Chapter 1: Introduction To Risk Management PDF

Summary

This document provides an introduction to risk management, including potential dangers in the workplace and different types of hazards. It also defines risk and offers examples. It's focused on practical applications of risk management.

Full Transcript

Chapter 1: Introduction To Risk Management

WHAT IS RISK? HOW WILL YOU DEAL WITH RISK?

Risk generally results from uncertainty.

accidents, natural disasters etc.
uncertainty in the market place (demand, supply and stock market)
failure of projects

There are different tools to deal with these risks depending upon the kind of
risk

POTENTIAL DANGERS
In a work environment, employers should know if there are
potential dangers in the work place
Hazards should be avoided to prevent accidents

TYPES OF HAZARDS IN A WORK PLACE
1. Radiation – from x-rays, ultra-violet rays, microwaves
2. Psychological – stress, work shifts, problems dealing with difficult
groups, harassment, lack of empowerment
3. Biological – viruses, bacteria, fungi coming from bites, cuts or
contamination through contact from an infected person
 4. Physical - lighting issues, objects obstructing walkways, unsafe
machinery, spillages on floors.
5. Chemical - any form of liquid, vapor, dust, fumes or gases that could
be spilt, leaked or misused.
6. Ergonomic – work stations that are not fit for healthy usage

EXAMPLE: Occupational and health hazards of women working in the Export
Processing Zone

Ergonomic hazards
Heat
Overwork
Poor ventilation
Fatigue/ weakness

OTHER EXAMPLES OF WORK HAZARD AND RISKS THAT MAY OCCUR

Frayed electrical cords (could result in electrical shock)
Boxes stacked precariously (they could fall on someone)
Noisy machinery (could result in damage to hearing)

HOW TO PREVENT HAZARDS
1. Before installing a new machinery, study its features and impact on
the work place
2. Before work starts, check equipment, review work place for potential
hazards
3. During work, staff should be aware of changes such as unusual sound,
a new smell, or even an intuitive feeling
4. After an accident, management should be informed and documented
so that risks can be minimized or removed

UNETHICAL PRACTICES THAT MAY BE HAZARDOUS
1. Deceptive packaging
2. Misbranding or mislabeling
3. False or misleading advertising
4. Adulteration
5. Weight understatement
 6. Short measurement
7. Quantity understatement

DECEPTIVE PACKAGING

MISLEADING ADVERTISING
A food product is labeled as “all natural” but contains a synthetic
preservative.
A product label contains a typo or misspelling.
A food product is labeled as "gluten-free" even though it contains
gluten.
A juice drink is marketed as “100% pure” while it contains added
sugars and flavors.

DEFINITION OF RISK
Risk is the likelihood that a person may be harmed or suffers
adverse health effects if exposed to a hazard.’
Risk is the probability that actual results will differ from expected
results
Risk is the potential for harm. It is a prediction of a probable
outcome based on evidence from previous experience.

RISK EXAMPLES

1. Typhoon Yolanda
2. Asian financial crisis
3. PAL: Covid 19 pandemic

ASIAN FINANCIAL CRISIS: Two Economic Indicators
 Value of the Peso

1997 P26/$1

1998 P46.50/$1

2001 P53/$1

STOCK MARKET INDEX

PSE index went down
The peso dropped from 26 pesos per dollar from 3,448 to 1,000
at the start of the crisis to 46.50 pesos in
early 1998 to 53 pesos as in July 2001.

PSE Composite Index, the main index of the Philippine Stock Exchange, to fall
to 1,000 points from a high of 3,448 points in 1997. The peso's value declined

Common Risk Categories in Enterprise Risk Management (ERM):
Business Risks
Strategic risks - These are risks that arise from an organization’s business
strategy and objectives. For example, entering a new market or launching a
new product may have strategic risks associated with them.

EXAMPLES: Sources Of Risk

Changes in senior management and leadership.
The introduction of new products or services.
Mergers and acquisitions which prove unsuccessful.
Market or industry changes, such as a shift in the needs or
expectations of customers.

