Professional Documents
Culture Documents
RISK MANAGEMENT
19 RM Solutions: Spreadsheets vs systems
Frédérick Danton
26 Recording mobile conversations
risk management
LONG TERM
3 Editor's Note
16 Retirement reform: Uncertain seas ahead 38 Market news
25 - 28 July 2010
Sun City
Gold sponsor: Silver sponsor:
ENTERPRISE
Anticipating ash clouds
CEOs, CFOs and other executives, fears. Headlines about land reforms and na-
PUBLISHER Elizabeth Shorten
EDITOR Debbie Besseling
chief risk officers and risk managers, as well tionalisation have caused wide-spread jitters.
as directors and officers need to be at the Government’s focus on consumer protection ASSISTANT EDITOR Monique Terrazas
top of their game at all times to anticipate and reform poses significant risks to every CREATIVE DIRECTOR Frédérick Danton
and manage, rather than merely react to, the company and every industry. And given this CONTRIBUTORS Johann Maree, Vanessa Payne, Terry
growing number of unexpected and unfore- focus on consumer protection, the recall of
Booysen, Heinrich Degener, Rowan Burger, Avi Eyal, Ansophie
seen risks that seem to be the defining char- millions of vehicles across the globe by well-
acteristic of today’s world. established vehicle manufacturers such as Strydom, Brad Beira, Wouter Scholtz, Kgabo Badimo, Mike
The global impact of the eruption of the Ey- Toyota, Honda, Nissan and General Motors, Durek, Patrick Bracher, Joel Wolpert, Martin Whitcher
jafjallajokull volcano in Iceland, and the re- will place the manufacturing industry under CHIEF SUB-EDITOR Milton Webber
sulting ash cloud over Europe which led to a scrutiny. Unfortunately, there is less govern-
MARKETING MANAGER Jackie Slavin
six-day flight ban, has again highlighted the ment attention on the issue of security, which
reality that it is not possible to plan for every is remains a major and growing risk. Just a PRODUCTION MANAGER Felicity Moon
eventuality. This makes proactive risk man- few weeks ago, a South African cameraman PRODUCTION ASSISTANT Constance de Sousa
agement and well-designed business continu- en route to cover soccer matches in Nigeria FINANCIAL MANAGER Andrew Lobban (ACIS, FCIBM)
ity plans, incorporating comprehensive insur- was kidnapped, followed by the kidnapping
ADMINISTRATION Tonya Hebenton
ance cover, an absolute imperative in today’s of a Zimbabwean businessman in Sandton.
dynamic globalised economy. In this edition of Enterprise Risk, we touch SUBSCRIPTION SALES Cindy Cloete
on all these many diverse developments and DISTRIBUTION COORDINATOR Asha Pursotham
THE GROWING NUMBER bring you the insights and opinions of some PRINTERS United Litho Johannesburg
of the leading experts in the respective indus-
OF UNEXPECTED AND try sectors. We also look at some remarkable
risk management solutions available to risk ADVERTISING SALES
UNFORESEEN RISKS SEEM TO BE
managers as they face a mammoth task of Stacey Glad Tel: +27 (0)11 233 2643
THE DEFINING CHARACTERISTIC identifying and managing the complex, in- Cell: +27 (0)83 567 0073
OF TODAY ’S WORLD terlinked and growing number of risks in the Fax: +27 (0)11 234 7274/5
modern business world, often with shrinking E-mail: stacey@3smedia.co.za
The volcano has not shown any sign of budgets.
activity in 300 years, but the magnitude of As the CQS team points out in our Hot Seat ANNUAL SUBSCRIPTION: R300.00
its impact on industries around the world can feature, simply knowing where to start when cindy@3smedia.co.za
only be described as a global crisis. Accord- identifying the most critical risks among so ISSN 1993-8217
ing to the International Air Transport Asso- many possibilities and potentialities is half © Copyright. All rights reserved.
ciation (IATA), the grounding of European the battle won. The other half can be man-
flights cost airlines $1.7 billion (R12.6 billion) aged surprisingly easily with the right cus- All articles in Enterprise Risk are copyright protected and may not
in lost sales alone. But it is not only the air- tomisable systems, and a risk management be reproduced either in whole or in part without the prior written
line industry that has been affected. Losses partner that understands your business. permission of the publisher. The views of contributors do not
have been incurred by businesses around the necessarily reflect those of Enterprise Risk or the publisher.
globe, most notably those involved in perish-
able exports.
While air travel has resumed, the full im-
pact of the crisis will only unfold over the PUBLISHER MEDIA 4, 5th Avenue, Rivonia, 2191
next few weeks, as businesses across the • PO Box 92026, Norwood 2117 Tel: +27 (0)11 233 2600
globe recover and count the costs. Don’t miss
• Fax: +27 (0)11 234 7274/5
the June edition of Enterprise Risk in which
we will take an in-depth look at the business, E-mail: debbie@3smedia.co.za www.3smedia.co.za
risk management and insurance implications
of the ash cloud disruption.
Even in the midst of a global crisis such as STRATEGIC PARTNER
CGF
RESEARCH INSTITUTE
(PTY) LTD
this, risk managers need to keep their eye on
a myriad of other potential risks.
Local political tensions have grown sig-
nificantly as the ANC Youth League leader
continues to create media sensation, and the
murder of Eugene Terre’blanche stirs up old Editor
3
HOT SEAT ENTERPRISE RISK May 10
CQS TECHNOLOGY
4
ENTERPRISE RISK May 10
HOT SEAT
accelerator
possible risks and the potential controls as- seems to be a peculiar adversarial relation- than spreadsheets that are neat and colour-
sociated with these risks, the risk manage- ship between the internal audit and risk coded, but do not reflect the complex and
ment strategy is 75% complete, and what management functions. “In the US and Aus- dynamic nature of risk management in to-
remains is refining and monitoring the on- tralasia, there is a much closer working re- day’s world.
going risk management efforts. In essence lationship between these functions, which
then, CQS offers more than a software sys- actually depend on each other to achieve TECHNOLOGY AS AN ENABLER
tem, it provides a solution to the most com- success. Internal audit should take its lead While technology is undoubtedly an ena-
mon obstacles to implementing risk manage- from risk management in terms of which bler in business, it is often paradoxically
ment, as well as the ability to monitor risk risks are most crucial, since there is no point perceived as a barrier. This is mainly due to
management efforts across diverse depart- in auditing the management of risks that are people’s fear of the unknown and their re-
ments and divisions, in the simplest and most non-critical or irrelevant to the business. sistance to change – even to a more efficient
efficient way. This realisation is driving the new concept of and beneficial new software system.
risk-based internal auditing. The CQS solution was to use familiar tech-
THE UPSIDE OF RISK “Governance, risk and compliance matu- nology – Microsoft Word – in their Method-
Timm notes that many risk managers also rity implies that risk management, internal ware software. “We believe that if a system is
fail to appreciate the fact that risk manage- audit and the business remain independ- easy to use, it will be used. But this is not the
ment is not only about avoiding risks, but ent, and yet work together for the best in- only success factor,” explains Timm. “Cus-
also about identifying opportunities. “Iden- terest of the company. Instead of operating tomisation is crucial to ensure that the staff
tifying and monitoring risks reveal oppor- in silos, they are integrated via technology experience the system as their own. As such,
tunities. For example, if an investment of that provides a single integrated view using our Methodware software system is com-
R100 000 in fraud prevention measures one database, with the necessary authori- pletely customisable.
can reduce fraudulent activities costing a ties, checks and balances to ensure integrity “It does take our business experts signifi-
company R8 million a year by half, it rep- and independence. cant time and effort to extract the relevant
resents a significant opportunity to improve “If there is a gap between the risk manage- information from the various line managers
performance. ment and internal audit functions, such as and staff members, and to formalise this into
“Other opportunities include controlling is created when different systems are used, a customised software solution. However, it
costs or identifying areas where customers or many vital risk issues could slip through is important to make sure that people are part
key staff members are being lost to competi- the cracks,” warns Janisch. “The CQS Meth- of facilitation, so it becomes ‘their’ system.
tors because the risks are not managed. If the odware solution allows internal audit and When staff members see their contributions
company does not know the risk, the risk can- risk management to use the same informa- and the language they use every day in the
not be managed, nor can the opportunities be tion, with no manual intervention to ensure system, it creates ownership and excitement.
identified.” data integrity.” This is when technology becomes an enabler
In addition, Methodware reports consoli- and accelerator.”
BRIDGING THE GAP BETWEEN RM AND IA date information,
“Risk management is not a new concept drawn across depart-
globally. However, the focus used to be on ments and line man-
reactive management of risks via the in- agers, in a simplified
ternal audit function, which merely re- MS Word format
ported on risks and losses that had occurred and presents this in
and the effectiveness or lack of controls,” a manner that adds
explains Janisch. real value to the ex-
“The modern risk management function is ecutives and board
proactive, with the objective of preventing members, allowing
risks from occurring and where this is not them to monitor
possible, minimising the impact. Risks are progress and track
identified before they occur and controls are trends. Such reports
implemented to prevent, mitigate and trans- add far more value
fer the risk. There is no
need for a loss to occur “R ISK MANAGEMENT IS NOT ONLY ABOUT AVOIDING RISKS ,
before it is managed.”
Janisch notes that
BUT ALSO ABOUT IDENTIFYING OPPORTUNITIES JASON TIMM, ”
in South Africa, there METHODWARE PRODUCT MANAGER AT CQS.
5
GENERAL
COVERINSURANCE
STORYY ENTERPRISE RISK May 10
RM shortcomings contributing to
A recent Accenture survey on global risk points to the kind of changes
necessary to avoid future meltdowns.
Risk executives surveyed at 74 bank- or incentives. Indeed, the survey revealed that risk
ing, capital markets and insurance firms revealed managers spend only about 20% of their time ad-
that many financial services companies have gen- vising business units – almost 60% was spent on
erally managed risk merely as a compliance issue, data management and compliance.
meaning they neglected to: Too frequently, the long-embedded organisa-
• include risk in objective-setting and performance tional cultures actually encouraged the behaviour
management that would ultimately destroy so many of them.
