  

Whether or not paying his taxes was just an honest mistake on Mr. Geithner's part is not the larger issue here. The larger issue is the lack of disclosure and transparency into the nomination process.  Mr. Geithner's comments to the committee were ironic given the situation.  Here is an excerpt from his prepared testimony about the much maligned TARP program.

I know there are serious concerns about transparency and accountability, confusion about the goals of the program, and deep skepticism about whether we are using the taxpayers’ money wisely.  Many people believe the program has allowed too much upside for financial institutions, while doing too little for small business owners, families who are struggling to keep their jobs and make ends meet, and innocent homeowners.  

We have to fundamentally reform this program to ensure that there is enough credit available to support recovery.  We will do this with tough conditions to protect the taxpayer and the necessary transparency to allow the American people to see how and where their money is being spent and the results those investments are delivering.  And we are going to do that.  This is an important program and we need to make it work.

Mr. Geithner is right in his comments.  We need to make the TARP program work and the only way to do that is to provide full disclosure and transparency.  Without it, investor confidence will not return to our financial markets anytime soon.

The Sooner, The Better

Last week, a document was released by the Group of Thirty that provides some interesting ideas and insight into the future of our financial regulatory system.  For those unfamiliar with the Group of Thirty, it is a private, nonprofit, international body composed of very senior representatives of the private and public sectors and academia that aims to deepen understanding of international economic and financial issues, to explore the international repercussions of decisions taken in the public and private sectors, and to examine the choices available to market practitioners and policymakers.  Notable members of the Group of Thirty include Paul Volcker, Tim Geithner, and Lawrence Summers - all future members of the Obama Administration.  

The document is entitled "Financial Reform: A Framework for Financial Stability" and provides recommendations for improving our financial system once we have moved beyond the immediate financial crisis we are in today.  Of particular interest to readers of this blog are the following set of recommendations focused on governance and risk management. 

Regulatory standards for governance and risk management should be raised, with particular emphasis on:

a. Strengthening boards of directors with greater engagement of independent members having financial industry and risk management expertise;

b. Coordinating board oversight of compensation and risk management policies, with the aim of balancing risk taking with prudence and the long-run interests of and returns to shareholders;

c. Ensuring systematic board-level reviews and exercises aimed at establishing the most important parameters for setting the firm’s risk tolerance and evaluating its risk profile relative to those parameters;

d. Ensuring the risk management and auditing functions are fully independent and adequately resourced areas of the firm. The risk management function should report directly to the chief executive officer rather than through the head of another functional area;

e. Conducting periodic reviews of a firm’s potential vulnerability to risk arising from credit concentrations, excessive maturity mismatches, excessive leverage, or undue reliance on asset market liquidity;

f. Ensuring that all large firms have the capacity to continuously monitor, within a matter of hours, their largest counterparty credit exposures on an enterprisewide basis and to make that information available, as appropriate, to its senior management, its board, and its prudential regulator and central bank;

g. Ensuring industrywide acceptance of and action on the many specific risk management practice improvements contained in the reports of the Counterparty Risk Management Policy Group (CRMPG) and the Institute of International Finance.

These are great recommendations that will certainly strengthen the governance and risk management of our financial institutions.   However, implementation of these recommendations will take a great deal of effort and time.  The sooner we can begin to address these recommendations, the better.

Reducing Expenses May Not Reduce Risk

More and more companies are looking for ways to reduce expenses and a popular method recently has been outsourcing.  While many benefits come with an outsourced relationship, so does increased risk.  Proper due diligence and carefully crafted service level agreements are essential.  However, with the recent fraud at Satyam in India, those activities may not be enough.  A recent article in CFO magazine highlights the problem. Here is a excerpt from that article.

The enormously inflated cash balances at Satyam have popped a hole in the reputation of the outsourcing market, which has grown from business offering solely tech business, to back-office work such as finance and accounting. "This has really shaken up the outsourcing industry," says Peter Allen, a partner and managing director for outsourcing advisory firm TPI. "The industry is built on relationships that imply some level of trust and confidence and integrity."

How comfortable are you with your outsourcing partner?  Have you assessed the risks with the relationship lately?  If not, Wheelhouse Advisors can help.  Visit www. WheelhouseAdvisors.com to learn more.

Managing Risk is Job #1 for Boards

Corporate boards of directors have their plates very full these days with mounting financial pressures and, as a result, it is becoming painfully obvious that having a solid understanding of risk management is critical.  A recent article in Corporate Board Member magazine highlights the role of the board as it relates to effective risk management.

In the view of most directors, risk is the responsibility of the full board and the crux of the job. That’s why it is essential that the board become comfortable with the way management perceives and deals with risk in the company’s operations. Management needs a company-wide process for uncovering risk, usually some kind of enterprise-risk-management system that aggregates all the known risks the company faces—from access to capital to talent retention to viruses in the software—and prioritizes them according to the magnitude of their potential effects on the company and the probability of their occurrence. Then it is the board’s role to define the 10 or 20 most important risks, making them regular agenda items and part of every discussion of strategy.