Operational risks - These are risks that arise from an organization’s day-to-
day activities and processes. Examples include technology failures, employee
errors or supply chain disruptions

Examples:
 Bank fraud
Technology failures
Execution, delivery, and process management
Employee practices and workplace safety
Natural disasters and damage to physical assets
Inclement weather, fire, or harsh weather conditions
Clients, products, and business

BANK FRAUD

1. Automatic Withdrawal Scams
2. Phishing Scams
3. Charity Scams.
4. Overpayment Scam
5. Cheque-Cashing Scams

Legal compliance risks - These are risks that arise from an organization’s
failure to comply with laws, regulations or industry standards. Examples
include contract disputes, intellectual property disputes, employment law
violations, data privacy violations or noncompliance with environmental
regulations.

Reputational risks - These are risks that arise from damage to an
organization’s reputation, image or brand. Examples include product recalls,
lawsuits or negative media coverage.
EXAMPLE:

In 2010, the non-profit Greenpeace company launched a campaign against
one of Nestlé‘s leading products, KitKat, concerning the use of palm oil and
the direct destruction of forests and the death of orangutans. This has led to
an invasion of users on the Facebook page of the company who were asking
not to use this product and thus avoid the harmful consequences.

Financial risks - These are risks that arise from an organization’s financial
operations and management. Examples include credit risk, market risk and
liquidity risk.

UNSUCCESSFUL MERGERS
One unsuccessful merger in the Philippines was the proposed
acquisition of Central Azucarera Don Pedro Inc. (CADPI) and Roxas
Holdings Inc. (RHI) by Universal Robina Corporation (URC). The
Philippine Competition Commission (PCC) blocked this merger, which
was the subject of PCC Case No. M-2018-006

AOL and Time Warner (three giants: communications, publishing and content
provider)

The consolidation of AOL Time Warner is perhaps the most
prominent merger failure ever. Warner Communications merged
with Time, Inc. in 1989. In 2001, America Online acquired Time
Warner in a megamerger for $147 billion; the estimated $361 billion
combined value was the largest business merger up until that time

Bank of America and Countrywide (2008)

Value: $4 billion
Goals: To expand Bank of America’s presence in the mortgage lending
market by acquiring Countrywide’s extensive mortgage business.

Obsolete/In danger of Obsolescence

The deal between Bank of America and Countrywide turned out to be one
of the worst failed company mergers. This happened mainly because
Countrywide ran into serious financial trouble during the 2007 crisis. The
deal between Bank of America and Countrywide turned out to be one of the
worst failed company mergers. This happened mainly because Countrywide
ran into serious financial trouble during the mortgage crisis in 2008.
Countrywide struggled to get money to fund its operations when the market
for mortgage-backed securities declined drastically in 2008. Countrywide
struggled to get money to fund its operations when the market for mortgage-
backed securities

eBay and Skype

eBay overestimated the synergies and paid too much for Skype,
which only generated $7 million in revenue. eBay was unable to
integrate Skype into its business.

Daimler-Benz and Chrysler

The merger resulted in a loss and the company eBay overestimated
the synergies and paid too much for Skype, which only generated $7
million in revenue. eBay was unable to integrate Skype into its
business.
PRODUCTS NEARING OBSOLESCENCE DUE TO MARKET CHANGES
IN THE PHILIPPINES IN GENERAL
1. Bataan Matamis Cigarette · 5. Typewriter
2. Sison's Ice Drops 6. Pager, beeper
3. Royal Lem-O-Lime Soft 7. TV in cabinet
Drink 8. Stereo
4. Bottled juice 9. DVD, cassette
10. Mail thru the post office
11. Newspaper
12. Phone book

NEW PRODUCTS/SERVICES
Only two of the six digital banks in the country are profitable, with
losses likely to persist in the medium term as the nascent industry
 continues to find the right business model for their target market
with a largely untested credit profile.
“There are two among the six banks that are profitable, but the
expectation is that it would take about five to seven years before a
digital bank becomes profitable,” Bangko Sentral ng Pilipinas (BSP)
Director Melchor Plabasan said at a press conference.