• measure, much less manage, enterprise- Compensation practices often rewarded short-term
wide risk revenues without considering the longer-term risks
• align risk strategy with business strategy. traders were taking.
6
ENTERPRISE RISK May 10 GENERAL INSURANCE
7
GENERAL
COVERINSURANCE
STORYY ENTERPRISE RISK May 10
BROKERS' CORNER
8
COVER
SHORT STORY
TERMY ENTERPRISE RISK May 10
SPECIALISED RISKS
In March, South African M-Net Su- PROVINCE 2003/04 2004/05 2005/06 2006/07 2007/08 2008/09
perSport sound engineer Nick Greyling was Eastern Cape 349 273 202 108 93 88
kidnapped in Nigeria along with Nigerian Free State 83 61 67 65 66 93
commentator Bowie Attamah. Later in the Gauteng 1,062 921 850 944 947 1,058
month, right here in Johannesburg, five peo- KwaZulu-Natal 693 714 680 696 716 686
ple were arrested for allegedly kidnapping Limpopo 82 112 91 103 83 91
Mpumalanga 149 137 115 115 107 164
a Zimbabwean man, demanding a R50 000
North West 104 78 74 96 96 157
ransom and a car for his release.
Northern Cape 32 32 25 17 27 29
These two events are but a recent drop in
Western Cape 450 290 216 201 188 169
a dark sea of local and global kidnapping RSA 3.004 2,618 2,320 2,345 2,323 2,535
incidents, which are increasing at an alarm-
ing rate. But they provide insight into a grim
TABLE 1 Reported Cases South African Police Service statistics show that 2 535 kidnappings
were reported in 2008/2009, with the vast majority conducted in Gauteng
reality: Kidnapping is a risk South African
corporates ignore at their peril. groups, high crime rates, large disparities be- has reached record levels and appears to
tween the affluent and the poor, topped by be increasing.”
HOT SPOTS governments which are notorious for either
Although executive or high-net worth kid- inefficient or corrupt practices.” TARGETS
napping is known to be a common occur- “There’s a misguided perception that kid- “Typically the targets for kidnappings and
rence in countries such as Iraq, Mexico, Pa- napping is limited to third world or South ransom are high-net worth individuals, their
kistan, Venezuela, Brazil and the Philippines, American countries, but increasingly kid- families, their staff, employees travelling
countries such as South Africa, the DRC and napping and ransom have become part of overseas, companies with high profiles, those
Tanzania are quickly becoming the new dan- the South African scenario as well. In fact, that handle large amounts of cash or work
ger zones. And it is not only the wealthy that South Africa has one of the highest number with sensitive information, even sportsmen
are being targeted. of such incidents in Africa,” says Alan Taylor, and women, many of whom enjoy enormous
According to Alexander Forbes Risk Serv- General Manager Risk Services at Glenrand incomes,” says Taylor.
ices, South Africa is ranked as one of the M.I.B. “Unfortunately, the South Africa en- However, corporate kidnappings, involving
world’s top ten countries for kidnap and ran- vironment, with its perceived low levels of the kidnapping of a company’s staff, partic-
som incidents. law enforcement, is conducive to kidnapping ularly executives, followed by ever greater
“As the operations of sophisticated inter- professionals. Something of a kidnapping ransom demands from the relevant company
nationally-based kidnap syndicates expand ‘culture’ is already well entrenched in the for their return, are a lucrative business for
into more vulnerable countries such as South country, albeit mostly without the associated sophisticated, advanced syndicates, which in
Africa - now considered a medium to high extortion part.” some cases involve as many as 20 people.
risk kidnapping country - the risks attached “Most particularly, those criminals who
to an individual being kidnapped increases,” INCIDENCE INCREASING specialise in kidnapping of executives for
says Terry Booysen, CEO of CGF Research Accurate figures for kidnapping are sketchy, ransom have become a nightmare for em-
Institute. simply because many victims prefer to stay ployers, especially for those employees who
“There are many reasons for this phenom- anonymous. travel to kidnapping hotspot countries,”
enon, however the most common reasons “According to experts, kidnapping for ran- comments Booysen.
which increase the risk of a corporate execu- som is on the rise in an increasingly glo- Taylor adds that “Kidnap patterns in Africa
tive being kidnapped may be linked to coun- balised market,” says Booysen. “As the gap show that expats from international compa-
tries which have a history of political and continues to widen between the haves and nies and the personnel of international aid
social instability, the presence of extremist have-nots, we can most certainly expect to organisations are likely victims.”
see more kidnapping cases of high-net worth
executives being reported.” SOPHISTICATED PERPETRATORS
Alexander Forbes Risk Services concurs,
Alexander Forbes Risk Services says that
adding that “The number of kidnap events
kidnapping is a highly evolved billion-rand
business. “Some
“THE RISK OF KIDNAPPING IS NO LONGER LIMITED TO TRAVELLING THE kidnappings
’ .I ’ ”
WORLD S HOT SPOTS T S ON YOUR DOORSTEP ALEXANDER FORBES RISK SERVICES are short-term
12
ENTERPRISE RISK May 10
SHORT TERM
‘opportunistic’ incidents where the kidnap- importance to the success of the organisa-
pers are seeking a quick payoff. Other kid- tion by which they are employed.”
nappings will involve careful planning,
observation of the victim, military style UNDERSTANDING THE RAMIFICATIONS
executions and months of negotiation. Kid- Booysen explains that a kidnapping incident
nappings are increasingly connected to re- can have devastating impacts on the health
lated crimes such as hijacking, extortion and
hold-ups.” “SOMETHING OF A KIDNAPPING ‘CULTURE’ IS
Glenrand M.I.B. adds that while the ‘petty’ ALREADY WELL ENTRENCHED IN SOUTH AFRICA”
kidnappings still continue, the quantum of
high profile, high ransom incidents in South ALAN TAYLOR, GENERAL MANAGER RISK SERVICES, GLENRAND M.I.B.
Africa is clearly on the increase. “There is of the victim, as well as the victim’s family critical importance of providing their key
concern that the likes of Nigerian syndicates, and business associates. “There can also be executives with kidnap and ransom (K&R)
East Europeans, Asian and the more sophis- dire implications on the business and its mo- insurance cover, particularly for those execu-
ticated South African operators are coming rale, not least the severe interruptions in the tives who travel and deal in high risk kidnap-
to the fore.” operations and its financial impacts. Clearly ping countries.”
Booysen notes that the price tags attached when a kidnap incident occurs, particularly if
ASSESSING THE RISK: 3 key questions
to high-net worth executives runs into mil- it is drawn out for a long period of time, huge
• Who are high risk individuals
lions and the perpetrators have become quite strain is placed on the business, giving the
• Where are the greatest risks and when are they
brazen about their business. “The perpetrators hostage takers greater power to extort higher likely to happen
involved in this type of kidnapping know ransoms and more demands.” • Who is likely to commit the kidnapping
what they are doing, and they also know Source: Cre8, division of Alexander Forbes
MANAGING THE RISK
CGF Research Institute, in one of their lat- K&R INSURANCE
est Governance, Risk and Compliance (GRC) According to Assurex International, the
reports, entitled Corporate Kidnapping: Pro- world’s largest privately held commercial
tecting Key Officers, recommends that busi- insurance brokerage group, executives who
ness and their executives seriously consider have K&R insurance in place are four times
their pre-emptive measures to safeguard their more likely to survive a kidnapping ordeal
key employees. than those without.
“Kidnapping methods deployed may range Specific policy details will differ depend-
from high surveillances of the victim to ing on the underwriter, but in general the
snatching victims at ATMs. These types of in- cover includes:
cidences will most often occur when the vic- • Access to a specialist crisis management
company for assistance and advice
“CORPORATE EXECUTIVES HAVE BECOME • Reimbursement for any ransom paid
• Loss of ransom money in transit
‘FAIR GAME’ TO PROFESSIONAL KIDNAPPERS” • Expenses, including rewards and fees
TERRY BOOYSEN, CEO, CGF RESEARCH INSTITUTE • Psychiatric, medical and dental care costs
• Legal advice
the high stakes involved. The planning of a tim is in transit. Employees should be trained • Payment of the salary of a detained or kid-
kidnap for ransom will often span weeks or to manage and survive a kidnapping ordeal. napped person
months as every detail of the target is meticu- Moreover, employees should know what type • Payment of the salary for the temporary
lously surveyed and calculated with military of action the company will take to secure replacement
precision. Anything from high tech surveil- their release, including the fact that it could • Interest on loans
lance equipment, recording devices and cell take months to free them. The risks associ- • Legal liability
phones are used to execute the crime. ated with rescue are high, given the fact that • Consultation fees for employee training
“Of course, the more valuable the ‘prize’, in some countries there are poorly trained • Payment of the salary for the tempo-
the greater the reward. In this vein, corpo- law enforcement officers and rescue attempts rary replacement of the kidnapped or
rate executives have become ‘fair game’ to could result in the death of the victim. Nego- detained person
professional kidnappers, who understand tiations should always be entrusted to security • Interest on loans
not only the intimate detail of their target, consultants and insurance professionals hired • Legal liability
but also their worth to organisations ei- to handle the situation,” advises Booysen. • Consultation fees for training in the latest
ther materially, financially or their strategic “Fortunately, employers are realising the prevention and avoidance techniques.
13
COVER
SHORT STORY
TERMY ENTERPRISE RISK May 10
Environmental guarantees
The DME’s recent suspension of environmental guarantees issued by
insurance companies as a means of meeting rehabilitation obligations
has created challenges for many mining companies.
