SEC Proposes New Credit Rating Rules

This week, the U.S. Securities and Exchange Commission (”SEC”) issued proposed rules that will have a great impact on the integrity of credit ratings going forward. The quality of credit ratings were highly suspect in the aftermath of the financial crisis of 2008. Many of the greatest losses incurred by financial institutions, municipalities and pension funds resulted from investments in securities that were touted as “investment grade”. However, as we know now, those investments were anything but. Now, the SEC will require Nationally Recognized Statistical Rating Organizations (”NRSROs”) like Moody’s and Standard & Poors to adhere to stricter controls and disclose more information about how the ratings are derived. The SEC issued the following statement supporting the approval of these new rules.

“In passing the Dodd-Frank Act, Congress noted that credit ratings applied to structured financial products proved inaccurate and contributed significantly to the mismanagement of risks by financial institutions and investors,” said SEC Chairman Mary L. Schapiro. “Our proposed rules are intended to strengthen the integrity and improve the transparency of credit ratings.”

Under the SEC’s proposal, NRSROs would be required to:

1. Report on internal controls.
2. Protect against conflicts of interest.
3. Establish professional standards for credit analysts.
4. Publicly provide – along with the publication of the credit rating – disclosure about the credit rating and the methodology used to determine it.
5. Enhance their public disclosures about the performance of their credit ratings.

Let’s hope these rules help to restore integrity to the marketplace and help investors better understand the risks involved in a given investment.

Waves of Reform Impacting ERM Efforts

As Enterprise Risk Management ("ERM") has evolved as a discipline over the last decade, it has been largely shaped by waves of reform efforts resulting from corporate fraud in the early 2000's to economic catastrophes and widespread corruption in the latter half of the decade. According to a recent article by Mary Driscoll in Business Finance Magazine (a partner publication of The ERM Current), a new wave of ERM change and focus is at hand. Through several sources, Mary offers her view of the most recent wave and the one on the horizon.

The third wave, which is proving just as significant, came in early 2010 in the form of SEC Rule 33-9089, which "mandates disclosure of risk oversight and risk reporting lines, risk assessment by business unit, and assessment of the risk associated with compensation plans," explains Paul Walker, Associate Professor of Commerce at the University of Virginia and a leading academic in the field.

"Furthermore, the recent Dodd-Frank Wall Street Reform and Consumer Protection Act has raised the risk bar by mandating risk committees and risk experts on those committees. Add to this the fiduciary duty pressure on boards and the potential risk-related lawsuits, and you end up with risk getting attention at every level of the organization," adds Walker.

Now consider this twist. According to an article by Deloitte Financial Advisory Services LLP's Toby Bishop, "The Dodd-Frank Act has created a large financial incentive for whistle-blowing in companies across all industries." An area of particular concern relates to violations of the Foreign Corrupt Practices Act, and that could mean higher potential liabilities for companies moving aggressively into emerging markets where local officials expect to trade access for cash.

What has your company done to prepare for the potential impacts of these waves?  If you would like to learn more about practical, cost-effective solutions, let us know by emailing us at NavigateSuccessfully@WheelhouseAdvisors.com.

Wheelhouse Announces New Strategic Alliance

Wheelhouse Advisors and Xactium are pleased to announce their new strategic alliance for the implementation of Xactium's Force.com Governance, Risk and Compliance applications.

Wheelhouse, a professional services firm specializing in Enterprise Risk Management & Control will be Xactium’s first US-based partner, operating in Atlanta, Georgia.

John A Wheeler, founder and Managing Principal of Wheelhouse Advisors brings over twenty years of strategic, operations and risk management professional to the firm. Prior to founding his company, John served as a Senior Vice President within the Corporate Risk Management division at a major U.S financial services company.

Dr. Andy Evans, Managing Director of Xactium, said: “This is a great opportunity for collaboration and signals the widening interest in our Force.com GRC Suite. Working with Wheelhouse will enable us to extend our reach to American markets and reinforce our position as a leading cloud risk solution provider. ”

John added: “We recognise the power of Xactium’s cloud-based solutions to provide clients with a complete, robust solution in a time frame they want. We look forward to extending our level of customer support with our new implementation services.”

The partnership follows a period of growth from Xactium, whose customer numbers have more than doubled in the last year. The potential for a future Xactium North America division will also be considered.

About Xactium: Xactium is a leading cloud-computing software company specialising in Governance, Risk and Compliance (GRC) solutions. Xactium helps customers efficiently and effectively access and manage risk and compliance activities without the need for complex, expensive risk software. Recent significant business wins include insurance brokers Jardine Lloyd Thompson; insurance and reinsurance group, RiverStone Europe; and Scottish water retailer, Business Stream.

About Wheelhouse Advisors: Founded in 2007, Wheelhouse Advisors serves corporate clients across the United States with the implementation and continuous improvement of their Enterprise Risk Management (“ERM”) programs. Their service offerings include: Bespoke Enterprise Risk Assessment, Independent Risk & Control Program Analysis, Financial Process Compliance; and Governance, Risk & Compliance Automation.

The Path to ERM Success

The path to success in implementing an Enterprise Risk Management (”ERM”) program can be found in greater integration and better technology - that’s according to a recent survey presented at the 2011 Risk and Insurance Management Society (”RIMS”) Conference in Vancouver, British Columbia. Entitled “Excellence in Risk Management VIII”, this is an annual independent survey of executives conducted for RIMS by Marsh. The most common focus area noted in the survey is a desire to strengthen enterprise or strategic risk management approaches. While more than half of the survey respondents indicated this desire, a majority saw the primary barrier to achieving this goal was a lack of understanding of the risk landscape across numerous silos of information.

As a result, 55% of the respondents expect to integrate risk management deeper into and across operations and 54% of respondents expect to perform day-to-day risk management activities more efficiently. To meet these expectations, organizations will need to improve the way they gather and report risk data through more cost-effective technology. The survey report supports this notion through the following observation. “It’s worth noting to risk managers that their counterparts in the C-suite were the most likely to view technology upgrades as a focus area. This should help pave the way for technology that can ease the time spent on mundane tasks and open the door to developing the deeper integration of risk management with other departments.”

Source: Risk & Insurance Management Society, Excellence in Risk Management VIII

FDIC Calls for Risk Management Improvements

This week, the Federal Deposit Insurance Corporation (”FDIC”) released a special edition of its Supervisory Insights publication focusing on the recent foreclosure crisis in mortgage banking. In the report, the FDIC provides additional perspective on the deficiencies in internal processes, staffing and control that resulted in a foreclosure moratorium by several of the largest mortgage servicing institutions in late 2010. The FDIC worked with the lead regulatory agencies of the fourteen largest mortgage servicers in the United States to conduct extensive reviews of current foreclosure practices.

The reviews uncovered many common issues among the mortgage servicers. The FDIC noted the following, “concerns included lax foreclosure documentation, ineffective controls over foreclosure procedures, and deficient loss mitigation procedures and controls. Many institutions failed to commit resources sufficient to manage responsibly the rapidly growing volume of mortgage loans in default or at risk of default. Weak governance and controls increased legal, reputational, operational, and financial risks while creating unnecessary confusion for borrowers.”

While the report focuses specifically on the foreclosure shortcomings, it can also serve as a reminder of the value of strong internal controls and risk management practices. As our business processes grow to be more complex and interconnected, the risks inherent in the processes grow exponentially. Unchecked, these risks can quickly propel a business into a full-blown crisis.