Corporations with no serious enterprise risk management programs aren't likely to be penalized when it comes time for a ratings review, according to one ERM expert.
Only one ratings agency, Standard & Poor's, has a separate rating category for ERM. The other three major ratings houses--A.M. Best & Co., Moody's and Fitch--do not.
All the major agencies, however, do incorporate ERM assessments when issuing a credit rating, said Lucy Nottingham of the corporate risk consulting unit of New York-based consultancy Oliver Wyman.
S&P last year announced it would take into consideration a carrier's ERM program when assigning a rating. The agency evaluates ERM along the following scale: excellent, strong, adequate and weak. It expects to use ERM as a ratings criterion for most companies by the end of this year. Through the end of September 2006, S&P conducted 241 enterprise risk management evaluations of property/casualty, health and reinsurance companies around the world.
Most of the companies, 81 percent, were found to have an adequate ERM program. Another 10 percent were found to have a strong program, and 3 percent were found to have an excellent program. Only 5 percent of the companies surveyed were found to have a weak program.
Companies with adequate programs, while executing the metrics required of traditional ERM, are operating in silos with very little integration, said Nottingham.
She added that the more serious a company's ERM program, the more these companies do themselves a favor. "In some instances, ERM can be a rating tiebreaker," Nottingham said.
Public corporations institute ERM programs because regulators and more investors expect them to have a risk management program and because board and audit committees want a complete understanding of the risk to which a company's exposed.
In a survey released last fall by the Conference Board and Oliver Wyman, 85 percent of respondents said the highest priority of ERM was to "avoid surprises," 83 percent said it was to "ensure risk is considered in decision-making," 70 percent said it was to "integrate ERM into corporate processes," 65 percent said it was to "align risk exposures and mitigation," and 36 percent said it was to use ERM "as a competitive tool."
READ MORE: Features | Special Reports | Industry Risk Reports | Columnists | In-Depth Series
September 1, 2007
Copyright 2007© LRP Publications