Despite a cautious recovery CALCULATING THE COST helps to limit growth in the closure liability.
following the recent global economic down- “Currently, closure costing for mine reha- Because of the returns that can be earned on
turn, increased regulatory focus is forcing bilitation is based on the Department of trust fund assets, regular contributions help
some mining companies to find innovative Minerals and Energy’s (DME) prescribed reduce the present value of total costs in-
ways to economise and deal with operational Master Rates with the application of CPIX,” curred over the mine’s life.
constraints and project delays. “This is par- explains Natasha Wally, risk solutions advi- The traditional guideline contribution for-
ticularly evident in the mid-tier mining sec- sor at Marsh. “A shortcoming of this costing mula is widely used to determine contribu-
tor. The regulatory focus centres on health method is the failure to provide for contin- tions. This formula takes into account his-
and safety issues and environmental issues, ued monitoring and maintenance after final torical returns earned on assets, but does not
particularly the remediation of environmental mine closure has been achieved. In terms anticipate future returns.
damage,” says Lizelle Prosch, environmental of the MPRDA, an annual revision of the Moderate investment in higher yielding
services consulting manager at Marsh. closure costing is required; however, this is asset classes, such as equities, can reduce
poorly enforced and seldom completed by the average present value of expected total
THE LEGAL REQUIREMENT the mining companies. Through the use of costs, because higher returns ultimately re-
South African law requires mines to make an insurance-based costing provision, an- duce the amount of contributions needed.
financial provision for ongoing environ- nual policy review procedures may impose a Regular reviews are necessary to adjust the
mental rehabilitation and the environmental more comprehensive analysis of the require- company’s strategy as time passes.
costs associated with mine closure, creating ments for financial provisions. This elimi- Environmental engineering and financial
one of the biggest challenges facing mining nates the risk of a shortfall at the end of life models provide valuable insights into get-
companies today. of the mine.” ting the most out of asset and contribution
Requirements for making financial provi- Mines are also not always clear about the strategies.
sion for the remediation of environmental balance between the use of premature closure
damage as well as for the issuing of a clo- guarantees, ongoing rehabilitation and the MAKING PROVISION
sure certificate are included in the Mineral contributions needed to fund final closure.
Wally explains that in terms of Regulation
and Petroleum Resources Development Act “The final closure liability is determined by
53, promulgated under the MPRDA, allow-
28 of 2002 (MPRDA). These include the re- the extent and type of mining and is some-
ance is made for four methods of financial
quirement that financial provision must be times impacted by unexpected geological in-
provision for environmental rehabilitation:
in place before approval of the environmen- cidences,” says Nicky Holtzhausen, head of
• cash deposit into an account specified by
tal management plan or programme by the Old Mutual’s corporate customisation unit.the director-general
minister of minerals and energy. “It is also affected by inflation. As a result,
• an approved contribution to a trust fund
there is a level of uncertainty impacting the
as required in terms of section 10(1)(cH) of
unfolding of the closure and rehabilitation
the Income Tax Act
liability.” • a financial guarantee from a registered
In a recent Mining Indaba paper entitled
South African bank or any other bank or
Optimisation of Asset and Contribution financial institution approved by the di-
Strategies for Mine Closure and Environ- rector-general
mental Rehabilitation, Old Mutual, working
• any other method as determined by the
in collaboration with environmental engi- director-general.
neers, found the following: The cash method involves the deposit of
While some mines want to defer rehabili-
funds with the DME. The investment income
tation expenditure, ongoing rehabilitation
accrues to the DME, and this option is rarely
can make good financial sense because itfavoured.
Trust funds are commonly
“T HERE IS A LEVEL OF UNCERTAINTY IMPACTING THE used, particularly by well-es-
tablished mining companies.
UNFOLDING OF THE CLOSURE AND REHABILITATION LIABILITY ”
The contributions to such a
NICKY HOLTZHAUSEN, HEAD: CORPORATE CUSTOMISATION, OLD MUTUAL trust are tax deductible and
14
ENTERPRISE RISK May 10 SHORT TERM
the build-up of funds in the trust is tax exempt. rehabilitation, and pre-
However, the trust structure may be inflexible and mature closure guaran-
few junior mining companies have the financial re- tees. Last year, Nedbank
sources to create rehabilitation trusts. Guarantees is- Capital designed and
sued by banks or insurance companies have proven
to be an attractive option for mining companies.
However, bank guarantees may tie up the mining
"MINING COMPANIES’ INCREASED RELIANCE ON THEIR CREDIT
company’s facilities. LINES CREATES A DOMINO EFFECT ON THEIR RISK AND INSURANCE
“In addition, the decline in the availability of credit
and liquidity has forced mining companies to rely more
PROFILES” LIZELLE PROSCH, ENVIRONMENTAL SERVICES CONSULTING MANAGER, MARSH
heavily on their credit lines,” says Prosch. “This cre- developed a multimillion-rand rehabilitation fund
ates a domino effect on a mining companies risk and solution for Rand Uranium, with a fully inclusive,
insurance profiles.” end-to-end means of meeting its mining rehabilita-
tion liabilities while remaining compliant with South
THE INSURANCE OPTION African mining and tax regulations. This kind of in-
The insurance guarantee option provided an alterna- novation has seen over R2.4 billion of rehabilitation
tive to the often more expensive cash or bank guaran- funding inflows into the Nedbank Capital’s rehabili-
tees. In many cases, particularly junior mining firms tation fund offerings, which focuses on the provi-
provided for a portion of the rehabilitation fund with sion of tailored rehabilitation trust fund investment
the insurers underwriting the balance. This enabled management coupled with the provision of DME
the smaller mining companies to use their capital to guarantees. According to Peter van Kerckhoven,
grow operations. jointhead of mining and resources at Nedbank Capi-
However, in the first quarter of 2009, the DME sus- tal, the rehabilitation solutions created by Nedbank
pended the practice in which mining companies ob- Capital not only minimise the cost of guarantees, but
tained environmental rehabilitation guarantees from do so in a way that reduces the impact on the mining
insurance companies. The department based its deci- companies’ ability to raise other forms of finance in
sion on its belief that cash or bank guarantees provid- the future.
ed greater security. It said that insurance guarantees
exposed the state to the risk of a guarantee not being MOVING AHEAD
honoured in cases where the mining company did not “At present, insurers cannot offer mining guarantees
disclose all material facts, neglected to pay premiums, until the issues raised by the DME have been ad-
or did not meet its obligations in terms of the contract dressed to the government’s satisfaction. At the time
of insurance. of writing, our insurers report that there has been no
change in the current situation although discussions
NEW SOLUTIONS are taking place to find a solution that will again
According to Holtzhausen, while many mines in South see the insurance option become a viable alternative
Africa have some form of premature closure guarantee for mining companies,” says Cheryl Crick, consult-
in place, only a few have holistic strategies to fund ant: performance bonds & guarantees, a division of
for final closure. This is slowly changing as legislation Alexander Forbes Risk Services. In the mean time, it
and tax incentives encourage mine owners to set aside seems other financial services companies have been
assets for final closure. quick to provide solu-
Old Mutual has developed a specialised financial tions to challenges min-
model to help mining companies develop strategies ing companies face and
for ongoing rehabilitation determine contributions we watch with interest
to trust funds, make appropriate use of premature to see what innovations
closure guarantees and formulate asset strategies the insurance industry
for trust fund investments. The specialised finan- will create to regain this
cial model is designed to play an important role in once growing market
helping mines develop the most suitable asset and segment.
contribution strategies for funding
mine closure and environmental re- “A LLOWANCE IS MADE FOR FOUR METHODS OF FINANCIAL
habilitation plans. The model helps
mines maintain the balance between PROVISION FOR ENVIRONMENTAL REHABILITATION NATASHA ”
ongoing trust contributions, ongoing WALLY, RISK SOLUTIONS ADVISOR, MARSH
15
LONG TERM ENTERPRISE RISK May 10
ENTE
RETIREMENT REFORM
The debate surrounding the reform the re- proposal. However, given the stated intentions, we can
tirement system continues, but it remains important to make certain inferences about the likely outcome that
stick to existing retirement savings arrangements for can guide employers and advisors in terms of how re-
the foreseeable future. There is an interesting debate tirement funding matters should be dealt with. It is clear
ahead in terms of achieving the appropriate retirement that with the extension of the system to a broader base,
funding system in South Africa, but the fundamental there is the inclusion of a larger proportion of individu-
principles of saving for retirement – including start- als who have less financial literacy when it comes to
ing early and investing to beat inflation – will always retirement savings matters. It should be pointed out
remain. that most studies into the low-paid market reveal a
It has been nearly six years since the first paper sophisticated system of money management, includ-
outlining National Treasury’s proposed improvements ing a number of different loan arrangements and better
budgeting skills than their affluent counterparts.
THE SUCCESS OF ANY SYSTEM WILL DEPEND ON WHETHER The success of any system will depend on whether
BENEFICIARIES SEE VALUE AND UNDERSTAND THEIR BENEFITS beneficiaries see value and understand their benefits.
Therefore, the system would need to be simple in its
to the retirement system in South Africa. Further dis- benefit structure by being defined benefit in nature, or
cussion documents have been issued, most notably a simple in its benefit accumulation structure, by being
number setting out proposals including wider social se- defined contribution, probably with low volatility of
curity reform from the Department of Social Develop- returns and few capital losses.
ment (DSD). It is critical that there is rigorous debate to
ensure any new system implemented achieves its goals. IMPLICATIONS FOR EXISTING MEMBERS
But perhaps even more significant, it is important that Either way, for existing retirement fund members this
any new system is understood and appreciated by its would be a far more conservative construction with
recipients. This process may take some time to reach an lower upside potential for participants. In order to
optimal outcome. The problem is how to deal with cur- place these members in an equivalent retirement po-
rent retirement funding arrangements and their mem- sition had the new system not been introduced, a far
bers in the interim. more aggressive strategy will need to be followed in
existing arrangements.
FOCUS OF THE PROPOSALS This could be either through a higher allocation to
The proposals are focused primarily on widening the riskier assets, or even the inclusion of the more exotic
coverage of the retirement savings net from the current and expensive asset classes in the hopes of achieving
estimated 6 million to the approximately 12 million higher returns for a given risk tolerance.