Wheelhouse Advisors can assist management or boards of directors in developing a cost-effective enterprise risk management framework that will facilitate a better understanding of how risks are being managed throughout the company.  Visit www.WheelhouseAdvisors.com to learn more.

Startling Results

A recent survey of banking executives across the world provides confirmation of the very issues discussed on The ERM Current™ and should be a wake-up call to all corporate boards of directors - financial and non-financial alike.   The survey was conducted by KPMG and here is a sample of the results:

More than three-quarters (76 percent) of the almost 500 global banking executives surveyed report that risk management is still stigmatized as a support function at their bank. Only half (48 percent) said that risk management is understood to be the responsibility of everyone in the organization, and another 45 percent of respondents said their board lacks risk expertise.  When asked to rank the leading contributors to the credit crisis, the banking executives named incentives and remuneration (54 percent), followed closely by lack of risk governance (50 percent) and risk culture (48 percent).

For those who have been following The ERM Current™, these results should come as no surprise.  However, for those new readers, these are startling results indeed.  Much work remains to strengthen risk management practices and to ensure that they remain a vital part of corporate operations.

Are You Prepared to Ride the Wave?

Is your company prepared for the coming wave of regulation?  How flexible and cost-effective is your company's enterprise risk management program?  Answers to these questions may make or break companies as they struggle to emerge from the financial crisis.  A recent article in Treasury & Risk Magazine reinforces the risk management challenge.

With lip service paid to risk management but no real clout singled out as one of the culprits in the financial crisis, many companies in 2009 aim to make risk management a daily function of good governance. And since a new Congress and president both promise increased regulation, companies should expect to deal with risk management on Washington’s terms.  The chief risk officer’s (CRO) job will evolve from what was mainly a focus on regulatory compliance to include across-the-the board oversight of everything from Sarbanes-Oxley to credit risk to business continuity.

Wheelhouse Advisors is uniquely equipped to help companies build flexible, cost-effective and sustainable enterprise risk management programs.   Contact us at NavigateSuccessfully@WheelhouseAdvisors.com to learn how we can help you

There's a New Sheriff in Town

Yesterday, in a letter to the U.S. Senate and House Leadership, Lawrence Summers provided a preview of what is to come in the new Obama Administration.  Mr. Summers has been appointed by President-elect Obama as the Director of the National Economic Council.  In the letter, Mr. Summers put forth the request for the release of the additional $350 billion of TARP funds.  More importantly, he presented President-elect Obama's view on the current situation and planned restrictions on financial institutions that are recipients of the TARP funds. Mr. Summers commented on Mr. Obama's views:

He (President-elect Obama) believes that the American people are right to be angry with the way this plan has been implemented.  President-elect Obama believes there has been too little transparency and accountability.

Beginning next week when President-elect Obama is inaugurated, financial institutions will be faced with new challenges and responsibilities to not only their shareholders, but also to the American taxpayers.  As they say in the old Western motion pictures, "There's a new Sheriff in town."  Is your company ready?

New COP on the Beat

Last Friday, the Congressional Oversight Panel ("COP") released its second report on the management of the Troubled Asset Relief Program ("TARP") by the U.S. Treasury.  The COP was recently established by the United States Congress to review the current state of financial markets and the regulatory system.  The COP is empowered to hold hearings, review official data, and write reports on actions taken by the U.S. Treasury and financial institutions and their effect on the economy.

Through regular reports, COP must:

• Oversee Treasury’s actions


• Assess the impact of spending to stabilize the economy


• Evaluate market transparency,


• Ensure effective foreclosure mitigation efforts


• And guarantee that Treasury’s actions are in the best interest of the American people.

The report was scathing and highly critical of both the U.S. Treasury as well as U.S. financial institutions that are benefiting from TARP.  Below are two focus areas of the report and related comments.

Bank Accountability

The Panel still does not know what the banks are doing with taxpayer money. Treasury places substantial emphasis on the importance of restoring confidence in the marketplace. So long as investors and customers are uncertain about how taxpayer funds are being used, they question both the health and the sound management of all financial institutions. The recent refusal of certain private financial institutions to provide any accounting of how they are using taxpayer money undermines public confidence.  

Transparency & Asset Evaluation

The bubble that caused the economic crisis has its foundations in toxic mortgage assets. Until asset valuation is more transparent and until the market is confident that the banks have written down bad loans and accurately priced their assets, efforts to restore stability and confidence in the financial system may fail.

Based on this report, it seems that the two main causes of the financial crisis - lack of accountability and lack of transparency - continue to plague our financial system.  Until these two issues are fully confronted and addressed at all levels, the crisis will continue unabated.   

