board governance and emerging risks in the c21

Board Governance and

Emerging Risks in the C21

Friday 10th July 2015, Brussels

8:30 - Registration 9:00 - Welcoming speech by Roger Barker Adviser to ecoDa board, Director of Corporate Governance, Institute of Directors UK 9:10 - Keynote speech by Philippe De Backer, Member of the European Parliament

Panel 1 – The Risk Conversation at Board Level

9:20 - Moderator: Christopher Lajtha Independent Risk & insurance Management Resource, ADAGEO / RCN: -Charlie Kitson, Head of Client Engagement, AIG -Patrick Zurstrassen, Honorary Chair of ecoDa, Independent Board Member -Andrew Chambers, Chair, corporate governance & and company law at FEE; member, ACCA’s global corporate governance forum.

-Jonathan Blackhurst, Head of Risk Management, Capita plc -Anna Korbut, Executive Risk Manager, NefteTransService

10:45 – Coffee break

Board Governance and Emerging Risks in the C21

The Programme

Charlie Kitson - Head of Client Engagement, AIG

July 2015

Risk Conversation at Board Level

2

Why raising the profile of risk is

so important

Boards are increasingly waking up to risk; major challenges for today’s

c-suites are;

• Regulation

• Growing vulnerability

• Globalisation

• Technological changes including 24-7 media

This has thrown the spotlight on risk management which is a good thing for

companies and the “risk professionals”.

A recent AIRMIC survey showed that almost 70% believe that risk management

has become more important within their companies over the last three years.

3

Role of Risk Managers today

88m+ Clients we serve

1.7billion Shares sold by the US

government

$27.6billion Claims payments by

AIG Property Casualty

$68 billion Our 2014 revenue

64,000 AIG employees

WE ARE

ONE AIG

100% Government assistance repaid

• The Risk Manager position within companies is inconsistent.

- Identity of the risk manager in the organisation is not clear

- There is no standard reporting line or career path

- There are wide variations in the way the role is expressed within

companies. E.g. some risk managers are pure insurance buyers

whilst others manage all areas of risk for a company.

• Lack of clarity for Goals & Objectives

4

Number of times Risk Managers report

to Board



government




WE ARE

ONE AIG

The gap between the Risk Manager and the Board is closing all the time.

There is now a greater awareness of risk and willingness to take responsibility

for managing or mitigating it. Most Risk Managers report to the board regularly

on the risk landscape, either directly or via the Risk Officer.

FERMA 2014 Survey:

45%

18%

23%

9% 5%

Several times per year

Once a year

On a requested basis

No mechanism in place

Unknown

Number of formal Risk discussion with the board

Compared to last years results Risk Management interaction is up 7%

Reporting Lines - How often report to Top Management level

85% 78%

Risk ManagementFunctions

InsuranceManagement

5

Risk Managers need to identify trends

and new risks





WE ARE

ONE AIG


2015 Position in 2007

1 Damage to reputation/brand 1

2 Economic slowdown/slow recovery 8

3 Regulatory/legislative changes 6

4 Increasing competition 5

5 Failure to attract or retain top talent 7

6 Failure to innovate/meet customer needs New entry for 2015

7 Business interruption 2

8 Third-party liability 3

9 Computer crime / hacking / viruses / malicious codes (Cyber) New entry for 2015

10 Property damage 9

AON’s 2015 risk management survey compared to 2007:

6

Key Drivers at Board Level



government





WE ARE

ONE AIG


The UK Insurance Act makes buyers more responsible for their insurance

choices. They have to demonstrate the need for the products they purchased as

well as a robust methodology behind the purchase decision. (Or decision not to

purchase).

Investors want assurance that the company they’re investing is well managed.

Employees want to work for a “successful” company with a good public

reputation. Good risk management is part that.

Changes in attitudes to risk management are driving product uptake and design.

For example: The cyber insurance market has developed because if a company

has a breach / incident and does not have insurance in place to mitigate that risk,

they may be seen as negligent.

