It is important to note that this framework, as all others, has limitations in its use. The intended purpose for this framework is to help large corporate organizations with their risk management process and portfolio management. The framework is robust enough to handle both insurance risk and noninsurance risk. It is best used within an established enterprise risk management discipline.

The following is a brief description of the benefits of an ERM strategy and how our framework fits within those benefits, which is important for understanding the full potential of its use. We have referenced James Lam's (2003) benefits, as they are excellent.

The four benefits to risk management as defined by James Lam[1] are:

1. Managing risk is management's job.

2. Managing risk can reduce earnings volatility.

3. Managing risk can maximize shareholders' value.

4. Risk management promotes job and financial security.

In item 1, Lam indicates that management has access to critical information about the business and therefore has a duty to use it to manage risk. We agree wholeheartedly with his assessment, and our process is intended to improve senior leaders' understanding of risk and give them more transparency in managing costs.

In item 2, Lam indicates that top-tier companies better manage their earnings volatility through risk management activities. Too often firms do not consider risk management or relegate it to small, back-room activities. This often overlooks the value that can be had by minimizing volatility on major risks to the organization.

By taking a more in-depth look at the portfolio of risk through the efficient frontier and making more data-driven decisions, volatility can be reduced.

In item 3, Lam indicates that firms can increase their shareholders' values by 20 to 30 percent or more by identifying opportunities for risk management and business optimization through a risk-based program.[2] This goes beyond just managing volatility and extends to a better-performing business model with more accurate information spread across the organization. Using risk-based measures is a critical element of any risk measurement department. Components like the efficient frontier require wide distribution and use; otherwise they are not getting the full attention they deserve.

For the real company this framework was modeled after, the efficient frontier was sent directly to the business leaders and they became owners of the risks for their particular areas of influence. They had to learn the language of risk and through a diverse corporate program are now using the risk assessments as part of their daily routines, leading to a better understanding of risk for the business leaders and more accurate information for the risk management team.

When implementing this framework at different companies, we often hear something to the effect of "What's in it for me?," which really gets down to job and financial security for individuals, as noted in item 4. A truly robust framework should allow for better risk taking, as the guidelines have been set and approved by management. With a data-first strategy there should be less concern over losing your job, as long as the risk is within the tolerances set by management. Thus, when a calculated risk does happen, the organization is ready to respond. All too often, the opposite is true and a surprise event leads to the ouster of a senior leader. We believe that our framework will help provide senior leaders with the information they need to take calculated risks and therefore preserve their livelihoods, regardless of their golden parachutes.

It is inherently assumed that the lines of insurance or risk transfer can be modeled appropriately. This is certainly not an insignificant assumption, as data limitations, information asymmetry, internal disputes, and plain modeling foibles can easily derail the best intentions of the framework.

To combat these issues, it is always important to stress test any model, backtest the model if possible, involve different business leaders to vet the results of the model, and use independent experts to question and test the assumptions in the model. Any model is only as good as its creators, so it is advised to hire the best and then "trust but verify."

  • [1] James Lam, "Enterprise Risk Management from Controls to Incentives," 6-9.
  • [2] Ibid., 8.
< Prev   CONTENTS   Next >