South African wage earners. The missing beneficiar-
ies are largely lower earners, in temporary or transitory INVESTMENT GUIDELINES
employment and tend to be in industries with low un- The prudent investment guidelines, detailed in Regula-
ion movement involvement. tion 28 of the Pension Funds Act, which set out how
The current system run by the private sector tends retirement funds invest their assets, are currently under
to exclude these individuals, as they cannot provide review. Unfortunately, this is largely a process aimed
cost-efficient solutions to them. In addition, the tax at modernising the old framework to cater for new in-
incentives granted to higher paid workers have little at- vestment classes, rather than a holistic review of ap-
About the author
traction to those not paying tax because their earnings propriate investment strategies, which has resulted in
Rowan Burger is head are below the thresholds. The proposals also aim for a criticism from some commentators.
of pension reform at
simpler, more cost-efficient arrangement. This criticism is unfounded given the uncertainty as
Liberty Corporate.
provider in South to the final outcome. However, it may be prudent to
Africa. Burger has 15 LIKELY OUTCOMES consider building in an additional margin to a retire-
years’ experience in Given the complexity of the issues faced by the decision ment savings plan to cater for the introduction of a
the industry. makers, it is very difficult to speculate about the final more widely accessible but conservative scheme.
16
ENTERPRISE RISK May 10 LONG TERM
LEGAL COMPULSION VS. TAX INCENTIVES consistent savings patterns required to current more flexible system than the more
A key failing of the current system is that achieve adequate pensions in retirement. paternalistic future one.
it uses tax incentives to drive the appro-
priate behaviour. There is nothing wrong MORE RESTRICTIONS BASIC PRINCIPLES STILL APPLY
with the concept; however, in practice few This is therefore likely to cause less flex- While the future system aims to be more
members act rationally and avoid heavy ibility in the retirement savings system. We simplistic, it also aims to be more cost ef-
tax penalties when they cash in their re- have already seen a proposal from National ficient. It is only those individuals who
tirement savings after leaving their em- Treasury to remove provident funds, be- require the flexibility who may want to
ployers. cause the ability to receive the full retire- accelerate their savings beyond the cur-
The statistics can be devastating, as ment benefit as a lump sum, rather than as rent requirements to the current system.
money spent on other essentials is very an income stream, results in benefits being On a very simplistic basis, each delay of
rarely replaced. Recently, a Cape-based squandered prior to the end of retirement. 10 years in starting your retirement savings
insurer reported than only 83 members Government are cognisant of the danger of programme roughly doubles your required
of over 17 000 exits did not cash in their applying more restrictive provisions to ex- contribution rate to achieve an adequate
benefits over the last year. isting savings and have publically assured retirement pension. Much like a sailor trying
It is unfortunate that the means test done that rights attached to legacy assets will to reach his destination, the most must be
when applying the state old-age grant fur- be honoured. made of favourable conditions that exist at
ther incentivises this sort of behaviour. It Given the future system will probably be present. It is unclear what the weather and
therefore seems likely that the new system more restrictive and existing savings will seas look like on our journey ahead, but the
will try legal compulsion rather than gen- have their entitlements honoured, it makes basic principles of naval navigation will al-
tle tax persuasion to achieve the long-term, sense to have as much of your assets in the ways remain.
EMPLOYEE BENEFITS ENTERPRISE RISK May 10
ENTE
HEALTHCARE
National healthcare is SA’S UNIQUE CHALLENGES conditions for the private sector to ex-
an extremely difficult and controversial • High unemployment rate – approximately 24% pand and give more people access to bet-
issue, even in developed economies. US of the available work force in SA is unemployed. ter healthcare from vigorously competing
President Barak Obama’s controversial • SA has only eight physicians and 41 nursing medical schemes and healthcare provid-
and midwifery personnel per 10 000 of the
healthcare bill, commonly referred to as ers.”
population.
ObamaCare, was vigorously opposed before “As the global recession bites ever deeper
• SA’s welfare burden on taxpayers is already
being passed. Already, some of the hidden heavy, with 8% of GDP spent on healthcare. into most national fiscusses there seems to
costs of ObamaCare are coming to light as • The country has one of the highest mortality be a new willingness to revisit the thorny
US companies report write-downs amount- rates at birth, both mother and child. issue of public private partnerships in the
ing to billions of dollars, and review health • Very low life expectancy. delivery of national health,” says Bode Ola-
benefits offered to retired employees. • Double burden of disease: first-world lifestyles jumoke, health actuary, Alexander Forbes
diseases, as well as HIV. Health.
GLOBAL LESSONS LEARNT • Currently, 920 000 people receive anti-retroviral “Given the scale of the task to provide
treatment. By 2012/13 this number will reach
What lessons can SA learn from this and adequate healthcare to all South Africans,
2.1 million.
other statist healthcare systems such as the funding required and the skills sets that
those in the UK, Canada and Australia? professionals, reveals the infeasibility of need to be assembled, it is becoming ob-
Says Jasson Urbach, director of the the proposal,” comments Urbach. vious that all sources of investment, skills
Health Policy Unit, a division of the Free Fedhealth’s CEO Katy Caldis concurs, “We and technology, including those in the pri-
Market Foundation. “Governments cannot have more complex problems than other vate sector, should be mobilised.”
raise enough funds to provide unlimited countries, so I think we all realise it will
care to all citizens. A government-run, take much longer to achieve a workable PROACTIVE PLAYERS
single payer system that provides ‘free NHI. Fortunately, there is a clear under- Several private healthcare providers and
health care for all’, will cost individuals standing from a government perspective funders have already pledged their com-
dearly, affecting both their wallets and that NHI is not something that can be im- mitment to assist government design and
their health. plemented within a year or other unrealisti- implement a sustainable NHI model by lev-
“If wealthy countries such as Canada are cally short time horizons.” eraging the expertise of the private sector.
unable to provide timely healthcare servic- “The challenge is to strike a balance
es on a single-payer ‘free healthcare’ basis, THE OPTIONS between cost factors and the delivery of
how will SA manage to do so? A cursory Increasing government’s role in healthcare quality care, along with the broader na-
look at the financial resources required to will make the health system less flexible tional health objectives. Neither state nor
fund the ‘free healthcare for all’ proposal and innovative, says Urbach. “The goal the private sector will ever be fully satis-
in SA, as well as the stock of healthcare of healthcare reform should be to create fied with such a partnership; therefore, a
national health system should be recog-
nised as a compromise.”
HARNESSING SYNERGIES
Regarding closer partnerships between the
public and private healthcare systems as a
prerequisite for setting up an NHI, Caldis
says the budget specifically highlights the
intent of broadening the use of public pri-
vate partnerships.
Jasson Urbach, “There is a great deal of expertise with-
Bode Olajumoke, health
actuary, Alexander director, Health in the private sector. Knowledge transfer
Forbes Health Katy Caldis, CEO, Fedhealth Policy Unit is key."
18
ENTERPRISE RISK May 10 RISK MANAGEMENT
RM SOLUTIONS
Spreadsheets vs systems
Although Microsoft Excel is the system most used for risk management
today, these spreadsheets fall short in a number of areas, with significant
implications for risk managers. BY AVI EYAL, CURA SOFTWARE SOLUTIONS
The use of spreadsheets has pro- a spreadsheet. How does one consolidate LIBRARIES
liferated in every area of modern organi- this? A system will support either one With spreadsheets, managing libraries of
sations. And the reason is simple: How methodology or, in the case of sophisti- risk or controls becomes a complex task of
much easier can it be than to click an icon cated systems such as Cura, allow multiple either creating or integrating into a data-
and instantly access perfect calculations, methodologies to be used. It will provide base source, or building complex macros
grids and tables to convey complex infor- a normalisation and consolidation func- that update central spreadsheets. And when
mation? Or is it? tionality. Standardisation also extends libraries change, how do those changes
While Microsoft Excel is a great tool to version control, deployment and inte- ripple through the spreadsheets floating
to create basic risk registers, which can gration, as well as interoperability with about in the organisation? How are users
provide some additional validation and other systems. forced to reassess the changed items?
functionality with macros and calcula- An effective system on the other hand
tions, spreadsheets fall short in a number AUDITABILITY AND DATA CONSISTENCY will manage library items consistently,
of areas. It is difficult or impossible to achieve au- manage additions and changes to librar-
ditability and data consistency in spread- ies, propagate changes and trigger notifi-
CONSISTENCY sheets. Effective systems will incorporate cations to relevant users.
As spreadsheets are used and enhanced and automate audit trails and have data
over time, the inherent flexibility disap- validation built in to ensure the infor- REPORTS
pears, and consistency and standardisation mation is accurate and consistent at any Tables can be formatted and graphs can
become harder to manage. A good system point in time. Accountability for data in be created with spreadsheets, but drilling
manages the frameworks and methodolo- a system is based on permissions granted down to core data is cumbersome and the
gies, supporting extensions, rework and to staff. reporting is highly reliant on correct cell
relationships in a consistent manner. selection.
DATA CHANGES Systems incorporate predefined re-
DEVELOPMENT How does one compare old information port writers, with best practice reporting
As risk management is embedded into the to new information in spreadsheets? How built in. Some even facilitate exporting to
organisation, more people are required to does one even know what information has multiple formats, including Excel. These
add more data, and more consolidation been changed between spreadsheets, when reports are consistent as they deal with
is required, with more permutations that a risk recorded in a previous period and fixed table structures and integrity can be
must be considered. When using spread- deleted in the current period in a spread- assured.
sheets, templates, best practices, security sheet is discarded? Trending becomes al- For these reasons and more, moving to
and confidentiality soon become compro- most an impossible function over a period a system-based approach can greatly en-
mised. User documentation and online of time when using spreadsheets. hance the
help take time to develop, burdening al- Risk systems maintain an accurate his- efficiency of
ready stretched resources. Reworking or tory of all data. In a system, this informa- staff, reduce
extending a predecessor’s set of macros tion is retained so that one can analyse distractions
and multiple-sheet formulas becomes near decisions taken and trends based on ex- and help
impossible. ternal factors. achieve a
A system for managing risk is developed more reliable
once and shared across a large user base. It ACTIONS AND NOTIFICATIONS and consist-
encompasses documentation, training and How does a spreadsheet convey tasks and ent approach
best practice frameworks, and takes care remind users to update information? How to recording
of security integrated with the organisa- does it escalate information that has not and man-
tion’s policies. been acted upon? aging risk
A system will manage the tasks, work- information About the author
STANDARDISATION flows and notifications related to data and throughout Avi Eyal is the CEO
Inevitably, if allowed, each department will pre-emptively communicate remind- the organi- of Cura Software
or division will deploy its own version of ers, and escalate unattended requests. sation. Solutions.