Legislation

Shareholders and Employees

Mitigation

7

Financial

Risks

Accidental

Risks

Strategic

Risks

Operative

Risks

Price

Fluctuations

Currency and

interest rate risks

Loss of Suppliers

Diversification/

Wrong strategy

Changes in

demand/demographic

Technological

risks

Increase in

competency

Legal compliance/

professional risks/ Employees

dishonesty

Low productivity

Failure to supply

Lost of key

employees

Security of

employees

Contamination

Damages to

third parties

Business Interruption

Material Damages

to assets

Transportation of cargo

Terrorism Risks

Construction Risks

The Risk

Products liability/

products recall

8

• Effective risk management is NOT just about

compliance

• Risk is at the heart of strategy and effective risk

management should be an enabler and a potential

differentiator

• Reputation is critical and reputation risk management

should be prioritised

• The tone is set at the top

Final Comments

9

Bring on tomorrow

Bring on tomorrow

The “Bring on tomorrow” tagline expresses AIG’s

tremendous tenacity and ambition, our optimism,

and our spirit of inventiveness.

For customers, consumers, and partners, it showcases

how we help them feel about the future:

Confident, Prepared, and Protected

Whilst every effort has been taken to ensure the accuracy of the information in these pages, we make no representation and/or warranty express or implied that

the financial information and/or information is correct, complete or up to date. The financial information and/or information is subject to change at any time

without notice. You should not take (or refrain from taking) any action in reliance on the financial information and or information and we will not be liable for any

loss or damage of any kind (including, without limitation, damage for loss of business or loss of profits) arising directly or indirectly as a result of such action or

any decision taken.

AIG is the marketing name for the worldwide property-casualty, life and retirement, and general insurance operations of American International Group, Inc.

Products and services are written or provided by subsidiaries or affiliates of American International Group, Inc. Not all products and services are available in

every jurisdiction, and insurance coverage is governed by actual policy language. Certain products and services may be provided by independent third parties.

Insurance products may be distributed through affiliated or unaffiliated entities. Certain property-casualty coverages may be provided by a surplus lines insurer.

Surplus lines insurers do not generally participate in state guaranty funds and insureds are therefore not protected by such funds.

AIG Europe Limited is authorised and regulated by the Financial Services Authority. Registered in England: Company Number 1486260. Registered Address:

The AIG Building, 58 Fenchurch Street, London EC3M 4AB. AI452168

THE EUROPEAN CONFEDERATION OF DIRECTORS ASSOCIATIONS - AVENUE DES ARTS 41 - BRUSSELS 1040 THE EUROPEAN CONFEDERATION OF DIRECTORS ASSOCIATIONS - AVENUE DES ARTS 41 - BRUSSELS 1040

RISK MANAGEMENT

IN BOARD AGENDA

Patrick Zurstrassen

ecoDa honorary chairman

FERMA / ecoDa / AIG Cercle de Lorraine Brussels 10 July 2015


INTRODUCTION • Personal experience • Philosophy of presentation


• OECD [2004] definition of board responsibility: The corporate governance framework should ensure

- the strategic guidance of the company,

- the effective monitoring of management by the board and

- the board’s accountability and loyalty to the company and the shareholders.

Plus statutory duties such as review and proposal of approval of B/S and accounts and

publication of legal accounts/annual reports.

• No explicit mention of Risks, Risk management, ERM or other risk matters because:

- Risk and rewards [profits] are the two sides of the same economic judgment coin.

Both dimensions are ever-present in all management and board discussions.

- Through regulatory efforts, special moments, debates, decisions, policies, statements and communications

are particularly dedicated to risk matters apart of other matters.

- A whole biosphere of risk aggregates and indicators has emerged. They are mostly generated by risk

professionals. Their ultimate expressions are aiming to the full board.

Are Boards formally in charge of Risk Management?


When are Corporate Bodies dealing with Risk Matters?

• AGM

• Board of Directors [Supervisory Board] + Board specialized committees

• Management Committee

+ Specialized committees

• Business and functional lines

• Risk management

• Annual

• [Monthly] Quarterly

• Weekly

• Daily

• Permanent


A typical agenda of a corporate elementary unit:

an investment/mutual fund board. Permanent items of the agenda • Performance report • Risk report • Sales, marketing and products report • Compliance report • Finance • Legal Periodic items of the agenda • Internal audit report • Audit report • Regulatory review • Annual budget • Approval of accounts / annual report / risk statement • Board performance evaluation • Corporate strategy