LESSON 2: RISK RESPONSE
MARKET RISKS
The risk that an investor faces due to the decrease in the market
value of a financial product arising out of the factors that affect the
whole market
Not limited to a particular economic commodity
Often called systematic risk
Market risk arises because of uncertainties in the economy, political
environment, natural or human-made disasters, or recession
Risk that arises from movements in stock prices, interest rates,
exchange rates, and commodity prices
Is the risk arising from changes in the markets to which an
organization has exposure

RISK RESPONSE STRATEGIES
1. Exit Strategy: Avoiding the activities that lead to risk.
2. Reduction Strategy: taking certain actions that decrease the impact
of the risk.
3. Accept Strategy: No step is taken to mitigate risk. This is taken due to
cost/benefit considerations.
4. Share or Insure Strategy: Transferring a certain component of risk so
that impact is reduced.

TYPES OF RISK RESPONSE
Avoiding Risk – Also Known as Risk Avoidance

Identification of the risks
 Review of previous project experiences and histories.
An analysis is then made upon those that have a tendency to arise
A course of action is arrived upon after assessing the relative impact
of the risks

Examples (simple, average, extreme)

1. Risk Failure to complete a project – Set your goal; Outline tasks and
time table
2. Risk: Fear of failure to adjust in an overseas job – a local job
3. Risk: Avoid or lessen business loss – discontinue plan to open a dress
shop, study possibility of putting up a pop up Christmas bazaar
4. “Sacrificing potential benefits in order to eliminate “danger
altogether”

Mitigating Risk - a control process that essentially stops a risk before it
starts making an impact and bringing it to an acceptable level. A
contingency plan is put in place to prevent the risk.

Accepting Risk - There are certain risks that are unavoidable. This strategy is
the best when the risk is low. But there has to be a due plan for the same
such as determining when the project will be exposed to the risk and making
small adjustments accordingly.

Example: A resignation of a key officer, Corporate piracy; a bank managers
Issue: compensation package; plan – identify one-downs with potential highly
successful family business, usually owned by first movers or pioneers, aging,
what to do?

Transferring Risk - Risk transfer is one of the better means to dilute the
impact of the risk. In project management as in finance a risk is often
transferred to a third party. The most common form of risk transfer is by
buying insurance

Example – Health insurance, Educational insurance, Fire Insurance

Insurance - is a contract whereby one party guarantees another party’s
protection against losses resulting from specific accidents or other events.
The main parties involved are the insurer providing the insurance cover and
the insured or the policyholder who receives the coverage in exchange for the
premium.

Insurance business results in massive funds collected from different sources
such as individuals and companies. They use the money collected as a
premium to engage in investment activities when needed, provide the
rightful compensation to the policyholders.

TYPES OF INSURANCE
Customers require protection plans for various purposes; hence, various
policies exist.

Life Insurance: It pays out a fixed amount of money upon the insured
person’s death or after a specific period.
Health Insurance: It covers fully or partially a person’s medical
expenses caused due to illness.

Life Insurance is one of the pillars of personal financial planning. For many
families, it provides a crucial safety net in the unfortunate event of a
breadwinner’s passing. A life insurance policy’s death benefit can help
survivors continue to make mortgage, car, and other loan payments and
ensure that children have the opportunity for higher education. A family with
two breadwinners needs life insurance on both, and a non-employed adult
who manages the household also should have significant coverage.

TERM LIFE INSURANCE WHOLE LIFE INSURANCE
Benefits Benefits
1. Cheaper option 1. Policy stays in force
2. Easier to understand throughout the
3. Premium does not vary policyholder’s lifetime
2. Premium does not vary
3. Cash value component
makes whole life a potential
investment/tax
management tool
Drawbacks Drawbacks
1. Policy expires after a set 1. Much more expensive, any
term outstanding loans will be
 2. No cash value component deducted from death
benefit
2. Beneficiary usually does not
receive the cash value
3. Typically more difficult to
understand

TERM INSURANCE
Term Insurance policy covers a few years, so premiums are more affordable
than the whole-life insurance.

Term insurance is a good option for:

Parents with young children
Adults with dependents capable of earning income
Business partners with new business ventures”

Why Term Life Insurance?
Term life Insurance is the best investment option for those who only need
coverage for a specific amount of time. By the time their coverage ends, they
believe that their beneficiaries would have become financially stable enough
even after their passing. The best group whose needs match this type of
insurance are parents with young children. Let’s say that you are in your late-
twenties and the parent of a newborn child. Should you pass away before
your child can become a working adult, your savings and the income of
whoever becomes your child’s guardian may not be enough to pay for your
child’s future until they become adults.”