19
RISK MANAGEMENT ENTERPRISE RISK May 10
ENTE
BUSINESS CONTINUITY
“Ladies and gentlemen, the into two distinct categories: Business IT disaster recovery is a “must-do and
instruction from the board is to cut all continuity spend and IT continuity (or not a would-like-to-do” activity, how
operational spend by 20%.” disaster recovery) spend. can organisations halt all IT continuity
How many companies have heard that spend in favour of a business strategy
phrase during the past year of recession- BUSINESS CONTINUITY SPEND based on “lets hold our breaths and pray
ary turmoil? How many managers have The past year saw a significant reduction nothing happens”?
had to sweat it out and simply find ways in spend on training and consulting serv- Many organisations tasked their already
to get by with less than optimal resourc- ices in the BCM arena. Companies with overloaded IT divisions with conjuring up
es? How many companies are making do mature BCM programmes maintained home-grown strategies and plans to en-
with providing less than 100% in terms of their existing strategies and plans, uti- sure IT recovery, or decided to ignore best
service and quality? lising strategically selected outside help practice and global standards in favour
It may be easier to make cuts in some only if necessary. Many companies with of opting for cheap and often make-shift
divisions, but when it comes to business in-house BCM resources did exactly the solutions. Apart from the fact that imme-
continuity, a discipline still fighting for same: Maintaining status quo and spend- diate IT priorities always take precedence
its rightful place on the boardroom agen- ing as little as was reasonably possible over long-term requirements, such as
da in many organisations, cutbacks have seemed to have been the ultimate goal. disaster recovery, this strategy is bound
a direct impact on deliverables and the Because many companies have not had to miss critical aspects of IT continuity
opinion of leaders of the whole concept. the luxury of staff dedicated to BCM on a because the right expertise was missing,
full-time basis, the retrenchment of staff too expensive or had recently been re-
UNDERSTANDING THE RESPONSIBILITY with BCM responsibilities is of grave con- trenched.
What chance does a fledgling programme cern. Quick hand-overs to overwhelmed Heinan Landa, president and founder
with reduced resources and support have and already stressed employees have left of Optimal Networks, says of back-up
in supporting the drive to be a responsible many companies with voids of experience and disaster recovery mechanisms: “En-
corporate citizen when business survival and a severe loss of information. This is sure your back-up and disaster recov-
not simply a replaceable skill ery systems are working well. You don’t
T HE PAST YEAR SAW A SIGNIFICANT REDUCTION that is lost; it is experience want operations to stop during a reces-
and know-how that may have sion should something happen with
IN SPEND ON TRAINING AND CONSULTING a grave impact on the recov- your front-line business applications.”
SERVICES IN THE BCM ARENA erability of companies when a (www.allbusiness.com)
disaster does strike.
is paramount in the minds of the board? Over the past year, companies that WHO IS RESPONSIBLE?
It is in the manner in which the board had nothing in place when it comes to Surely the responsibility of ensuring the
and other executives view business con- a BCM programme didn’t even contem- recoverability of mission-critical IT sys-
tinuity that we are able to ascertain how plate starting the process owing to insuf- tems lies not with the CIO, but with execu-
serious an organisation is about ensuring ficient funds being made available. This tive committees and boards of companies,
business continuance in the face of an makes me wonder whether these compa- which have to lay down the law in terms
operational disruption. As Andrew Hiles nies have made a deal with the universe of which activities are non-negotiable in
(FBCI) puts it on www.continuitycentral. to wait with operational disruption until times of recession.
com: “In the good times we can simply they’re ready to proceed. Let’s put it differently: Does a reces-
argue, ‘Everyone should have business sion mean that an organisation's risk
continuity’. In the bad times, we need IT CONTINUITY (DISASTER RECOVERY) appetite reduces? Quite the contrary, I
hard proof of its payback before practi- SPEND would think. Does a recession change
tioners get the support from all parties." Cutting a percentage off your budget is the liability of directors or reduce the
To appreciate the trends and implica- an easy thing to do, but how does a CIO responsibility in terms of stakeholder
tions of the reductions in business conti- cut 20% on disaster recovery, while still management? Of course not. Corpo-
nuity management (BCM) spend in 2009 satisfying ever more complex regula- rate governance regulations apply de-
fully, the focus should really be divided tory requirements? And if Gartner says spite economic conditions and budget
20
cutbacks are no excuse for reneging on one’s fiduciary du-
ties. Companies should contemplate the impact of the cuts
in BCM spend on their businesses and these consequences
should be communicated clearly to boards and stakeholders to
ensure they understand the implications to the business and
to themselves.
21
RISK MANAGEMENT ENTERPRISE RISK May 10
ENTE
POLITICAL RISK
If we take the view that enterprise internal and external political influencers as well as financial consideration within
risk management (ERM) is ultimately about can drive the organisation into a position the ERM arena. An aversion to detail proc-
improving the likelihood of successfully beyond its willingness to tolerate risk. ess and procedure – political, operational
achieving strategic objectives and driv- and/or technical – can materially and neg-
ing value in the organisation, then ERM is POLITICAL INFLUENCERS atively impact on the successful implemen-
about the extent to which risk is built into In certain instances environmental factors tation of an ERM strategy.
decision-making. can lead to a political situation where sig- This is regardless of whether the process
Much has been written about the psy- nificant loss of investment might occur. has been implemented to improve future
chology of making decisions. It is impor- The political response to private sector credit ratings, comply with evolving gov-
tant for risk managers to appreciate the capitalisation and, at times, exploitation of ernance norms and practices or implement
behavioural psychology around decision- natural resources, has led to the introduc- the necessary fail safe practices in a devel-
making. tion of new and often far reaching envi- oping or maturing operation.
ronmentally focused legislation that can
DRIVING THE ERM PROGRAMME drive business into the public sector. Shell INTERNAL POLITICAL CONFIDENCE
For example, after the 9/11 terrorist attacks, Oil experienced this first hand in their ex- Internal changes to the political landscape
terrorism events sat close to the top of cor- ploration project in the North Sea. Locally, will likely affect the risk appetite of the
poration risk registers. For most compa- the granting of licences compliant with en- organisation in as significant manner as
nies, the weighted significance has dropped vironmental legislation can delay the onset a loss in working capital through an un-
down the importance list – it may not even realised investment. A bullish
be in the top ten now. Arguably the risk P LACING A WEIGHTING ON THE NON FINANCIAL- approach to entering a new
of terrorism is the same if not higher than COMPONENTS OF ENTERPRISE WIDE RISK REQUIRES market, decisions to rational-
it has ever been; it’s only the current per- ise a workforce, divesting an
ception that has changed. Risk managers A BROADENING OF THE RISK ASSESSMENT operational aspect of the or-
need to challenge themselves as to whether of projects. Awareness of these risks and ganisation can be as much a political deci-
their perceptions are influencing their risk their effects on capital expenditure and fu- sion as a financial one. The tolerance of
priorities and must ensure that their at- ture revenues should assist in enterprise- the organisation to this type of risk can be
titudes and perceptions do not drive the wide risk decisions. shaped by forces far greater then the bal-
ERM programme. The implementation of new legisla- ance sheet and share price.
tion creates an added dimension of risk When considering the risk bearing ca-
ADDRESSING THE RISK TOLERANCE for organisations in the form of far rang- pacity of the organisation, internal and
AND APPETITE ing accountability of product design and external headroom would certainly be
Developing a reliable model for addressing quality. The enactment of the Consumer influenced by the internal political con-
the risk tolerance and risk appetite for an Protection Act (CPA) in South Africa has fidence on display and in reserve in the
organisation can be less complicated than far ranging consequences for all businesses boardroom. Dynamic risk bearing capacity
measuring the non-financial influenc- involved in the development, manufacture, would be heavily affected by the ability of
ers that can determine strategic decision- distribution and supply of goods to con- the organisational stakeholders to influ-
making. Using a model of working capital sumers through exposing product liability ence terms of covenants, monetise assets
to determine risk tolerance and a combi- claims upon the entire supply chain. and raise guarantees. This internal political
nation of weighted average cost of capital The CPA has created the need for a re- capital should be calculated and consid-
(WACC), EVA and discounted cash flows to vision of existing operating models, ne- ered (as in the case of intellectual capital
set a range for the risk appetite accounts cessitating firms to implement and pro- – another form of weightless wealth) when
predominantly for the financial measures mote transparent, auditable, symbiotic evaluating its impact on both the risk toler-
in the more traditional ERM approach to relationships with all parts of the supply ance and risk appetite of the organisation.
risk management. chain. Changes in accountability will result A combined metric should be considered
Placing a weighting on the non-financial in revisiting policy wordings and changing that includes both the financial and non-
components of enterprise-wide risk requires premiums. Decisions on how to retain or financial contributors to the calculation of
a broadening of the risk assessment. Both transfer those risks will become a political the enterprise risk of the business.
22
The Upside of Mining Risk
Companies Act
Shareholders’ agreements under threat
The new Companies Act, due to come into operation sometime after
1 April this year, extends substantial rights to minority shareholders.
BY WOUTER SCHOLTZ, MAZARS MOORES ROWLAND
24
RISK MANAGEMENT ENTERPRISE RISK May 10
ENTE
Binding agreements are A FULL RECORD of mobile calls a reality in the UK. I also be-
reached verbally on mobile phones every lieve these rules will quickly be adopted in
day, with customers giving permission, in-
OF CUSTOMER South Africa and across the globe. South Af-
structions and undertakings to business pro- INTERACTIONS IS rica, as a provider of sophisticated financial
fessionals and service providers. As such, it services and products, and a participant in
is critical for organisations to record these
VITAL FOR the international financial arena, will most
communications if they are to mitigate ANY BUSINESS assuredly implement financial regulations
business risk. therefore customer satisfaction levels, imple- that are considered good practice globally.