• Market risks • Liquidity risks • Credit risks • Duration risk • Etc

• TE tracking error • VAR • Risk category • KRI • Etc

• For individual fund • For classes of assets


A fuller picture should also include

Permanent items of the agenda • Performance report • Risk report • Sales, marketing and products report • Compliance report • Finance • Legal Periodic items of the agenda • Internal audit report • Audit report • Regulatory review • Annual budget • Approval of accounts / annual report / risk statement • Board performance evaluation • Corporate strategy

• Market risks • Liquidity risks • Credit risks • Duration risk • Etc

• TE tracking error • VAR • Risk category • KRI • Etc

• For individual fund • For classes of assets

• Directors education • Liabilities of

directors • Conflict of interest • AML / KYC • Risk management

tools and techniques

• Crisis management • Counterparty • Regional market • Currency • Global market

• M&A & restructuring

Fédération des Experts-comptables Européens

Federation of European Accountants

www.fee.be

Connect with European Professional Accountants @FEE_Brussels

Board Governance and

Emerging Risks in the C21

The Risk Conversation at Board Level

Andrew Chambers, Chair of FEE Corporate Governance

and Company Law WP; Member of ACCA Global

Corporate Governance Forum

1


FEE and audit committees

2


Donald Rumsfeld

‘There are known knowns. These are things we know that

we know. There are known unknowns. That is to say, there

are things that we know we don’t know. But there are also

unknown unknowns. There are things we don’t know we

don’t know.’

Internal auditors might add:

‘And there are things we [as internal auditors] know that we

don’t want to know.’

Donald Rumsfeld was the youngest US Secretary of Defense from 1975 to 1977 under President

Gerald Ford, and then the oldest Secretary of Defense from 2001 to 2006 under President

George W Bush

3


Risk oversight – need for cooperation I

Risk oversight must be a continuous process to be

effective.

Should audit committees deal with:

• The known risks?

• The risk management process?

Risks linked to: company’s strategy, business and industry

Objective: ensure that such risks are appropriately

considered and addressed by management and in the audit

plan.

4


Risk oversight – Need for cooperation II

Risk management involves “unknown risks” as

well.

Risk committees can focus on the identification

of “unknown risks”: prospective risk

management

It is crucial to distinct roles between audit and

risk committees and to foster effective

communication.

5


Risk oversight – Need for regular communication

Clear overview of the company’s risk and

control framework.

Meeting on a regular basis with management,

internal audit and external audit to understand

the risks faced by the company.

Input from external parties such as institutional

investors and analysts.

6

The Risk Conversation at Board Level

Jonathan Blackhurst, FIRM

2

Risk Intelligent Conversation

FYI

Weak leverage for

business benefit

Does it add up?

Exception

reporting

Too format

focused

Appetite Decision

making

Balanced bottom

up/top down

Transparency

Connected

conversations

Vocabulary

Pressure gauge

reading

Risk

Aware

Risk

Intelligent

3

Risk Intelligent

Conversation

Facts.

Straightforward.

Structured.

Accountable

attendees.

Save the forests.

Guaranteed

credibility.

Business aligned,

but agile.

Strict

organisation and

chairmanship.

Clear escalation

and clear feedback.

Context, not

background.

“Are we there yet?”

4

?

Questions

1 1

conversation about risk at board level

Anna Korbut

2

• Starting thinking point is FERMA is 7th biennal Risk Management Benchmarking Survey 2014:

– The most important risks for European organizations in 2014 are Political (significantly increased VS 2012) as well as Reputation (increased VS 2012), Competition, Regulation and Legislation

At the same time - Assessed with a low level of mitigation: Political, Competition and Economic condition

Out of the nine risks in the “improvement zone” (high risks with a low level of mitigation), five are strategic/external risks – all the issues to be addressed at the very top level

– 48% of Risk managers FORMALLY present Risk Management activities to the Board/ Top Management several times a year – is “formal presentation” of activities can really be considered as a Dialogue by parties?

– There are number of risk-related reporters that Board could have vis-à-vis for a risk dialogue - at least 6 possible organization for risk functions where 40% RM & IM together separated from IA and IC – they all may operate different risk language and terminology! are Board members flexible enough to navigate themselves through (some times) complex and not necessarily consistent reporting?

