StratexSystems webinar
Enabling Effective Conduct Risk Management 19/02/2014
Page 2
Introductions
CEO & Co-founder of StratexSystems, the leading provider of integrated strategy & risk management solutions on the Microsoft SharePoint platform
15 years plus in strategy and risk management
2006/07 -12 month / 21 organisation research project into the integration of strategy and risk management
2008 - Created the Risk-Based Performance Management methodology during various strategy and risk related engagements in the city
Page 3
About StratexSystems
Our MissionTo provide an integrated strategy and risk management solution which enhances strategy execution, improves capital efficiency by 15% and reduces operational losses 25% while providing 100% confidence that your business is operating within appetite.
One client’s results“Since HML commenced its initiative to implement an enterprise-wide risk management framework in March 2008, we have reduced our Pillar 2 capital by 81.2% while delivering a 94% reduction in the value of errors and a 63% reduction in the volume of errors” – Head of Enterprise Risk, Homeloan Management Limited
Page 4
The creation of the FCA introduced a new regulatory approach
3 Pillars Regulatory Approach
Outcomes
Firm Systematic Framework (FSF)
1. Consumers get financial services and products that meet their needs, from firms they can trust;
2. Markets and financial systems are sound, stable and resilient, with transparent pricing information; and
3. Firms compete effectively, with the interests of their customers and the integrity of the market at the heart of how they run their business.
FCA Objective
To make relevant markets work well so consumers get a fair deal.
Event-driven work Issues and products
Page 5
The creation of the FCA introduced a new regulatory approach… and some confusion!But what is Conduct Risk?The Risk of a firm treating its customers unfairly and delivering inappropriate outcomes
What is Conduct Risk Appetite?The level of Conduct Risk a firm is willing to take to achieve its strategic objectives
"we do not have a master definition of 'conduct risk‘ - FCA
Page 6
What has the FCA been saying to the market?
Page 7
What has the FCA been saying to the market?
Page 8
What does the FCA really want from firms?
Customers at the heart of your firm’s business model and strategy
“Good profits”
A strategic approach with strong senior management and board engagement
Cultural Change & Accountability
Not a narrow focus on compliance to rules
Page 9
How to meet FCA requirements…and enable effective conduct risk management (and strategy execution)
Enabling software solution which embeds a Risk-Based approach
Proven approach to drive & sustain change
Risk-Based approach to managing your firm
Page 10
Taking a Risk-Based approach to managing your firm
We wrote the book on integrating strategy & risk management
Page 11
Risk-Based Performance Management (RBPM) is a holistic and integrated approach to strategy execution and risk management
Performance Management
Risk Management
Strategy Management
Appetite
What are we trying to achieve?
Are we on track?
What is our Risk Appetite?
Are we operating within appetite?
Governance & Communications
Culture
Page 12
The Risk-Based Performance Management (RBPM) methodology is based on seven management disciplines
Business Drivers
Shareholder Value
2. Manage Performance
3. Manage Risk
1. Set Strategy
5.Governance
6.Communications
7.Culture
Capital ?Income
Share Price ?Economic value add
4. Appetite Alignment
Reputation
Profit
Appetite Appetite
Page 13
Central to this integrated model for Strategy and Risk Management is the Strategy Map
Page 14
The Strategy Map articulates how an organisation creates valueFi
nanc
ial
Cust
omer
Inte
rnal
Pr
oces
sLe
arni
ng &
G
row
th
Increase Investment Returns by 25%
Sustainable Growth
Increase Retention of competent staff by
10%
“their ROI is aligned to my
appetite”
Increase Shareholder value
Objective KPIs InitiativesTargets
Increase Investment
Returns by 25%
YTD % Increase in investment
returns25%
Implement new portfolio mgt system
Objective Statement of what
strategy must achieve and what’s
critical to its success
KPIs How success in achieving the
strategy will be measured and
tracked
Targets The level of
performance or rate of
improvement needed
Initiatives Key action programs
required to achieve Priorities
Page 15
However, to create value, risk-taking must be aligned to strategy…Fi
nanc
ial
Cust
omer
Inte
rnal
Pr
oces
sLe
arni
ng &
G
row
th
Increase Investment Returns by 25%
Sustainable Growth
Increase Retention of competent staff by
10%
“their ROI is aligned to my
appetite”
Increase Shareholder value
Objective Appetite AlignmentExposure
Increase Investment
Returns by 25%
Objective Statement of what
strategy must achieve and what’s
critical to its success
Appetite How much risk
are we willing to run to achieve the
objective?
ExposureHow much risk
are we currently running?
Alignment Is our current risk-taking aligned to
appetite?
