 |
| Figure 2: Risk Classification |
But, classifying the risk can also be dangerous. This is because as soon as we define risk in term of categories, we create the potential for missed risks and gaps in responsibilities. Categorization fosters 'silos' of expertise that are separate from one another in terms of personnel, risk terminology, risk measures, reporting lines, systems and data. If executives and risk managers can't communicate with one another across risk silos, they probably won't be able to work together efficiently to manage the risk that are most important to the institution as a whole.
In recent days the particular 'silos' of risk management has been broken down by some of the advancement in risk management. VaR (Value at Risk) and Economic Capital have evolved to facilitate integrated measurement and management of the various risk and business lines. Additionally the trend toward worst-case scenario analysis is really an attempt to look at the affect of macroeconomic scenarios on a firm across its business lines and, often, across various types of risk.
Furthermore, many industries trend toward what consultants have labelled enterprise wide risk management (ERM). ERM is a deliberate attempt to break through the tendency of firms to operate in risk management silos and to ignore enterprise wide risk, and an attempt to take risk to consideration in business decisions much more explicitly than has been done in the past.
An ERM function would be responsible for establishing firm-wide policies and standards, co-ordinate risk management activities across business units and functions, provide overall risk monitoring for senior management and the board. ERM is about integrating in three ways:
a) Enterprise risk management requires an integrated risk organization
b) Enterprise risk management requires the integration of risk transfer strategies.
c) Enterprise risk management requires the integration of risk management into the business process of the company.