• Risk/Insurance Managers’ short-term strikes are converging towards the enhancement of their role into a strategic dialogue and becoming a business-partner

What are the drivers for the Dialogue? (1/2)

3

• In the joint ECIIA/FERMA Guidance* for Boards and Audit & Risk Committees it is highlighted that:

– EU regulatory focus is towards a greater transparency on financial and non-financial reporting

Should Audit Committees’ mandate be significantly expanded to integrate new reporting innovations – to go far beyond “control” agenda?

Or is there a need for a new body?

Does it matter of how many board members a qualified, i.e. possess comprehensive knowledge in risk management?

– The need to create a separate Risk Committee may arise from the following:

• Relevant regulator(s) requirements

• Alignment between risk management and strategy

• The need for more detailed oversight of RM structure

• The complexity of the major/critical risks to be assessed

– In the financial sector, there is an increasing requirement for a risk committee created alongside with Audit Committee. The role and responsibility of each committee must be well defined in order to avoid overlap and ensure that the coverage of risks is comprehensive.

Is this a dimension for future development of corporate governance for non-financial sector?

What are the drivers for the Dialogue? (2/2)

*Audit and Risk Committees News from

EU Legislation and Best Practices

4

• There should be a place for a dialogue

Risk Committee / Audit & Risk Committee / Audit Committee AND Risk Committee / Strategy Committee

Roles of a risk committee: Dispose reporting (formal) / Discuss and develop decisions (workshop)

• There should be a language for a dialogue

Comprehensive knowledge and competence yet supported by constant best practice and developments sharing from the Leaders in Risk Management

• There should be participants in a dialogue

There should be less formal even “rotating” composition of a risk committee – depending on the topics or issues to be discussed as well as on specific expertise to be involved.

• There should be an objective / purpose for a dialogue

There are no right and wrong ERM systems, there are efficient and suitable for particular company’s needs evolving with the emerging challenges. Who is in reality setting requirements and develop ERM design? Is such design to be born from a Dialogue between Board (key RM user) and Risk Manager?

What is Risk Dialogue about?

5

• Develop at a European level better knowledge on the role of risk management bodies at a Board level – Risk Committees, Audit & Risk Committees

• Develop the pole of expertise and continuous professional development in managing risks strategically integrating our partners - risk stakeholders.

On the basis of Certification – we are the Risk Leaders

• Promote Risk Management at Board level with regular and consistent direct Board access and communication

What is the plan?

11:00 - Keynote speech- Marc Pickeur, Member of the International Auditing and Assurance Standards Board (IAASB

Panel 2 – The Impact of Emerging and Future Risks

11:10 - Moderator: Roger Barker, Adviser to ecoDa board, Director of Corporate Governance, Institute of Directors UK - Carin Gorter, Member of the Supervisory Board of ING (and of several insurance companies), - Marie Gemma Dequae, FERMA Scientific Adviser, former Group risk & insurance manager (Bekaert), - Adriana Cavaliere, Entreprise Risk Manager at SWIFT in Belgium - Ornella Di Iorio, Research Manager, EUROSIF - Vigeo 12:30 - Closing speech by Emmanuel Brulé, Chief Risk Officer, AIG 12:45 – 14:00 - Working lunch


IAASB Update

Marc Pickeur


A Joint Event with ecoDa, FERMA and AIG

Brussels, Belgium

July 10, 2015

• Key Projects Finalized: Clarified ISAs, Auditor Reporting,

Revisions of Other Assurance and Related Services

standards

• Special Support Efforts for Implementation of new and

revised Auditor Reporting standards

• New Strategy and Work Plan with a number of new and

challenging projects

• Looking for feedback on key questions

– What is it that we have to address?

– What kind of development process?

– What forms of interactions with stakeholder groups?

– What kind of outputs?

Times Are Changing for the IAASB

New and Revised Auditor Reporting Standards

Key Features A

ud

ito

r R

ep

ort

Audit Opinion – Required to be presented first

Key Audit Matters – Required for listed entities

Going Concern – Additional focus

Other Information – New section

Responsibilities – In the audit; Independence and ethical obligations; Engagement partner (listed entities)

Overarching Standard for Auditor Reporting – ISA 700 (Revised)

Revisions to ISAs 260 and 706 as a result of ISA 701, and related

conforming amendments to ISAs 210, 220, 230, 510, 540, 600, 710

Modifications

to auditor’s

opinions

ISA 705

(Revised)

New Key

Audit Matters

section ISA 701

Enhanced

auditor

reporting

related to going

concern

ISA 570

(Revised)

The New and Revised Auditor Reporting Standards

New auditor

reporting on

other

Information

ISA 720

(Revised)

Expected Benefits of the New Auditor’s Report

• Enhanced communicative value to users

• More robust interactions and communication among

users, auditors and those charged with governance

(TCWG)

• Increased attention by management and TCWG to the

disclosures referred to in the KAM section of the

auditor’s report

• Increased professional skepticism in areas where KAM

are identified

• Increased audit quality or users’ perception of audit

quality

What Are KAM?