Moderate High Over-exposed
Page 16
Effective risk management also supports value creation and protection...Fi
nanc
ial
Cust
omer
Inte
rnal
Pr
oces
sLe
arni
ng &
G
row
th
Increase Investment Returns by 25%
Sustainable Growth
Increase Retention of competent staff by
10%
“their ROI is aligned to my
appetite”
Increase Shareholder value
Objective Risks MitigationThresholds
Increase Investment
Returns by 25%
Unexpected changes in interest rates
Unexpected Equity movements
Appetite Tolerances
Controls Initiatives Policy &
procedures Processes
Objective Statement of what
strategy must achieve and what’s
critical to its success
RisksThe threats and
opportunities (risks) exist which may
impact achievement of objectives
ThresholdsThe appetite and
tolerance thresholds used to monitor risk
Mitigation The activities undertaken to manage risk
Page 17
The Strategy Map can be used to demonstrate the role customer outcomes play in the firm’s strategy
Fina
ncia
lCu
stom
erIn
tern
al
Proc
esse
sLe
arni
ng &
G
row
th
Drive Shareholder value
Deliver Revenue Growth Control Costs
“We received good value”
“Their fees are clear and fair”
“Their solutions continue to meet our
changing needs”
“We have quick, convenient access to
our financial info”
Drive sales execution
Ensure effective Complaints handling
Deliver outstanding customer service
@ POSContinuously seek to
understand client needs
“We align our incentives to our appetite & desired
behaviours”
“We sell the right products, to the right
people, the right time”
“We leverage our data to deliver positive customer
outcomes
Information Capital Cultural Capital Human Capital
Having clear and achievable financial objectives is critical to ensure the firm is sustainable and will be around to provide on-going service
By convention, customer outcomes are expressed is phases you would like to hear your customers use to describe your firm and products/services
To deliver financial and customer outcomes, we must be clear about the key processes which will enable us to deliver those outcomes.
Underpinning the delivery of the key processes, financial and customer outcomes is the organisational culture.
Page 18
The four perspective Risk Map can give greater insight into the risk profile, specifically from a Conduct perspective
1. Risks related to Financial outcomes Is our firm sustainable? Will we be around to provide on-
going service and product support?
2. Risks related to Customer outcomes Are we operating within our
conduct risk appetite? What are the current and
emerging conduct risks?
3. Risks related to Internal Processes What are our process risks and
how are they changing? Are we operating within our risk
appetite?
4. Risks related to Culture What are our culture risks and how
are they changing? Are we operating within our risk
appetite?
1 2
3 4
Page 19
Appetite Alignment Matrix is one of our key innovations and a key tool for monitoring the alignment of risk-taking to strategy
Enables monitoring of the alignment of risk-taking to strategy
Enables the monitoring of risks which are outside of appetite
Also shows where we are taking too much and not enough risk
Changes the risk conversation
Are we operating within (your conduct) Appetite?
Do you have the ‘tools’ to know?
Over-exposed
Under-exposedAligned
Page 20
Like objectives at the strategic level, a risk and controls framework can be wrapped around processes
20
Processes
KPIs Actions Key Risks
KRIs Actions Assessment Key Controls
KCIs Actions Assessment
Events
Certification
Risk Appetite
From a Conduct Risk perspective, define, manage and monitor key customer
processes, such as New Product Development, Sales Execution,
Customer service, Complaints handling etc.
Page 21
At an operational level, process and initiative Matrix’s are used to align the operational level to the strategic
Operational Alignment Matrix can be used to align the operational level to strategic; Objectives Risks Controls
Use percentages to show the level of alignment 100% - Very Strong Alignment 75% - Strong Alignment 50% - Moderate Alignment 25% - Weak Alignment 0% - No Alignment
Page 22
How to meet FCA requirements…and enable effective conduct risk management (and strategy execution)
Enabling software solution which embeds a Risk-Based approach
Proven approach to drive & sustain change
Risk-Based approach to managing your firm
Page 23
The Risk-Based Performance Management (RBPM) roadmap can be used to guide the implementation of an effective response to the Conduct Risk agenda
Define Strategic
Goals
Define Strengths & Weaknesses
Define Business Drivers
Define the Strategy
Define Processes
Define Initiatives
Define Operational
Risks
Define Operational
Controls
Define Indicators
Assess Risks & Controls
Monitor Appetite
Alignment
Define Strategic
Risks
Define Strategic Controls
Define the Business Model
Define Risk Appetite
Align Risk Appetite &
Strategy
Define Strategic
Objectives
Board Executive
Formulation Execution
Page 24
The RACI model is embedded within our solution and is used to clarify and embed accountabilities for (customer) outcomes
“The buck stops here”
Those with Yes/No authority related to the objective, risk or
control.
“Keep in the loop”
Those involved prior to decisions or action related to the objective, risk or control.
“The doers”
Those people working on delivering the objective, managing the risk or applying the control.
“Keep in the picture”
Position(s) that need to know about decision or action related to the objective, risk or control.