Corruption Across the Globe

Given the recent high profile cases of fraud and corruption in the United States and India (i.e. Bernard Madoff, Rod Blagojevich and Satyam Computer Services), a 2008 study by Transparency International is particularly enlightening (see illustration below).  In the study, the United States ranked 18th on a list of 180 countries.  Denmark, New Zealand and Sweden top the list as the least corrupt countries, with Somalia, Iraq, Myanmar and Haiti at the bottom of the list.  The authors of the study noted the following:

Whether in high or low-income countries, the challenge of reigning in corruption requires functioning societal and governmental institutions. Poorer countries are often plagued by corrupt judiciaries and ineffective parliamentary oversight. Wealthy countries, on the other hand, show evidence of insufficient regulation of the private sector, in terms of addressing overseas bribery by their countries, and weak oversight of financial institutions and transactions.

It remains to be seen what the 2009 study results will say about the United States and others.  Right now, it looks like a race to the bottom of the list.  Let's hope for improvements in corporate governance, internal controls and risk management in 2009.

Financial Fraud Knows No Boundaries

Corruption and fraud on a massive scale knows no boundaries as we discovered again in the disclosure by global outsourcer, Satyam Computer Services, Ltd.  The company's chairman orchestrated the fraud by falsifying company accounts and inflating revenue and profit figures over several years.  In addition, the cash position of the company was most recently reported at more than $1 billion - an amount that was completely false.  The Wall Street Journal reported the following:

The news prompted concerns about corporate governance and accounting standards across Indian industry, especially since Satyam was audited by PricewaterhouseCoopers and had high-profile independent directors, including a Harvard Business School professor, on its board until recently. PricewaterhouseCoopers said it was examining Mr. Raju's statement and declined to comment further. Immediate comparisons were drawn to the watershed in U.S. corporate accounting and governance standards that stemmed from the Enron crisis.

"Satyam is now India's Enron. The independence of the board was already in question, now the auditors' complicity in what seems to be a multi-year misstatement of financials will also be explored," CLSA said in a note.  The chairman of the Securities and Exchange Board of India said Wednesday the unfolding fraud at Satyam is an event of "horrifying magnitude."

Much must be done to stem the tide of corruption and fraud in the corporate boardrooms and executive suites. Our entire financial system depends on investor confidence that is quickly eroding.  Strong internal control over financial reporting is essential and can be a source of competitive advantage in an environment such as this.  Visit www.WheelhouseAdvisors.com to learn how we can help you.

Refining Risk Management

In the January 2009 issue of CFO magazine, an article examines the risk management challenges faced by many corporations in the wake of the financial crisis.  The article entitled "Rethinking Risk" rightly advises that new approaches are needed to successfully implement effective enterprise risk management programs.  Here is an excerpt from the article.

But some CFOs caution that formal enterprise risk management (ERM) programs won't succeed if they don't mesh well with a company's culture. Impose a new framework from on high and you risk crushing something underneath.  Progress may depend largely on incremental improvements rather than technological leaps or massive consulting engagements. Existing risk-reporting processes must break down silos that impede risk oversight and prevent a broader awareness of risk throughout the organization. 

In most cases, a thoughtful, strategic approach to refining a risk management program is all that is needed. Wheelhouse Advisors provides cost-effective solutions to help corporations refine and streamline their risk management practices.  Visit www.WheelhouseAdvisors.com to learn more.

The Great Unspoken Danger

Yesterday, the U.S. House Committee on Financial Services conducted a preliminary hearing into the investigation of regulatory failure associated with the $50 billion Madoff Hedge Fund fraud.  Among those testifying was Leon M. Metzger, a Yale University professor and expert on hedge fund management.  His commentary included the following:

I wish to stress two things: first, the need for top-notch internal controls and second, that operational risk is the great unspoken danger.   A 2003 study of 100 hedge fund failures over a 20 year period concluded that 50 percent of hedge funds had failed due to operational risk...  When I was interviewed in August 2004 about teaching a hedge funds course at the Yale School of Management, I said that I wanted to emphasize good operational controls, which investors tend to overlook, and are essential to the success of an investment.  I was offered the job, and the importance of those controls is what I stress whenever and wherever I teach.  

Many risk experts fail to recognize the importance of strong internal controls, but they are (to use a football analogy) the "blocking and tackling" of risk management.  Without a solid internal control framework, any hedge fund, financial institution or corporation is likely to suffer a similar demise.  Wheelhouse Advisors can provide a no-cost diagnostic review of your internal control structure.  Visit www.WheelhouseAdvisors.com to learn more.

Ignoring the Black Swan

An article in this week's edition of The New York Times Magazine entitled "Risk Mismanagement" provided a view into the use of statistical models in the world's largest financial institutions to understand risk.  Value at Risk ("VaR") models are the focus of the article and are criticized for not predicting rare, catastrophic events (known as Black Swans) such as the financial crisis that we have experienced.  

At the height of the bubble, there was so much money to be made that any firm that pulled back because it was nervous about risk would forsake huge short-term gains and lose out to less cautious rivals. The fact that VaR didn’t measure the possibility of an extreme event was a blessing to the executives.  It made black swans all the easier to ignore.  All the incentives — profits, compensation, glory, even job security — went in the direction of taking on more and more risk, even if you half suspected it would end badly. 

While the VaR models are not perfect, they should not shoulder the blame for the mismanagement of risk.  The mismangement of risk was driven by short-term decision making and pure greed.