WHOLE LIFE INSURANCE
Whole life Insurance is the traditional life insurance most people know:
you’re covered permanently and your policy will not expire as long as you
pay your insurance premiums. Aside from the death benefit, your beneficiary
will also be entitled to cash set aside and accumulated over time.”

Best for:
 Parents of children with special needs
Family breadwinners
Adults with dependents incapable of earning income
Married couples with outstanding debt
Business partners

ENDOWMENT INSURANCE
Endowment Insurance products offer savings and life insurance all in one
go. It’s the best plan suited to those who want to save money for a large
expense in the future. It is common for parents who want to save up for their
children’s college funds, but it’s also an option for people saving up for
expenses like home renovation, retirement funds, and other large expenses”.

Best for:

Parents who want to save up for their children’s education
People saving for retirement
People who want to save up for long-term goals

“Why Endowment Insurance?
It’s not the most popular choice for savers since a portion of your premiums
go to the cost of your insurance. But compared to other forms of savings, this
provides all three: keeping your beneficiaries covered while still earning
enough for the future.

Variable Unit-Linked Life Insurance (VUL)
Also known as VULs, this is a combination of variable life insurance—think
whole life insurance, but instead of a growing savings account, you choose to
take a gamble on the market by investing in different assets such as bonds,
equities, etc.

Best for:

People interested in investing and buying life insurance
Young adults who want to take advantage of their low insurance
premiums
Why VUL Insurance?
The latest numbers per Statista show that as of 2018, the insurance
penetration rate in the Philippines is at around 3% (world average as of
2019 is 7.23%), which can be attributed to a number of factors. Typically
considered a liability, it’s not seen as a profitable investment compared to
high-return investment vehicles like stocks, bonds, and mutual funds. But
VULs can provide both coverage for their loved ones in case of a fatal event
while also providing an opportunity to benefit from the market.

Buy Term and Invest the Difference (BTID) Insurance
More of a strategy than a specific type of insurance
Term life insurance premiums are more affordable, so you can use the
money you saved to invest into other vehicles like mutual funds,
stocks, and other investments to add to your portfolio.

Best for:

1. Young professionals who want life insurance and profitable
investments
2. People who have dependents that can eventually find their own
income

NON-LIFE INSURANCE
Insurance contracts that do not come under the ambit of life
insurance are called general insurance. The different forms of general
insurance are fire, marine, motor, accident and other miscellaneous
non-life insurance.

NON-LIFE INSURANCE/GENERAL INSURANCE
1. Tangible assets are susceptible to damages and a need to protect the
economic value of the assets is needed.
2. General insurance products are bought as they provide protection
against unforeseeable contingencies like damage and loss of the
asset.
 3. Like life insurance, general insurance products come at a price in the
form of premium

TYPES OF NON- LIFE INSURANCE
Auto Insurance

1. It covers loss or damage to any vehicle. In other words
2. It protects from financial loss brought on by the damage of an insured
motor vehicle.
3. A famous example is car insurance.

Travel Insurance

1. It protects from any accidental financial losses incurred while
traveling, whether abroad or domestically
2. Travel-related costs, losses, and other listed expenditures are all
covered by it

Property insurance helps you protect your residence in the event of natural
and unexpected disaster such as fire, flood, earthquake, storms, and volcanic
eruptions. Products offered. Regular fire and with allied

TYPES OF NON-LIFE INSURANCE
1. Regular fire and with allied perils
2. Industrial all risk
3. Commercial all risk
4. Trust receipts
5. Fire and lightning
6. Typhoon and flood
7. Earthquake, fire and shock
8. Riot, strike and malicious damage
9. Smoke damage
10. Vehicle impact
11. Falling aircraft
12. Explosion
LESSON 3: ORGANIZATIONAL STRENGTH
Corporate governance is strong and maintains a well balanced
outlook towards the interest of all stakeholders
Business ethics is embedded in the organizational culture and
reflected in management decisions, employee behavior and in the
manufacture of its products or delivery of services
Internal controls are in place

