...InTouch

 

  

       Issue 5    

 

Welcome

Just when you thought it was safe and that corporate governance was finally 'sinking in', several large multinational companies are now being investigated by US regulators.

How can this happen? What went wrong?  These are some of many questions that the directors and management of these organisatons must answer.  One thing is for sure, someone needs to look at the compliance framework these organisations are adopting because simply complying to Sarbanes-Oxley Act is not enough. 

Enjoy this issue of InTouch 

 

Tony Harb

Director, InConsult

 

Risk Management & Compliance Update

  • The ASX was considering new mandatory listing rules covering the way listed biotech companies communicate the results of sensitive clinical trials to investors.  Instead, it has decided to maintain a self-regulatory regime.

  • The South Australian Auditor-General has found that the Attorney-General's Department had falsified its financial statements by transferring almost $6 million of unspent funds to another account to avoid disclosure of the under spending of funds.

  •  A proposal to reform consumer product laws by introducing a "general safety provision" (GSP) will mean that businesses face expanded legal obligations to ensure their products are safe.  If introduced, it will require manufacturers and importers to identify foreseeable misuse of their products to regulators.

  • News Corporation has bowed to shareholder pressure and agreed to strengthen corporate governance provisions ahead of this month's vote on its proposed move to the US.  Areas covered include standards for determining the independence of  directors, disclosure of the systematic process for determining leadership succession and procedures to consider all reasonable shareholder proposals.

  • Two former auditors at dairy giant Parmalat  have been ordered to stand trial for false accounting and market rigging.

  • In a "limited" review of 90 audit engagements, the US  auditing regulator (PCAOB) found that all firms had made errors applying accounting standards.  It found "significant audit and accounting issues that were missed by the firms" and criticized audit documentation.  20 of the 90 companies had to restate their balance sheets.

  • Locally, ASIC has announced plans to audit the auditors as part of its enforcement of the new rules on independence arising from Clerp 9 corporate law reforms.


Financial Services Brief

  • AIG is currently undergoing four investigations by US regulators including its role in accounting fraud with a cell phone distributor and its role with Marsh & McLennan  for improperly steering business to insurers and rigging bids. 

  • New York Attorney General Eliot Spitzer has sued Marsh & McLennan and arrested two AIG executives in a fraud probe for improperly steering business to insurers and rigging bids.

  • Following its investigations into its reinsurance deals with FAI Insurance in 1998, APRA has disqualified the CEO, CFO, Underwriting Manager, Chief Underwriter and two offshore executives of  Australia's third-biggest reinsurer, General Re.

  •  As part of an 'aggressive' market share drive, AVIVA Australia plans to slash premiums on its risk insurance products by up to 22%...another indication of softening insurance premiums.

  • NAB will spend $15-$20 million in a brand advertising campaign as part of its "brand fight-back" strategy to restore confidence, brand and reputation after the recent risk management problems.

  • APRA's new executive general manager of the diversified institutions division has summed up his approach to protecting depositors, policyholders and superannuation members as being "hard but fair".  APRA will not simply accept assurances but will rigorously test tem.

  • Following 'discussions' with APRA, NAB is introducing new processes and a more conservative approach to the calculation of risk-weighted assets, and increasing its overdue loans provisions.  Consequently, NAB will need set aside more regulatory capital.

  • Following Citycorps 'regulatory problems'  in the US and Japan, APRA is now monitoring Citigroup in Australia.

  •  According to preliminary estimates from ISO’s property claim services unit., US insurers have suffered US$21.3bn in insured property loss claims from eight catastrophes in the third quarter this year and is the worst recorded quarter ever.  Hurricanes Charley, Frances, Ivan and Jeanne accounted for about US$20.5bn.

  • According to the JP Morgan/Deloitte 2004 General Insurance Industry Survey, there will be a deterioration in insurer profitability over the next few years due to lower premiums and higher claims.  Increased supervision and better management will reduce the risk of 'rogue' underwriting.

  • APRA is seeing substantial differences in the level and detail of information provided by each insurers Reinsurance Management Strategy (REMS) and has proposed that reinsurance assets not be allowed to be counted towards solvency unless it is fully documented.   Will the REMS be the topic of next years targeted review?  My advice to insurance executives is to start reviewing your REMS now.

   

More than a system 

It's a complete ERM framework

To unsubscribe to InTouch, Click Here.

InConsult Pty Ltd · L8, 37-49 Pitt Street · Sydney NSW 2000
Tel: (+612) 8272 9393 · Fax: (+612) 8272 9377
© 2004 All rights reserved

  

 

COSO Enterprise Risk Management Framework

Enterprise risk management (ERM) is a comprehensive and systematic approach for helping organizations to identify, measure, prioritise and respond to the risks challenging the initiatives they undertake.

The major benefit of ERM is to help organizations achieve their goals and avoid surprises.

The Committee of Sponsoring Organisations of the Treadway Commission (COSO) is a private sector group dedicated to improving financial management through effective risk management, internal control and corporate governance.  It launched a landmark initiative in 2001 to build a commonly agreed-upon framework for ERM and in September 2004 released its COSO ERM framework.

According to COSO, the framework is designed to:

·    Help management align risk appetite and strategy.

·    Make the risk appetite of the organization explicit and ensure alignment exists between the risks actually being taken and the level of risk the organization desires.

·    Ensure effective risk-response decisions are being made.

At the heart of COSO's ERM framework are 8 interrelated components.

1.       The Internal environment is the foundation of an organizations ERM as this influences how strategies and goals are set; activities are structured; and risks are identified, assessed, and acted upon.

2.       The enterprise's objectives are viewed from four perspectives that includes Strategic (high-level goals and mission), Operations (efficiency, performance and profitability),  Reporting (internal and external reporting) and Compliance (compliance with laws and regulations)

3.       Event Identification involves identifying events that may have a negative impact on risk and could effect organizational objectives.

4.       Risk assessment is the process that focuses on both the likelihood and impact of potential events and their effects on objectives.

5.       Risk response where management evaluates possible responses and their effects. Options are weighed in relation to both risk appetite and cost vs. benefit models. Managers must select a risk response that is within the parameters of risk tolerance.

6.       Control activities include policies and procedures that ensure risk responses are carried out efficiently.

7.       Information and communication is needed at all levels of an organization to identify, assess and respond to risk.

8.       Monitoring ensures that the components of enterprise risk management are applied at all levels.

COSO addresses the role of board of directors, senior management and other corporate officers in enterprise risk management.

The framework is being received with mixed reactions.  On one hand it lengthy and places too much emphasis on control. On the other hand, it is descriptive and focuses on ERM.

The bottom line is COSO is simply another framework  to help organizations develop an appropriate ERM framework .  Some organisations may benefit, other organisations may already have a better framework and COSO may add little value.

- InConsult 2004

----------------------------

Past Issues

Issue 1

Issue 2

Issue 3

Issue 4