By: Tim J. Leech
|Enterprise Risk Management (“ERM”) as a movement has been around for more than a decade. Unfortunately, a 2010 COSO survey disclosed that only limited progress has been made convincing senior management and boards that ERM is key to maximizing and safeguarding long term enterprise value, allocating expensive human and financial resources, or managing major risks to strategic and core business objectives. At the same time there is growing consensus that one of the root causes of the global financial crisis of 2008 was deficient risk management and oversight. The majority, if not all, of the organizations at the center of the 2008 global financial crisis had some form of ERM. In most cases their CEOs, CFOs and auditors had all previously certified they had effective internal control over financial reporting in accordance with the 1992 COSO Internal Control – Integrated Framework, including controls over risk assessment processes and valuation of the toxic investment products at the heart of the global crisis.
In light of the massive wave of corporate governance failures linked to the global financial crisis of 2008, regulators in the U.S., Canada, Europe and elsewhere now require public companies disclose specifics on how their boards of directors oversee the effectiveness of risk management. At the same time, institutional investors, credit rating agencies, and board of director associations are all calling for major improvements in risk management and oversight.
Continue reading here: The High Cost of ERM Herd Mentality