Who are stakeholders? Shareholders, management, employees, government,
community, customers, suppliers, financiers

CORPORATE GOVERNANCE
System of rules, practices and processes by which business corporations are
directed and controlled and it is about what the board of directors does and
how it sets the values of the firm

Purpose:

To facilitate effective entrepreneurial and prudent management that
can deliver long term success of the company
To enhance shareholder value and protect the interest of all
stakeholders”

BASIC OBJECTIVES OF CORPORATE GOVERNANCE
1. Fair and equitable treatment of shareholders
2. Self-assessment (even before the firm is scrutinized by regulatory
agencies)
3. Increase shareholders wealth
4. Transparency and full disclosure

BASIC PRINCIPLES AND SOME BEST PRACTICES OF CORPORATE
GOVERNANCE
A. Transparency, Full Disclosure and Independence

Information is formalized and disclosed to the public it serves
A board should have independent directors (not major shareholders)
B. Ethical And Responsible Decision Making

Code of conduct necessary to maintain confidence in the company’s
integrity
Disclose policy concerning trading in company’s securities by
directors, officers and employees
Integrity in financial reporting

C. Corporate Control

To ensure the integrity, transparency and proper governance in the
conduct of its affairs, the company should have a strong and effective
internal control system a Establish an audit committee
Recognize and manage risk
Encourage enhanced performance, remunerate fairly and responsibly
and enterprise risk management framework

LESSON 4: BUSINESS ETHICS
INTRODUCTION TO ETHICS
Ethics can be defined broadly as a set of moral principles or values
that govern actions and decisions of an individual or group

CHARACTERISTICS AND VALUES ASSOCIATED WITH ETHICAL
BEHAVIOR
Integrity – principled, honorable, Not two-faced, does not adopt
upright, courageous, act on “end-justifies the means”
conviction philosophy
Honesty – truthful, sincere, Does not cheat, steal, lie, deceive,
forthright, straightforward, frank, act deviously
candid
Trustworthiness and promise Does not interpret agreements in
keeping – full commitments, abide unreasonable, technical, legalistic
by the spirit and the letter of an manner
agreement
Loyalty, Fidelity, Confidentiality – Does not use or disclose
faithful and loyal to family, friends, information learned in confidence,
employers, client and county professionally, safeguards influence
and conflict of interest
Fairness and openness – Fair and Does not overreach,
open-minded, willing to admit error, Does not take advantage of
where appropriate, change another’s mistake or diversities
positions and beliefs, demonstrates
a commitment to justice, equal
treatment
Care for others – kind, Avoids harming others
compassionate, giving, of service to
others
Respect for others – demonstrates Does not patronize, embarrass or
respect for human dignity, privacy demean
and the right to self determination
of all people, courteous, prompt,
decent, shares information
VALUES
Responsible citizenship Obey just laws
If law is unjust, openly
protest it
Exercise all democratic
rights, social consciousness,
public service
When in a position of
authority, honor democratic
processes of decision
making
Avoid unnecessary secrecy
or concealment of
information
Pursuit of excellence Excellence in all matters,
personal and professional
responsibilities
Diligent, reliable,
industrious and committed
 Performs all tasks with the
best ability
Maintains a high degree of
competence
Is not content with
mediocrity

BUSINESS ETHICS
Refers to standards of moral conduct, behavior and judgment in
business
It is an area of corporate responsibility where businesses are legally
bound and socially obligated to conduct business in an ethical
manner
It is based on the personal values and standards of each person
engaged in the business
Its purpose: to help business to determine what practices are right
and what are wrong

PURPOSES OF BUSINESS ETHICS
To help business to determine what practices are right and what are
wrong
To make sure that businessmen realize that they cannot employ
double standards to the actions of other people and to their own
actions
Common practices which businessmen have thought to be right
because they see others doing it, are really wrong
To serve as a standard or ideal upon which business conduct should
be based

SCOPE AND IMPACT OF BUSINESS ETHICS
Business ethics has an -

Economic Impact

If employees’ compensation are fair living wages and benefits
 It will have a positive effect on its suppliers if they are paid fairly and
on time

Social Impact

If businesses resort to bribes, accounting fraud or breach of
regulatory and legal limitations in their operations
Corruption in the business may result to unwarranted increase in
price of the goods, or a reduction in the quality of the product