“The law, specifically the Financial Advi- ment process evaluation and optimisation, However, we expect there is a much broader
sory and Intermediary Services Act, requires and have legally tenderable evidence of any audience of users who could benefit from the
an accurate record of all transactions made potential fraud. It also increases efficiencies use of mobile recording technologies. The
by registered financial service providers, and and effectiveness, enhancing the ‘customer technology decision will be an important
compels accountable institutions – such as experience’. The inability to record mobile one for corporates, driving cost, ease of re-
banks or long-term insurers – to report cer- conversations previously meant that some cording and future scalability,” says Badimo.
tain transactions. Having a full record of cus- work had to wait until staff were back in the
tomer interactions is vital for any business office where recordings could be made on an- WIDE APPLICATION
in the case of a dispute or a lawsuit brought alogue lines,” explains Dadimo. “But technol- Badimo further notes that recording is impor-
against the company,” says Kgabo Badimo, ogy has advanced sufficiently to enable the tant for any person who:
MD of Spescom DataVoice. affordable and easy recording of mobile calls • gives advice which may have legal, medical
for both business users and consumers.” or financial implications
ENHANCING CUSTOMER EXPERIENCE The most advanced, yet surprisingly af- • gives or receives important information
The drivers for recording of mobile calls are fordable and user-friendly, solutions com- • is asked for an opinion or decision based on
first and foremost compliance with legal and prise a mobile application and hosted service. information conveyed by phone
regulatory requirements, reduction of risk Subscribers’ mobile conversations, pictures • or needs to remember information commu-
and keeping a record for confirmation of and documents are captured, seamlessly nicated by phone.
accuracy. There are additional advantages, and securely uploaded to a hosted site, This includes financial service providers, bro-
however. where this data can be managed, viewed, kers, legal and medical professionals, manag-
“With recordings of mobile calls, organi- played, downloaded or sent by e-mail. ers or directors, estate agents, property devel-
sations can measure and better manage the opers and valuators, insurance loss adjusters,
quality of interactions with customers and THE WAY OF THE FUTURE couriers and many other knowledge workers.
“The increasing availability of these solu- “The value of recording cellphone conver-
tions has motivated the UK’s Financial Serv- sations – for the corporate as well as the indi-
ices Authority (FSA) to consider mandating vidual – is indisputable. Shoring up the risks
recording of calls made and received on a associated with using these devices for busi-
mobile device before the end of 2010. Indus- ness purposes should be on the priority list of
try watchers believe this will set in motion every corporate.
similar amendments by other major financial It is important to look ahead at how these
services regulators in the EU and US,” com- solutions will practically impact the organisa-
ments Badimo. tion and what the potential future needs of
“I believe recording technologies have ma- the organisation will be, however, and select
tured sufficiently to make mandated recording an appropriate solution.”
26
ENTERPRISE RISK May 10 RISK MANAGEMENT
In the current
Risk Risk
Management Tools
competitive environment, FUNDAMENTAL SHIFT, Management
companies are under increasing pressure to excel, and SIGNIFICANT BENEFITS
are beginning to realise the need to move away from Nature, society, and busi-
growth in revenue at any cost, and more towards de- ness are interconnected Consumer Market Risk Liquidity
Credit Management Risk
veloping a value-driven approach. in many ways, which Risk Management
Sustainability risk management’s fit with other have not been a focus in
disciplines of risk management is as an overarching, business strategy. There-
complementary discipline, as risks influence an or- fore, a fundamental shift Financial Risk Management
27
RISK MANAGEMENT ENTERPRISE RISK May 10
ENTE
IT RISKS
Information security
not just a technology issue
Safeguarding client information means developing a security-conscious
corporate culture.
When it comes to protecting FEATURES OF A WELL-DEFINED a fine line between maintaining security
client information, ignorance is risk - a risk CORPORATE SECURITY POLICY and compromising accessibility or usability,
that compromises not only your organisa- • Avoid vague references by closely examining which ultimately impacts productivity.
tion’s bottom line, but also its credibility and evaluating how employees use and And while there is a solution to every IT
and reputation. interact with information. risk, it is almost impossible - from a cost per-
One of the most significant problems is the • Draft an unambiguous policy, using specific spective - for an organisation to implement
vagueness that seems to envelop the whole terms and references relevant to employees. every single security measure possible.
information security issue in organisations. • Properly communicate the security policy For these reasons, organisations need to
to staff and enforce it consistently to keep
“Corporate security policies create vulner- start by evaluating their security needs ac-
security top-of-mind.
abilities through the many ‘grey areas’ and cording to an appropriate risk model. This
• Create a security-conscious corporate
blurry lines that characterise their composi- culture through regular ‘security-awareness will assist to establish the budget, the major
tion,” says Simon Webster, technical consult- campaigns’ and constant reminders in
ant at The Webcom Group. “And this prob- different formats and via different platforms.
lem extends to guidelines for compliance • Ward off sabotage through a strong
with several international regulations.” relationship between HR and IT, to ensure
early signs of dissatisfaction and unusual
RISKS POSED BY EMPLOYEES behaviour are picked up.
Another risk faced by organisations stor- Notes Webster: “The possibilities for em-
ing sensitive client information is its em- ployees to sabotage an organisation are
ployees. This could be due to ignorance or numerous - from stealing sensitive client
disregard of the security policy on the part information to introducing malicious files
of the user or due to employees
sabotaging their company by sell- “I T IS VITAL THAT THE SECURITY SYSTEM IMPLEMENTED
ing/using the information for their IS COMPATIBLE WITH THE CORPORATE SECURITY POLICY ”
own purposes. Effective commu-
nication of the formal corporate JAYEN VYRAVENE, MD OF QUENCY
security policy to employees, can assist to or bringing the whole network down. Par- risks and vulnerabilities; and the balances
resolve part of this challenge, but little can ticularly IT employees can do damage even required between security and accessibility.
be done to prevent employee sabotage. months after they have left the organisation,
easily covering their tracks.” CORPORATE SECURITY POLICY
In addition, the rise of the mobile “It is vital that the security system implement-
workforce introduces corporate data to ed is compatible with the corporate security
a whole new landscape of threats, as policy. Organisations first need to develop
does the use of USB sticks which can their own policy, taking into account , for ex-
store an enormous amount of data. ample, their business objectives, with which
they need to comply,” says Jayen Vyravene,
WHAT CAN BE DONE? MD of Quency, a provider of advisory and
Thankfully, security technology advances training services on governance, risk man-
ensure there is a security solution to almost agement, compliance and ethics (GRC).
every security threat. However, there is often
INVESTMENT WORTH MAKING
“THE DEGREE TO WHICH TECHNOLOGY INFLUENCES Although implementing the best
THE BUSINESS WORLD IS NOT MATCHED BY ADEQUATE security policy possible may seem
like a complex, time-consuming
AWARENESS OF THE ACCOMPANYING IT RISKS” exercise; the organisation’s sur-
SIMON WEBSTER, TECHNICAL CONSULTANT AT THE WEBCOM GROUP vival can literally depend on it.
28
RISK MANAGEMENT ENTERPRISE RISK May 10
ENTE
IT and software have become MINIMUM REQUIREMENTS FOR on technology, such as third party licenced
the backbone upon which business operates. ACTIVE ESCROW software, important databases industrial de-
Organisations are often entirely dependent • The arrangements must be legally sound. signs, specifications and more, for which the
on software which the company does not • All source code together with all relevant end-user requires comprehensive continuity
own, but is licensed to use by third parties. technical material should be provided and of use warranties, i.e. proper access to the
This dependency on software over which subjected to technical verification by a underlying source code in the event of an
it has limited or no control, exposes a com- qualified, independent and neutral expert emergency,” explains Stekhoven.
third party.
pany to a high level of operational risk. “Through an active escrow agreement, or-
• The source code and relevant material should
ganisations can guarantee business continu-
be frequently updated as part of a robust and
LEGAL AND COMPLIANCE ISSUE consistent administrative process. ity for their mission critical business proc-
The imminent new Companies Act 2008 and esses and functions if their software supplier
King III place increased accountability on vendor business conditions. Similarly, King is no longer available or does not honour
the board and its executive management to III expects the board of directors of all com- predefined commitments such as warranty,
manage all the company’s risks. panies to take a robust approach to risk support and maintenance conditions.”
“Neglecting the management of the risk management, particularly IT-related risks,” The guidelines in ISO9001 confirm source
of a third party software supplier no longer notes Booysen. code escrow as a process whereby access to
supplying services on which the company maintainable information systems can be
has a critical dependency, can attract per- UNDERSTANDING THE IMPLICATIONS guaranteed, irrespective of:
sonal liability for companies and their of- “At the outset, reliance on third parties • the stability of the commercial status of
ficers,” says Terry Booysen, CEO of CGF Re- for mission critical software may not ap- the software supplier
search Institute. pear problematic, but companies must • whether certain predefined commitments
Most corporate governance protocols, consider that such software is often sub- such as warranty, support and mainte-
guidelines and imperatives hold directors ject to maintenance agreements and ongo- nance are not honoured.
personally accountable for the organisa- ing support by the software supplier,” says
tion’s assets and reputation, including the Andrew Stekhoven, managing director of ACTIVE VS. PASSIVE ESCROW
assurance that systems and technology are Escrow Europe. The use of active escrow is well entrenched
adequate. “This means that any unforeseen devel-
in Europe and the United States. Profession-
“In the US for example, Sarbanes-Oxley opments within your software supplier’s
al active escrow is a highly effective, low-
calls for an operational system of internal business – such as insolvency, a change of
cost measure to mitigate against technology
controls over financial information encom- ownership or a new strategic priority - could
and its software-related risks when it is in
passing contracts for mission-critical soft- lead to a discontinuation of the support and
the control of third parties.
ware and their susceptibility to changes in maintenance of your company’s missionSays Booysen. “Passive escrow is not an
critical software, leaving you stranded with
option for the proper protection of your
extremely serious - possibly catastrophic -
business continuity and does not constitute
impacts on the reputational and financial
professional source code escrow best prac-
health of your company.” tice.”
“From an operational risk perspective, an
SMART, EFFECTIVE SOLUTIONS active escrow arrangement is the only prop-
Technology escrow ensures access to critical er reassurance that the software vital to the
source code should the technology vendor survival of a business will not become ‘or-
no longer maintain the software. phanware’,” comments Stekhoven.