PP
Page 25
How to meet FCA requirements…and enable effective conduct risk management (and strategy execution)
Enabling software solution which embeds a Risk-Based approach
Proven approach to drive & sustain change
Risk-Based approach to managing your firm
Page 26
Introducing StratexPoint
Built on the ubiquitous SharePoint platform
Supports each of the Three Lines of Defence
Comprehensive in nature but modular in deployment
Our solution delivers:
High ROI High User Adoption High Levels of assurance that your
business is operating within appetite
StratexPoint is also a proven tool for supporting the 4th Line of Defence
Page 27
StratexPoint is one of the most complete strategy execution & risk management solutions available today
Leverage your existing
technology
Business driven design
Risk-Based Performance ManagementBalanced Scorecard & Strategy Map
Enterprise & Operational Risk ManagementRisk-Based Internal Auditing
1st LineStrategy-focused, Risk Aware culture enabled
and embedded
2nd LineWork with the business
to build competitive advantage
3rd LineTake a Risk-based
approach to auditing and business assurance
78% of Fortune 500 companies Every day for the past five years, 20,000 workers have
joined the ranks of SharePoint users One in every five knowledge workers now has access to
SharePoint
Easy access to powerful MI &
Analytics
Page 28
Underpinning our solution is a ‘conceptually sound’ data model which embeds a Risk-Based approach
Objectives
KPIs Actions Key Risks
KRIs Actions Assessment Key Controls
KCIs Actions Assessment
Events
Certification
Risk Appetite Processes Initiatives Systems People &
Roles Assets
Operational enablers are aligned to strategy
Entity
Business Drivers
Governance Commentary Workflows Audit Trails
Build a strategy focused, risk aware culture
Page 29
Our solution enables firms to the requirements of Conduct Risk whilst driving business change and value
Customer Objectives
KPIs ActionsCustomer Key Risks
KRIs Actions AssessmentCustomer
Key Controls
KCIs Actions Assessment
Events
Certification
Customer Risk
Appetite
Customer Processes
Customer Initiatives
Customer Systems
Customer People &
Roles
Customer Assets
Operational enablers are aligned to strategy
Entity
Business Model
Governance Commentary Workflows Audit Trails
Build a strategy focused, risk aware culture
Page 30
Example of a Overview Conduct Risk dashboard
Page 31
Example ‘Bubble’ up Dashboard
Page 32
Example Strategy Map
Page 33
Example Risk Map
Page 34
Indicator ‘Line of Sight’ Dashboard
Page 35
Q&A
Stratex Conduct Risk QuickStart
Delivering Effective Conduct Risk Management…Fast, at a low cost with guaranteed delivery
Page 37
About the Stratex Conduct Risk QuickStart
Pre-built Conduct Risk template solution and implementation plan to enable an effective and proven approach to conduct risk.
Quickly establish the platform and approach to enable you to demonstrate you have an effective approach to conduct risk.
Proven, low cost, low risk solution
Clear set of deliverables within agreed timescales (30 – 90 days depending on initial scope)
Guaranteed delivery
Page 38
Conduct Risk QuickStart Overview Plan
30 to 90 Days (depending on scope)
Discovery Deploy
Installation (SharePoint & Reporting)
UAT Live
Prepare and import existing conduct data (if applicable)
Review existing conduct approach & MI
StratexPoint Training
Admin Power User
Develop Conduct Risk ‘Reporting pack’ & custom MI
Handover
Next 90 Days Workshop & Roadmap
Design Build
Deploy Stratex Conduct Template
Page 39
Conduct Risk QuickStart
Pre-built Conduct Risk template including; Conduct Risk Strategy
Map & Risk Map Conduct Risk Appetite
approach & tools Conduct Risk Performance
& Risk Scorecards Conduct Risk register Conduct Risk controls Conduct Risk indicators
(KPIs, KRIs & KCIs) Accountabilities model
(RACI)
About the Stratex Conduct Risk QuickStart
What is included?
Scoping and discovery workshops Support the initial installation of
StratexPoint on UAT and Live Deployment of a Conduct Risk template Import of existing Conduct Risk
information or data User requirements works to refine the
Conduct Risk approach & framework 1 day Administration training course 2 day Power User training course (x 1 – 5) Deployment and review all standard
reports Create a single customised Conduct Risk
‘reporting pack’ Full project management approach Next 90 days roll-out & embedding
workshop and roadmap 25 User Licenses of StratexPoint
Who will deliver & what will it cost The QuickStart is delivered
by 1 Business consultant 1 Technical consultant 1 Project Manager (50%)
The QuickStart is typically delivered in between 30 – 90 days depending on initial scope.
The QuickStart includes a full money back guarantee
Page 41
Contact details
Andrew SmartCEOStratexSystems
Email: [email protected]: www.riskbasedperformance.comWeb: www.stratexsystems.com LinkedIn: http://uk.linkedin.com/in/ajsmartTwitter:@AndrewJSmart