Enterprise Risk Management“From Book to Board Room”

Raghuraman Ranganathan

Senior Manager, Corporate Risk Center of Excellence

Enterprise Risk Management

Wipro Limited

© 2010 Wipro Ltd - Confidential2

What do we have here….

120 Mins…..time together

This is our T20 and Strategic Timeout

How to – Make it useful for you & us

Lets bowl to each other & not drop catches

Our Brief: Get to know how risk management theories can move from Books to Board RoomStatutory Warning: This presentation has an overdose of Cricket & Risk.

© 2010 Wipro Ltd - Confidential3

HistoryHistory and Need for Enterprise risk management

Pre-Match

© 2010 Wipro Ltd - Confidential4

History of Risk Management(this is a video played during the session)

© 2010 Wipro Ltd - Confidential5

Uncertainty

Risk

Enterprise Risk ManagementFramework

Opportunity

Entity / Firm

Risk Minimization framework Opportunity Maximization

Wealth creation

Stakeholder Need for ERM

Enterprise Risk Management optimizes risk, Does not eliminate it

Compliance & Assurance for Stakeholders

© 2010 Wipro Ltd - Confidential6

Sarbanes – OxleyHIPAAFERCCA SB 1386CA SB 1950PIPEDAHomeland Security

Personal DataProtection Law

Bill 3494/2000Bill 321/2004

Companies ActDPARIPBasel IIIASReg.357

Companies ActSarbanes OxleyBanking Act

Japan PrivacySOXFICS

CLERP 9AS4360PersonalData Protection Law

Compliance Need for ERM

- Wipro Global Foot Print

© 2010 Wipro Ltd - Confidential7

Managing Outsourced Relationships

Customer wants - Business needs

Size & Scale of Business Robustness of

Processes

Impact of Globalization

Continuous Compliance

Mergers & Acquisitions Value for every

rupee spent

Increasingly Strict regulations

DynamicChanges

© 2010 Wipro Ltd - Confidential8

OverviewThe Business Environment in which we operate and our boundaries

The Playing Ground

© 2010 Wipro Ltd - Confidential9

Business Environment

Customer Delinquency

Forex Volatility

Technology

Economic Conditions

Physical Security Threats

Labor & other Regulatory

changes

Country Policies

Taxation

Business Growth & Delivery

M&ACorporate

Governance & Financial Reporting

Treasury

People Supply Chain

Customer Credit

Regulatory Compliance

External RisksInternal Risks

Customer Demands

Climate Change &

Sustainability

© 2010 Wipro Ltd - Confidential10

Global Risks – 2011World Economic Forum

1. Fiscal Crises

2. Climate Change

3. Extreme Energy Price Volatility

4. Economic Disparity

5. Global Governance Failures

Top Risks

Source: http://riskreport.weforum.org/global-risks-2011.pdf

© 2010 Wipro Ltd - Confidential11

Concepts – Internal Vs External

The Toss

© 2010 Wipro Ltd - Confidential12 12

Global Risk Management Standards

1.The Orange Book; Management of Risk -Principles and Concepts, 1st edition:2001 by HM Treasury, Edition used: October 2004

2.ISO/FDIS 31000; Risk Management –Principles and Guidelines, by International Organization for Standardization, Edition used: November 2009

3.AS/NZS 4360:2004; Risk Management, 1st

edition: 1995, by Joint Technical Committee OB-007, Risk Management, Edition used: June 2006

4.COSO; Enterprise Risk Management –Integrated Framework, First Edition: 2001, Edition used: 2004

© 2010 Wipro Ltd - Confidential13

COSO ERM Framework

Three Foundational Aspects:1. Achieving Entity Objectives:

Wipro’s approach of 5 Risk Areas• Strategic • Operations• Financial • Reporting• Compliance

2. Applies to activities at all levels of the organization

3. Eight interrelated components

© 2010 Wipro Ltd - Confidential14

Risk Management Methodology

•Strategic•Operational•Financial•Compliance

•Scope•Nature•Owner•Quantification•Tolerance•Treatment •Qualitative

•Quantitative

Risk Estimation Vs.

Risk Appetite

•Internal •External

•Risk Control / Mitigation•(Avoid/Transfer/Finance)

•Audits•Reporting & Reviews

Source : Risk Management Standard, IRM

© 2010 Wipro Ltd - Confidential15

If You thought that was a theory…ERM is Virtually What managers do on Every-day Basis

© 2010 Wipro Ltd - Confidential16

Risk Management is Evolving

From: Finance function

Financial risks

Risk insurance

Treasury risks

Exchange risks

To: Entire enterpriseOperationsFinanceTechnologyHuman resourcesCompetitionRegulatoryEnvironmentalGlobal expansionReputation

© 2010 Wipro Ltd - Confidential17

Risk Interconnection & Cascading effect

Problem: Two low impact risk occurring simultaneously can have devastating effect on the system.Response: To NOT look at risks in isolation. A Scenario analysis to be done by looking at risks in conjunction.

+ 55 million people out of power for 10 hours=

A transmission line touching tree

A bug in the IT system

1 plus 1 can be 11 in their impact and not just 2 !

Security incident or delivery issue

Change in customer management

Contract renegotiation+ + =

© 2010 Wipro Ltd - Confidential18 18

1) Wipro ERM Strategic Plan

2) ERM Framework and Architecture

3) Integrated Risk Management at Wipro

4) Risk Management philosophy to act fast on weak signals

5) Board and Audit, Risk and Compliance Committee role on risk management at Wipro

6) Deal risk index model

7) Customer credit risk assessment model

8) Country risk assessment model

9) Alliance partner risk assessment model

Wipro Specific Risk Management Areas(Discussed during the Session – Not included in this deck as Wipro Confidential)

18

19

1) Evolving Maturity models for Enterprise risk management

2) Industry specific risk management models

3) Risk Management training for Corporates

4) Joint IP development models

5) Risk Management Automation rollouts

Opportunities for CAs

19

20

Thank You!