“Active escrow agreements primarily “Unlike passive escrow, where an organisa-
safeguard business-critical processes, func- tion will simply deposit the source code with
tions and/or services that are dependent an escrow agent, active escrow ensures the
source code of the soft-
“THROUGH AN ACTIVE ESCROW AGREEMENT ORGANISATIONS CAN , ware is verified and that
the software and correlat-
GUARANTEE BUSINESS CONTINUITY FOR THEIR MISSION CRITICAL BUSINESS ing technical documenta-
”
PROCESSES AND FUNCTIONS ANDREW STEKHOVEN, MANAGING DIRECTOR, ESCROW EUROPE tion is complete.”
30
SAS
S
AS, the leader in “We strive to address all aspects
business analytics of key risk concerns from credit,
software and services, operational and market risk to anti-
is No.1 in Chartis money laundering, combating fraud
Research’s prestigious and financial crime. SAS continued to
RiskTech100 rankings, an annual make sales across the world in 2009
international listing of the top risk - such as Allied Bank, Banca delle
technology vendors. Marche, FirstBank and Union Bank -
Although SAS has been a leader in to name a few.”
several categories since the inception The Chartis RiskTech100 report
of this report, this is the first year that also contained the key results of
SAS has earned top spot, a jump of a survey of 824 risk technology André Zitzke, Head of Risk Practice
six places from 2008. buyers and end-users and reveals SAS South Africa
The RiskTech100 methodology that 57 percent of respondents
assessed each vendor’s functionality, believe that their firms’ approach to
year, SAS was a leader in Chartis
core technology, organisational enterprise risk management can be
Research’s Operational Risk
strength, customer satisfaction, characterised as “a set of tactical/
Management Systems 2009 report
market presence and innovation. In reactive initiatives addressing specific in June.
addition to its overall success, the gaps” (18 percent), or “a loose
Currently, more than 200 organisations use
report placed SAS as the category concept that is not fully defined with
SAS for risk management, including: ABN
winner for banking, Europe (market partial sponsorship from the board of AMRO (Netherlands), Allied Bank (Pakistan),
presence) and credit risk. directors” (29 percent), or “no current AXA Bank (Belgium), Banca delle Marche
(Italy), Banca Intesa (Italy), BB&T (US),
BNL - Gruppo BNP Paribas (Italy), Caisse
We strive to address all aspects of key risk concerns from credit, Nationale des Caisses d’Epargne (France),
operational and market risk to anti-money laundering, combating China Merchants Bank (China), CIMB Bank
fraud and financial crime. (Malaysia), Citibank Singapore (Singapore),
EON Bank Group (Malaysia), First Bank of
Nigeria (Nigeria), ING (Netherlands), Kookmin
Bank (Korea), Riyad Bank (Saudi Arabia),
“SAS’ success in this year’s strategy or plans in place” (9 percent). Swedbank (Sweden), Union Bank (US),
RiskTech100 rankings is linked On a positive note, 66 percent of Vattenfall (Sweden), Woori Bank (Korea) and
to particularly high scores in the respondents expect to increase their Zagreba ka banka (Croatia).
functionality and core technology risk technology expenditure by 10 The full report can be obtained, free of
categories,” said Peyman Mestchian, percent or more in 2010. charge, on www.chartis-research.com.
Managing Partner at Chartis SAS risk management software has To learn more about how to meet
Research. “In addition, our end-user garnered many accolades this past the requirements for real-time
surveys have given SAS a marked year. SAS placed in the Leaders decision making, contact SAS on
improvement in the customer quadrant of the Magic Quadrant +27 11 713 3400 (Johannesburg
satisfaction rating in the last 12 for Operational Risk Management and Pretoria) or +27 21 912 2420
months.” Software for Financial Services by (Cape Town) or visit our website,
“This honour is confirmation of our Gartner, Inc. in September. Also, in www.sas.com/sa
:(%,1.$'9(57,6,1*
VOLATILITY RISKS
Volatility is perhaps one of the of social unrest; the poor are increasingly agitat-
defining characteristics of business in our times. ing for government to make good on promises.
In interactions with risk managers, it emerges that The enterprise risk manager therefore has a slew
many are well aware of the recent shocks to busi- of macro issues to deal with and put on the radar
ness, in particular the recession, but also many in addition to the internal controls and risks faced
in the course of normal business.
WHILE THE WORLD CUP BRINGS WITH IT MORE THAN A FEW
RAYS OF HOPE, THERE ARE NEVERTHELESS SERIOUS POTENTIAL POSITIVE OUTLOOK
Despite the realities of an undeniably risky en-
ISSUES LOOMING vironment, it’s hard not to be positive about the
South African scenario.
other factors such as terrorism, labour activism, The country has a high interest rate, which en-
protectionism from certain parts of the world and courages foreign investment, particularly as the
economic mismanagement. developed world keeps its interest rates at unprec-
Then there is the reality of the impacts of natural edented low levels.
disasters: In a globalised environment, earthquakes, As we pass 100 days to go, the world cup looks set to
tsunamis and heavy storms affect even those busi- be a resounding success. The biggest risk – and one
nesses which are headquartered thousands of kilo- which cannot be ruled out as we remember Munich
metres away from the event – the recent earth- in 1972 – is that something unforeseen happens
quake in Chile serves as a ready example. which will affect the country’s image. While the
market looks at numbers from a quantitative point
LOCAL MACRO RISKS ABOUND of view, the qualitative view indicates that right
Specific to South Africa, risk managers have much now, the country is enjoying an once-in-a-lifetime
to deal with. While the world cup brings with it opportunity.
more than a few rays of hope, there are neverthe-
less serious potential issues looming. The econom- WHAT PERIL FOR INSURERS?
ic slowdown may have spared the country the pain From the perspective of an insurer, while the en-
and ignominy of power outages, but as the economy vironment is potentially volatile, performance has
proves resilient and delivers the growth which eve- been consistent since 2008. Insurance companies
ry South African wants, electricity supply is again typically have two income streams: underwriting,
becoming precarious. and investing the underwriting income. The latter
For those who have an income, the reality of pay- came under severe pressure with the global finan-
ing more stands in stark contrast to those who don’t; cial crisis.
The latter group is inclined to steal power while While there was an expectation of dramatic up-
others must pay their escalating bills or face being wards pricing changes, this has not come to pass
cut off. and the anticipated Q4 2009 financial catastrophe
About the author The introduction of the nationalisation debate within insurance never happened. Across the in-
Michael Durek is and friction within the ANC’s tripartite alliance dustry, capital has been protected. Simultaneously,
the CEO of ACE has an impact on business confidence – as does the the investment income, which plays a major part
Insurance, South
looming succession battle within the ruling party, of any insurance company’s bottom line, is on the
Africa. The ACE Group
which has proved damaging in the past. recovery.
conducts its business
on a worldwide There are the ongoing social realities of poverty
basis with operating and unemployment, while deteriorating conditions APPLIED RISK MANAGEMENT TRIUMPHS
subsidiaries in more for publically provided healthcare and sanitation The underlying reality is that good insurance com-
than 50 countries. are fuelling societal divides and driving the threat panies accept that underwriting profit is core. If the
32
ENTERPRISE RISK May 10 RISK MANAGEMENT
ERM
organisation can’t rely on that, its busi- THE SOUTH AFRICAN INSURANCE INDUSTRY HAS we need to make
ness is in trouble. This has seen a shift money’ approach,
PROVEN RESILIENT AS IT HAS ADHERED TO ITS
by insurance companies to refocus on ignoring what,
underwriting efficiency, with geographic CORE BUSINESS to some, was the
and process rationalisation driving some inevitable. How-
contraction of the industry. In particu- QUANTIFYING AND MANAGING RISK ever, the crisis has taught some tough
lar, companies have closed down smaller The risk manager faces a tough task, as he lessons, among which is the need
branches and shed some jobs. is to play out future scenarios and moni- for more responsible approaches
What is clear though is that the South tor and observe a huge range of variables. to business.
African insurance industry has proven re- Add to that the fact that risk management
silient as it has adhered to its core busi- is a relatively new discipline, with its INTO A BRAVE NEW WORLD
ness. As an industry, it did not branch out genesis in the 1980s. The ‘triple bottom line’ is becoming more
into playing with financial instruments. The global financial crisis has also relevant: Sustainability is being intro-
Local banks also did not deviate from shown that risk managers have lacked the duced as a non-negotiable which has to
their core business and get tempted into clout and authority to take salient action. go hand in hand with profitability. It is
gambling for short-term profit. Those who detected the crisis in 2005 a brave new world, by all accounts, and
The bottom line is that risk management were unable to get a reaction from deci- one in which the enterprise risk manager
prevailed, helping the financial services sion makers. Indeed, profit-centre manag- has a stronger voice. And an indispensa-
industry avoid expensive mistakes. ers took something of an ‘I hear you, but ble role to play.
TRAIN TODAY.
SMILE TOMORROW.
AstroTech’s training courses are designed to refine
and build your skills today, making you the next
success story of tomorrow.
,I \RX·UH D EXVLQHVV SURIHVVLRQDO \RX·OO XQGHUVWDQG WKH
LPSRUWDQFHRIFRQVWDQWO\UHHYDOXDWLQJ\RXUVHOIZLWKLQ\RXU
FRUSRUDWHHQYLURQPHQW8SVNLOOLQJLVWKHRQO\ZD\WRVWD\
DKHDGRIWKHSDFN$VWUR7HFKRIIHUVDYDULHW\RIKLJKOHYHO
WUDLQLQJFRXUVHVWKDWZLOOJLYH\RXWKHVNLOOVDQGNQRZOHGJH
WRUHDFKIRUWKHVN\DQGDFKLHYH\RXUFDUHHUH[SHFWDWLRQV
PRODUCT RECALL
Since Roman times the purchaser of unlike the common law, goods must be reasonably
goods, which are latently (i.e. not patently) defec- suitable for the purpose for which they are gener-
tive, has had well-recognised remedies against the ally intended, and of good quality, in good work-
seller. Unless the contract alters the position, every ing order and free of any defects. The act enhances
10
sale of goods carries with it an implied war- the common law test by requiring the goods to
million vehicles have ranty that there are no latent defects in the be usable and durable for a reasonable period of
been recalled by goods that would render the goods useless or time having regard to the use to which the goods
Toyota worldwide materially useless for the purpose for which would normally be put and the surrounding cir-
the goods are sold. cumstances of supply.