KAM are defined as those matters that,

in the auditor’s professional

judgment, were of most significance

in the audit of the financial statements of

the current period

KAM are selected from matters

communicated with TCWG

Are KAM Always Communicated in the Auditor’s Report?

• Auditor is required to include each KAM unless – Law or regulation precludes disclosure

– In extremely rare circumstances, the auditor determines that the matter

should not be communicated

Adverse consequences of communicating the KAM would reasonably be

expected to outweigh the public interest benefits of such communication

• KAM is prohibited for a disclaimer of opinion, but required for

a qualified or adverse opinion

• In certain limited circumstances, there may be no KAM to be

communicated

Decision-Making Framework for Determining KAM

Matters that were communicated with those

charged with governance

Matters that required significant auditor attention

Matters of most significance

in the audit

Key Audit

Matters

Initial Step in Determining KAM

The auditor will always consider

• Areas of higher assessed risks of material misstatements or significant risks (i.e., risks requiring special audit consideration)

• Significant auditor judgments relating to areas of significant management judgment (e.g., complex accounting estimates)

• Effect on the audit of significant events or transactions

Matters that were communicated with TCWG


Determination of Matters of Most Significance in the

Audit – KAM

• KAM is determined by the auditor’s consideration of the

– Nature and extent of communication with TCWG

– Importance to intended users’ understanding of the f/s

– Nature and extent of audit effort needed to address

– Nature of the underlying accounting policy, its complexity or subjectivity

– Nature and materiality, quantitatively or qualitatively, of corrected and

accumulated uncorrected misstatements due to fraud or error (if any)

– Severity of any control deficiencies identified relevant to the matter (if any)

– Nature and severity of difficulties in applying audit procedures, evaluating the

results of those procedures, and obtaining relevant and reliable evidence


Matters of most significance in the audit

KAM – Delivering Entity-Specific Information to Users

Consistency and

Comparability

Relevance and

Usefulness

• IAASB-supported “roll-out plan” with objectives of

– Promoting awareness

– Informing and educating users

– Learning about experiences of those responsible for adopting and

implementing the standards

– Preparing for post-implementation review

• Planned activities

– Outreach and other communications

– Auditor Reporting Toolkit

New and Revised Auditor Reporting

Standards Implementation Support

New and revised Auditor Reporting standards are effective for

periods ending on or after December 15, 2016

New Webpage www.iaasb.org/auditor-

reporting with easy access to new and

revised standards and other resources • Auditor Reporting Fact Sheet

• Auditor Reporting “At a Glance”

• Basis for Conclusions

• Publications on GC and KAM

• Illustrative KAM examples

• Plans for webcasts, podcasts and other

potential publications

Resources – Auditor Reporting Toolkit

• Information gathering activities already underway on three

priority topics – Quality control (ISA 220 and ISQC 1)

– Group audits (ISA 600)

– Special audit considerations relevant to financial institutions

(including ISA 540 in particular)

• Professional skepticism

• March 2015 IAASB discussions highlighted interactions

between the four projects above – Common themes (e.g., sufficient appropriate audit evidence;

professional skepticism)

– Crossover issues (e.g., direction, supervision and review of audits;

audit delivery models)

IAASB Work Plan for 2015–2016 – Enhancing

Audit Quality

www.iaasb.org

http://www.ifac.org/

Emerging risk Compliance

A boardroom perspective

Carin Gorter

July 10th 2015

Contents session

External developments

Board oversight topics regarding risks

Compliance moved into the boardroom

Challenges for the future

2

1.

2.

3.

4.

