Summary
Stephen Manning and Andrew Gurney created an article based on Manning’s presentation of the same subject during the Basel II & Banking Regulation Conference in April of 2005. The article entitled, Operational Risk within an Insurance Market reflected the ideas of Manning and Gurney when it comes to the development and implementation of risk management within Lloyd’s insurance market. The article’s objective is to encourage leaders and regulators to focus on operational risk in the context of risk management.
It makes more sense to focus on the operational risk because the failure in this area creates a chain reaction of events that often lead to greater market risk and credit risk. In other words, the successful management of operational risk reduces the probability of incurring losses as a direct result of problems or weaknesses in the following areas:
- internal and external fraud;
- employment practices and workplace safety;
- clients, products and business practices;
- systems failures;
- process management.
In addition, there is greater demand for this type of due diligence as a consequence of greater stakeholder scrutiny, and also as a consequence of increasing recognition that companies investing in the identification and management of operational risk are more likely to achieve its business goals (Manning & Gurney, 2005).
It is difficult to identify and manage operational risk. Insurance companies and business leaders respond to this need by creating management frameworks like Enterprise Risk Management. In the case of Lloyd’s of London, the response includes the creation of tools and techniques, such as
- On-site operational risk reviews of businesses;
- Quarterly franchise risk and control self-assessment;
- Stress and scenario testing; and
- Operational risk toolkit (Manning & Gurney, 2005).
Learning Points
It Makes More Sense to Manage Operation Risk
Failure at the operational level creates ripple effects that affect different aspects of the business organization. Therefore, it makes sense for corporate leaders to invest in this particular component of the business model. One can also argue that there are various aspects of the risk management process that are difficult to quantify. However, different components of the company’s business operations are relatively easier to manage compared to others.
Business failures are rooted in the failure to manage operational risk
A company’s internal controls form part of the business operations of the said organization. There are numerous examples of failures rooted in weak internal controls. Companies went bankrupt due to the absence of investor confidence; however, a deeper investigation of the problem leads to weak internal controls. The application of operational risk management techniques uncovers this type of problem before it causes serious damage to the company’s reputation and earning potential.
The Value of Enterprise Risk Management
It is difficult to measure operational risk. However, business leaders and insurance companies can help mitigate risk by developing an appropriate management framework and assessment tools. A good example of a management framework is the Enterprise Risk Management framework adopted by companies all over the world.
It is Important to Adopt a More Proactive Approach
Business organizations are catching up on the importance of Enterprise Risk Management strategies. However, a paradigm shift is needed when it comes to the reason for adopting the said framework. In the present time, business leaders are adopting it for the sake of satisfying certain government regulations. It is better to acquire a more proactive approach to using the Enterprise Risk Management framework.
Critique of the Article
Corporate scandals in the first decade of the 21st century heightened the demand for greater scrutiny on business factors related to operational risk (Bauer, 2009). The root cause of high profile business failures in this particular point in corporate history was rooted in weak internal controls (Markham, 2006). For example, the underlying cause of the 2008 financial crisis was traced to the absence of safeguards that allowed bankers to loan money to people that had no capability of repaying the said loans.
One can argue that the said financial crisis was exacerbated by the accounting fraud scandals that negatively affected global markets. For example, Enron, a multi-billion dollar company, went bankrupt after the discovery that Arthur Andersen, the accounting firm hired to audit the company’s books, acted as an accomplice to cover-up the company’s deliberate act to deceive investors (Niskanen, 2007).
It is important to point out these examples of corporate failure in light of Manning and Gurney’s assertion that business leaders have the ability to avoid similar problems if they utilize the principles of operational risk management. One can detect a weakness in Manning and Gurney’s argument, especially in the area of anticipating or detecting weak internal controls. For example, in Enron, the SEC failed to detect the conflict of interest arising from the dual role of Arthur Andersen as the company’s auditor and financial consultant.
In the aftermath of the corporate scandals that gripped news headlines twelve years ago, the US Congress ratified the Serbanes-Oxley Act of 2002. This piece of legislature aims to strengthen internal controls and establish independent external auditors in order to prevent the repeat of the Enron fiasco (Walden & Thoms, 2007). Based on Manning and Gurney’s argument, operational risk management uses the same framework to mitigate the impact of risk.
However, it is important to point out that the Serbanes-Oxley Act of 2002 was created in response to the problem. In other words, no one was able to develop counter-measures to prevent accounting fraud. Is it possible to develop strategies to anticipate this kind of problem? It is impossible to eliminate weak internal controls because it is impossible to eliminate corporate greed.
Practical Implications
In the context of the United Arab Emirates, business leaders must adopt a more proactive stance when it comes to the issue of Enterprise Risk Management. The UAE’s Insurance Authority must encourage insurance companies not only to study and implement strategies based on the ERM framework for the sole purpose of satisfying UAE’s legal requirements. Greater emphasis must be given on the financial rewards and other incentives that insurance companies will inevitably acquire if corporate leaders are willing to invest in the study of operational risk management.
It is good to know that the UAE’s Insurance Authority is implementing guidelines and regulations that will help prevent the financial fiasco that ruined multi-billion dollar companies in the United States and Europe. This commitment to the application of ERM tools and techniques was manifested in the creation of Article 9 and Article 10 of the UAEs Financial Regulations for Insurance Companies (Insurance Authority, 2016).
In Article 9, it is forbidden to use borrowed funds to prop up the company’s financial standing (Insurance Authority, 2016). This is an important piece of regulation because it enables government regulators to detect early warning signs of financial trouble. In Article 10, insurance companies within the UAE are subjected to more stringent standards when it comes to submitting reports concerning the company’s risk analysis.
Although the UAE’s Insurance Authority had taken deliberate steps to prevent the repeat of financial scandals that negatively affected American and European markets, it is high time to compel insurance companies to adopt a more proactive approach in applying operational risk management principles. In other words, insurance companies within the UAE must develop tools and techniques that will enable them to detect weaknesses in internal controls and other issues related to the company’s ability to accomplish its business goals.
Comments
Manning and Gurney’s article helps to persuade business leaders on the importance of Enterprise Risk Management and why they need to embrace a more proactive approach in implementing related strategies. However, it is important to point out that the ERM model is not a perfect solution in the attempt to eradicate the risk. One can argue that it is impossible to anticipate every type of problem. Nevertheless, the knowledge gained from previous failures forms part of the strategy to mitigate the impact of risk.
Conclusion
Without a doubt, it is prudent to adopt the idea of using Enterprise Risk Management to increase the company’s potential earnings and perceived value. Although, it is impossible to measure every aspect of the company’s operational risk, the use of Enterprise Risk Management tools is a good starting point. It makes more sense to focus on operational risk, because business failures are oftentimes rooted in the failure to analyze the consequences of weaknesses that emanated from poorly developed business processes.
References
Bauer, A. (2009). The Enron scandal and the Sarbanes-Oxley Act. New York: Springer.
Insurance Authority. (2016). Financial regulations for insurance companies. Web.
Manning, S., & Gurney, A. (2005). Operational risk within an insurance market. Journal of Financial Regulation and Compliance, 13(4), 293-300.
Markham, J. (2006). A financial history of modern U.S. corporate scandals. New York: M.E. Sharpe.
Niskanen, W. (2007). After Enron: Lessons for public policy. Lanham, MD: Rowman & Littlefield Publishers.
Walden, M., & Thoms, P. (2007). Battleground. Westport, CT: Greenwood Publishing.