The purchaser is entitled to cancel the sale and The goods must also comply with any applica-
reclaim the purchase price or, for lesser defects, ble standards under the Standards Act. The goods
claim a reduction of the purchase price. must also be reasonably suitable for any purpose
for which they were specifically purchased to the
DEFECTIVE VEHICLES knowledge of the seller. It no longer matters under
There is nothing new about claims relating to de- the act whether the defect was latent or patent or
fective vehicles. In 1896, in Wiid v Murison, a wag- could have been detected by the consumer. If the
onette had been sold with a latent defect in that the goods fail to satisfy the requirements and stand-
futchels were broken resulting in the wheel-plate ard required by the act, a consumer may within
clipping off the felloe and the wagon jamming on six months after delivery of the goods return the
turning. It was held to be a material defect and goods without penalty and at the seller’s risk and
Wiid returned the vehicle and got his money back. expense.
The futchels and felloes may no longer be familiar If the goods are unable to perform in the intended
to us, but the principles live on. manner or are unsafe, generally unacceptable or
the goods are less useful, practicable or safe than
PROTECTING THE CONSUMER reasonably expected, the consumer can require the
If defective goods are sold subject to an uncondi- seller to repair or replace the goods or ask for a re-
tional express warranty of quality, the purchaser fund of the purchase price. Repaired goods must be
is entitled not only to cancel the sale and get the warranted for at least three months and also have
sale price back but is also entitled to claim conse- all the common law warranties attached to them.
quential damages.
The arrival of the Consumer Protection Act (CPA) PROTECTING THE SELLER
means that sellers will trade in parallel universes. The act also preserves the ‘sold as is’ right of the
The Act will have thresholds above which it will seller in terms of the so-called voetstoots clause,
not apply. The thresholds are likely to be similar which literally means ‘sold with a push of a foot’.
to those in the National Credit Act so that the CPA Goods can be sold to a consumer who is expressly
About the author will not apply to juristic persons such as compa- informed that the goods are offered in a specific
Patrick Bracher nies who have an asset value or turnover exceed- condition and the consumer accepts the good as
is a director at ing R1 million. Sales to such corporate purchasers it. Save for that, implied warranties of quality are
Deneys Reitz. His will continue to be governed by the common law. built into the sale transaction.
expertise includes
But natural persons and small corporations will
highly specialised
knowledge of the have added protection under the CPA. RIGHT TO RECALL
long-term, short-term Under the act every consumer has a right to de- Neither the common law nor the CPA carries with-
and risk aspects of mand safe good quality goods and quality service in them a right of the seller to recall of the goods
insurance law. save in relation to goods bought at an auction. Not for repairs. Vehicle warranties commonly contain
34
ENTERPRISE RISK May 10 SUBSCRIBE
SA SADC Int.
Rand US$ US$
325 80 100
RM RESPONSIBILITIES
36
ENTERPRISE RISK May 10 CORPORATE GOVERNANCE
only activity based. Boards may have approved a ELEMENTS OF A RISK MANAGEMENT FRAMEWORK
strategy but did not establish suitable metrics to
1. Policy: approach, attitude, appetite.
monitor its implementation (KPIs). Disclosure re- 2. Resourcing: identification of resources required to implement, monitor and co-
garding foreseeable risk was inadequate and there ordinate the risk management process as well as reporting.
was a failure to implement stress testing and sce- 3. Implementation: formalisation of processes involved in identification and definition
nario analysis. of risk, likelihood and impact assessment and response processes.
The risk management expertise of the board must 4. Review and reporting: form and frequency of reporting.
be evaluated and monitored. Boards need to be ed-
ucated on risk issues and to be given the means to BOARD’S MAJOR RISK MANAGEMENT FUNCTIONS
understand risk appetite and the firm’s perform- • Approve the firm’s risk appetite as a component of its strategy. This requires
ance against it. The risk or audit committee must the alignment of strategy, risks and financial objectives. Further, the interaction
be staffed with members with technical financial between risk and revenue drivers must be tested.
sophistication in risk disciplines or with solid • Understand and challenge the breadth of risks faced by the company. This requires
business experience giving clear perspectives on knowledge, communication and training.
risk issues. • Ensure robust oversight of risk at board level. This includes managing the skill,
competence and experience of NEDs as well as allocating sufficient time to co-
ordinated risk oversight.
RM FUNCTION: PRACTICAL ASPECTS • Promote a risk-focused culture and open communication across the firm by setting
Risks can be grouped in a number of ways: the tone at the top and interacting with external risk professionals.
• Risks that are applicable to all types of business • Assign clear lines of accountability and enable an effective risk management
• Risks that arise from the strategies adopted by infrastructure. This requires a formal risk governance policy approval, clear
the board /management of a specific company approvals frameworks as well as the integration of risk insights and intelligence
• Risk areas that are industry specific. into other functions’ planning processes. The reference in King III to risk-based
internal audit is an example of this.
RISKS APPLICABLE TO ALL BUSINESSES
• Changing political and competitive environment
RISK MANAGEMENT PROCESS
• Compliance with laws and regulations 1. Identifying and assessing key risks.
• Reliability and timeliness of financial and other 2. Designing and implementing processes to manage those risks and maintain them at
management information a level acceptable to the board.
• Safeguarding assets and information systems;
• An appropriate corporate culture, business ethos
TECHNIQUES TO MANAGE RISKS
and people integrity 1. Risk transfer (hedging/insurance)
• Effective investment in technology 2. Internal control (including internal audit)
• Fraud 3. Outright avoidance (non-engagement in relevant
activity)
• Sustainability and governance imperatives.
4. Accepted knowingly and objectively subject to
business policy/criteria on risk tolerance.
RISKS RELATED TO COMPANY STRATEGY
• Expansion by acquisition
• Investing in emerging markets • Pharmaceutical/healthcare: product safety,
• Outsourcing medical insurance industry; and
• New technology • Retailing: consumer activism.
• New products and services, and changes in busi-
ness model UNDERSTANDING THE ROLES
• Raising capital The board of a company is responsible for the About the author
• Organisational change management of risk. The board must have a clear Joel Wolpert (CA
• Supply chain changes understanding of the risks facing the company; it (SA) FCMA FCIS) is
• Major capital investment products. must ensure that the organisation has effective risk a technical adviser to
management and control processes; and it must be Chartered Secretaries
INDUSTRY SPECIFIC RISK AREAS provided with assurance that the processes and key Southern Africa and
• Airlines: terrorism, fuel price, passenger safety risks are being effectively managed. his career spans over
40 years in senior
• Automobiles: product reliability and safety The company secretary has a pivotal role to play
financial positions. He
• Banking: credit /derivative products in the provision of appropriate guidance/advice to has been a keynote
• Mining: environmental issues the board regarding its duties and responsibilities speaker at Corporate
• Gaming: licence conditions pertaining to risk management. Governance seminars.
37
MARKET NEWS ENTERPRISE RISK May 10
Momentum and
Metropolitan merge
movers & shakers Group will continue operations
as normal, as will its other
subsidiaries. It has not affected
Momentum and Metropolitan will ContinuitySA's operations.
merge to create a major new
South African insurance group.
The merger creates a powerful Accessible risk
new player in the South African management
financial services industry,
bringing together two businesses training
that have created very successful A cooperative agreement between
franchises in different but the Open Learning Group (OLG) and
complementary markets. Expectra ensures the Expectra Risk
Academy will soon offer a variety
38
ENTERPRISE RISK May 10 EXECUTIVE PAGES
travellers
While no business interruption Valuable
claims related to the ash cloud
disruption had been reported
insights into
at the time of writing, travel
insurance policies around
the ash cloud
BI insurance caused by the volcanic ash. BI the globe have responded to disruption
implications policies will only kick in if there insured travellers’ distress. Don’t miss the June edition of
According to Aon Global Risk is physical damage. Aon Global Locally, insurance company Enterprise Risk in which we will
Risk Consulting CEO Stephen Chartis South Africa announced feature an in-depth case study
Consulting business interruption
that due to the exceptional highlighting the business,
(BI) insurance policies will Cross commented that while it
risk management and
most likely not be responding is not possible to plan for every travel disruptions caused by
insurance implications of the
to the disruption to airspace eventuality, especially such the volcanic ash over Europe,
ash cloud disruption.
MUST-READ BOOKS
Priceless: The Retailers are advised on how to
convince customers to pay more
complete one-dish meals on
offer. Rice Bible includes more
in back-country California, Alex
SUBSCRIBER
With more than 2000 listed GIVE-AWAY!
varieties, rice is a staple food One lucky Enterprise Risk
Why do text messages cost for more than half the world’s subscriber will be treated to a
money, while e-mails are free? population. It is easy to cook hamper containing a selection
of books from Pan Macmillan
In Priceless, bestselling author and incredibly versatile. This
South Africa. If you are already
William Poundstone reveals the collection brings together Indian
a subscriber to Enterprise
hidden psychology of value. rice dishes and Continental Thirty-something Alex Owens Risk, watch this space and
Rooted in the emerging field of favourites – biryani, khichdi, knows very little about her your post box! If you have not
behavioural decision theory, this risotto, paella and dolmades. childhood or who she really is. yet subscribed to Enterprise
book should prove indispensible Sushi and Thai spicy soups add But when an infant’s remains Risk, turn to page 35 for the
to anyone who negotiates. to the assortment of snacks and are unearthed in her hometown subscription form.
39
ENTERPRISE RISK May 10
GOOD GOLFING
Fairway bunker shots
Discover the correct technique for fairway bunker
shots. BY MARTIN WHITCHER
CANCELLATION,
ABANDONMENT
OR POSTPONEMENT
OF EVENTS
A conference to organise,
a major arts festival or an
open air concert ...