1. Perspective of NED/SB on compliance

External developments/ forces on the strategy and business model

• New rules and regulations

• Development of technology on compliance and vice versa

• New entrants

• Client expectations

• Communication and social media impact

• Developments in society at large

3

Essential is to be interested and invest substantive time in these developments

4

Time spend on future; testing assumptions

underlying strategy

Process on critical risks

Good risk info

Risk appetite

Cro/cco

Tone at the top


Board oversight topics

3.Perspective of NED/SB on compliance

Compliance has moved into the boardroom

- to be tested by regulators

5

Behaviour: Leading by example

Culture: A culture of ensuring integrity inside and outside the boardroom

Structure: Having a CCO reporting into the risk/audit committee

Process: Ensuring existence of an effective and healthy compliance program

1.

2.

3.

4. Good compliance supports sustainable earnings

But non compliance is extremely painful, expensive and time consuming


6

Risk committee

• Key risks and heatmaps, risk levels per business unit ( trends)

• NFR update report

• Internal events report

• Root cause analysis and improvement

• Update on new regulations/laws etc

The NED/SB should take an active interest in compliance

• Compliance program: an holistic review

• Risk

• Compliance culture (cultural/ethical surveys)

• Policies and written standards

• Training and communication

• Reporting and follow up, use of data analytics

• Auditing and monitoring (internal/external reports)

• Monitoring and evaluation public scrutiny (social media etc)

• And the NED’s role

Be curious and interested : never shoot the messenger

4. Challenges for the future

7

Internal

• Monitor assumptions strategy

• Knowing and monitoring risk

• Corruption risk

• Big data analytics

• Privacy

• Keeping the compliance profession attractive

External

• “Game changing” risk

• Identification regulatory life cycle

• Growth and complexity of laws

• Increase in reg. reporting and data requirements

• Multiple agencies/regulators with changing mandates

Invest in understanding your clients, shareholders, employees, regulators and society at large

Conclusion

8

Good compliance supports sustainable earnings

It is in your hands!

10.7.2015 ©MGD2015 1

Board Governance and Emerging

Risks in the C21

Panel 2 – The impact of Emerging and Future Risks

Marie Gemma Dequae

Brussels 10.7.2015

10.7.2015 ©MGD2015 3

Emerging risks:

Risks associated with: – New technologies

– Complex interconnected systems,

– New contextual conditions

Are generally unanticipated

Not widely understood

No convincing plan of action for mitigation

ask for a different kind of governance

10.7.2015 ©MGD2015 4

Cyber risk

• Due to ever changing variety and consequences

(severity) of cyber risk

• Cyber crime continues to rise as hackers are

performing better than security experts

(Symantec & Verizon);

• Need for adaptive Cybersecurity and new tools

is permanently growing

• Cyber security at third party service providers?

Kaspersky Finds New

Nation-State Attack—

In Its Own Network

10.7.2015 ©MGD2015 5

Supply Chain risk

• Increasing risk due to: – Globalisation, JIT, lean supply chains

– Changing regulatory landscape

– Increasing outsourcing

– Climate change (incl natural catastrophes)

– Increased population and migration

– Dependency on information technology

– others

• Move from being reactionary to be proactive and resilient

• Important to – Incorporate risk effects in strategic planning

– Improve level of disclosure about exposures

Climate Change to Worsen Nat

Cat Impact on Creditworthiness:

S&P Report

10.7.2015 ©MGD2015 6

Emergency risk governance: at the intersection of various disciplines and frameworks

a dynamic process of regularly revising the undertaking’s portfolio of risks and opportunities (‘risk profile’):

• After an accident

• After a change in the undertaking’s internal or external environment

• Forward-looking exercise

• In case of merger, acquisition or divestment

• When entering a new market or a new product

• ….

Adapted from IRGC

Risk

governanceIT

management

Supply

Chain

management

Innovation

managementFutures

studies

Decision

making

under deep

uncertaintyStrategy

implementation

Dynamic

capabilities

Emerging

Risk

governance

10.7.2015 ©MGD2015 7

3 Risk Identification

Risk Evaluation

Risk Mitigation

Risk Transfer

1

2

3

Monitor, review and

update strategy with

business managers

+

Reporting to board

4

5

Regular screening internal & external

environment important

(Emergency) risk manager focusing on early warnings (internal and external, short and long term)

A good risk management committee: Members:

• senior decision-makers (CEO, CFO, …)

• invited experts and analysts

important: • diversity of information, data reliability and consistency

• Compatibility with existing and past or familiar threats

• Develop scenarios and stimulate creativity

• propose strategy to excom/board

10.7.2015 ©MGD2015 8

“Change Is The Law of Life, and Those Who Look

Only to the Past or Present Are Certain to Miss The

Future”…….

