The politics of ERM

Risk managers must be aware of the political ramifications in implementing an enterprise risk management [ERM] program, Susan Witcraft, managing director of Guy Carpenter & Company LLC’s Instrat Team, Mid-America Region, told attendees of Guy Carpenter’s ERM seminar in Toronto.

When developing and implementing an ERM program, four areas need to be considered: politics, organization, education and technical knowledge.

Witcraft said companies usually find the political ramifications the most difficult to overcome, often due to the traditional silo approach of running an organization.

“The investment department may be accustomed to owning the investments and managing them to certain risk tolerances within its own department,” Witcraft noted. “It may not be aware or understanding what’s going on in the rest of the organization, or how it’s affected.”

Another political issue has to do with the company’s internal ranking of its chief risk officer (CRO) within its own corporate governance structure.

“If the CRO is too far down the ladder in the organization, the position loses credibility with the other parts of the organization and it becomes ineffective,” Witcraft said, adding that a CRO should report to the top of its organization.

“But moving a CRO up to that level could cause a lot of political issues within the organization.”

Within the organization aspect, a risk manager needs to ask: “Is the organization managed in a way that all of the departments and all of the segments are in communication in an integrated fashion?” she suggested.