John F. Kennedy

Many thanks for your attention!

[email protected]

1 1

The Changing Global Risks Landscape

The World Economic Forum’s view on Global Risks 2015 and How to manage

these risks

Adriana Cavaliere, Entreprise Risk Manager, SWIFT

BELRIM Board Member

2

Global Risks Report 2015

The World Economic Forum

• Global Risks Report 2015 issued by the World Economic Form

– Reflects the evolving Global Risks Landscape

– Considers risks to watch in short and medium term

– Shows the evolution of a set of risks in five areas over a ten year time frame – Economics, Geopolitics, Environment, Society, Technology.

– Intends to raise awareness about the need for a multi-stakeholder approach

• Global Risks as defined by the World Economic Forum

– “ A global risk is a uncertain event or condition that, if it occurs, can cause significant negative impact for several countries or industries within the next 10 years”

Source: Global Risks Report 2015, World Economic Forum

3

The Evolving Risks Landscape

• The Global Risks 2015 report shows an important shift in risk perception

– Geopolitical Risks are featuring prominently compared to previous editions

– Social fragility gets stronger focus bringing Societal Risk at or near the top

– Concerns about Technological Risks continue to rise

– Economic Risks feature only marginally at the top however not yet out of the spotlight

• The overall shift in the global risk ranking puts forward that 2015 differs markedly from the past – with geopolitics featuring. Corporate leaders need to understand the nature and implications of these shifts for their business and take actions which help

– mitigate potential damage

– capitalize on potential new opportunities


4

Geopolitical Risks – a major concern

• Geopolitical Risks are heading the list of Global Risks of Highest Concern for the next 18 Months and 10 Years. The report emphasizes that respondents are even more concerned about Geopolitical Risks in the short term than in the long term.

• Major concerns

– Interstate conflicts – growing nationalism around the world, rise in national sentiment due to a disillusion about globalization, strategic competition among global powers raise the possibility of more frequent and impactful conflicts with regional consequences

– State collapse – internal violence, regional or global instability, military coup, civil conflict, failed states can trigger a state collapse of geopolitical importance which can serve as a catalyst to terrorist networks

– Failure of national governance – inability to efficiently govern as a result of corruption, organized crime, illicit trade, the presence of impunity and general weak rule of law


5

Geopolitics and Economics

• The Global Risks Report also highlights some global risks arising from the Interplay between Geopolitics and Economics – the so called Geo-economics

– Protectionism – reversion to protectionism under the guise of policies to reduce risks when confronted with political and economic volatility at home

– Economic sanctions – economic sanctions as punitive geo-economic measure which could lead to economic effects as slow growth, unemployment and fiscal pressures

Together, the rise in protectionism, the increasing prevalence of sanctions and slowdown in globalization, could lead to a scenario of slower growth in advanced and emerging countries

• Seen the growing importance of Geo-economics, the World Economic Forum will develop a clearer understanding of the interaction between Geopolitics and Economics, the main geo-economic issues and its implications by launching a global discussion linking leaders from the worlds of politics, economics and business.


6

Responding to the changing Risk Landscape

Responding to the changing Risk Landscape is a challenging task. As to mitigate and build resilience against Geopolitical Risk and Global Risks in general, companies need to well understand these changing risks and translate them into company-own risks based on good communication – top down and bottom up – along with a multi-stakeholder approach.

A possible approach:

– Recurring Scenario Analysis with Board and Management involvement based on the World Economic Forum’s yearly Global Risks Report

• The yearly Global Risks Report is consulted as to distill a list of relevant risks per Risk Area

• The Board Risk Committee reviews the list of relevant Risk Areas and priorities are set

• Considering a multi-stakeholder consultation, the CRO Office defines company-specific Risk Scenarios and determines the potential impact, evaluates the controls in place and determines whether additional controls are needed

• The final outcome is reviewed with the Board Risk Committee and the Executive Committee

7

Scenario Analysis Process

8

Thank you

1.

PAYING THE PENALTY:

THE MATERIALITY OF CSR RISKS

2. WHO WE ARE

120 analysts and experts

International presence

Independence and Transparency :

More than 300 action principles under review, based on universally opposable

standards and guidelines (UN, ILO, OECD, Global Compact…)

A diversified shareholder structure + 5 independent administrators

An independent Scientific Committee

A strict separation between our 2 activities

3000+ issuers rated worldwide

150 investor and asset manager clients

and partners in >25 countries

A robust and ARISTA certified

methodology

Leading Sustainability Rating Agency

Sustainability consulting services for

companies, local authorities,

governmental and non-governmental

organizations

500+ diagnosis and support missions

conducted in 37 countries since 2002

Corporate Sustainability Expert

3. VIGEO’S PHILOSOPHY

A company integrating ESG factors into its business model and relatively

outperforming its peers is better positioned to mitigate risks and create

sustainable value for shareholders over the medium to long-term.

Accounting for the

rights, interests &

expectations of

stakeholders

Mitigating risks &

building competitive

advantage

Our Mission Statement

We assess the degree to which companies take into account ESG objectives,

which constitute risk and opportunity factors for them, in the definition and

implementation of their strategy and policies.

4. CSR MATERIAL LEGAL RISKS

Hypothesis of the study “Paying the Penalty: the costs of CSR misconduct”:

companies’ mismanagement of CSR responsibilities generates material legal risks.

Questions:

What is the materiality of CSR legal

risks?

Which sectors are most exposed to CSR

material legal risks in terms of

frequency and costs?

Is there a CSR issue that is more

exposed to material legal risks in terms

of frequency and costs?

Are there regions in which CSR material

legal risks occur more frequently?

Key Findings:

Total sanctions in 2012-2013: Eur 95.5 billions,

highest individual sanction: USD 13 billions.

Waste & Water Utilities and Automobiles have the

highest proportion of sanctioned companies.

Banks, Pharmaceuticals and Energy companies

paid the highest sanctions.

Business Behaviour issues are the ones on which

sanctions were more frequent, and more expensive

(8 out of the 10 highest sanctions).

Almost 50% of the condemnations took place in the

United States and 25.5% in European countries.

5.

Scope of the study:

• 2,522 companies

rated in 2012-2013

• 484 sanctioned

companies (19.2% )

• 1,015 legal

sanctions

registered

CSR MATERIAL LEGAL RISKS: IN WHICH COUNTRIES AND

SECTORS?

USA:

Cultural framework

(Shareholders’

activism)

Legislation (Class

Actions lawsuits)

Waste and Water Utilities, Automobiles:

Sensitive activity/product

High impact on stakeholders:

environment and health of communities

Strong scrutiny by authorities

stringent legal frameworks

Strong scrutiny by clients easy

recourse to justice

6. CSR MATERIAL LEGAL RISKS: ON WHICH CSR ISSUE?

Business Behaviour:

Stringent national and international legal framework

Activity of vigilance of judicial authorities

Activism of customers as stakeholders

Business Behaviour:

55% of the total sanctions

Globally and individually the

most expensive ones

63% of the total costs of

sanctions

80% of the most expensive

sanctions

Business Behaviour includes the

respect of customers’ rights,

prevention of corruption and anti-

competitive practices.

7. CONCLUSIONS AND GOVERNANCE PERSPECTIVES

Strong links demonstrated between CSR management and material legal risks for companies

Key drivers of this legal risk include:

Sector of activity

Stakeholders’ reactivity (including the legal context)

The integration of Corporate Social Responsibility in the company’s strategy is essential to

prevent legal risks and enhance judicial security as a key intangible asset for the company.

Perspectives : CSR issues should be integrated in a company at its highest level in order to

better prevent the occurrence of material legal risks:

Integration of CSR issues at the Board of Directors level (review of CSR issues during Board

meetings)

Integration of CSR issues within the audit and internal control systems (identification of CSR

risk factors by the internal control system, review of CSR risks by the Audit Committee at

Board level and external certification of the CSR reporting)

CSR performance indicators integrated into executive remuneration practices.

8.

DOCUMENT CONFIDENTIEL

Ornella Di Iorio

Research Manager

Vigeo Rating

[email protected]

Thanks for your attention!

mailto:[email protected]

mailto:[email protected]

Closing speech by

Emmanuel Brulé, Chief

Risk Officer, AIG Friday 10th July 2015, Brussels

Thank you for your

participation!

Friday 10th July 2015, Brussels