IMPACT OF BUSINESS ETHICS ON MANAGERS
The manager is

Is expected to act in the best interest of the business, and never in a
manner that is contrary to law or his conscience
Should serve the business enterprise and the community
Should avoid use of executive power for personal gain or advantage
or prestige
Should reveal to his superior whenever his personal business or
financial interest is in conflict with those of the company he works for
Be actively concerned with difficulties and work-related problems of
subordinates
Should lead by example and assure them of reasonable access
Should recognize that his subordinates have a right to information on
matters affecting them through proper communication, unless
informing them shall undermine the security of the business
Fully evaluate the likely effects on employees and the community of
business plans before taking a final decision
Cooperate with his colleagues and not attempt to secure personal
advantage at their expense

COMMON UNETHICAL PRACTICES OF BUSINESS ESTABLISHMENTS
Direct misrepresentation

1. Deceptive packaging
2. Misbranding or mislabeling
3. False or misleading advertising
 4. Adulteration
5. Weight understatement
6. Measurement understatement

SOME UNETHICAL PRACTICES OF BOARD OF DIRECTORS
1. Graft
2. Interlocking directorship
3. Negligence of duty
4. Insider trading

SOME UNETHICAL PRACTICES OF EXECUTIVE OFFICERS AND
MANAGERS
1. Claiming a vacation trip as a business trip
2. Having an employee do work unrelated to business
3. Loose or ineffective controls
4. Making false claims about losses to free themselves from paying right
compensation
5. Making employees sign documents that they are receiving fully what
they are entitled to under the law, when in fact, they are not
6. Unfair labor practices

UNFAIR LABOR PRACTICES
1. Prevent employees from exercising their right to self organization
2. To impose a condition of hiring only if an applicant shall not join a
labor organization
3. To outsource services or functions being performed by union
members
4. To assist, dominate or assist in the formation or administration of any
labor organization
5. To discriminate via wages, hours or terms/conditions of employment
in order to encourage or discourage membership in any labor
organization
6. To dismiss, discharge or otherwise prejudice or discriminate, against
an employee for giving or preparing to give testimony under the
Labor Code
 7. To violate the duty to bargain collectively as prescribed by the Labor
Code
8. To pay negotiation or attorney’s fees to the union or its officers or
agents as part of the settlement of any issue on collective bargaining
agreement
9. To violate or refuse to comply with voluntary arbitrations awards or
decisions pertaining to CBA
10. To violate any provision of the CBA

SOME UNETHICAL PRACTICES OF EMPLOYEES
Conflict of interest

1. An employee whose family owns a business competitor of the
company he works for should not say, or do anything prejudicial to his
employer
2. an employee should not receive any favor or gift from a customer,
supplier or competitor
3. He should not disclose any confidential information for his personal
gain
4. The employee engages in the same type of business as his employer.
5. The employee uses for his own benefit a business opportunity in
which his employer might be expected to have an interest

Dishonesty

1. Taking office supplies home for personal use
2. Padding an expense account through the use of fake receipts when
claiming reimbursement
3. Taking credit for another employee’s idea
LESSON 5: RISK MANAGEMENT
THE GREAT DEPRESSION
A worldwide economic downturn that began in 1929 and lasted until
about 1939.
It was the longest and most severe depression ever experienced by
the industrialized Western world, sparking fundamental changes in
economic institutions, macroeconomic policy, and economic theory.
Although it originated in the United States, the Great Depression
caused drastic declines in output, severe unemployment,
and acute deflation in almost every country of the world.

VALUE OF PESO

1997 P26/$1

1998 P46.50/$1

2001 P53/$1

STOCK MARKET INDEX

PSE Index went down
2007-2009 GLOBAL FINANCIAL CRISIS from 3,448 to 1,000

It is widely referred to as “The Great Recession.”

It began with the housing market bubble, created by an overwhelming load
of mortgage-backed securities that bundled high-risk loans.

Reckless lending led to unprecedented numbers of loans in default; bundled
together, the losses led many financial institutions to fail and require a
governmental bailout.

Efforts to revive the economy were made through the American Recovering
and Reinvestment Act of 2009
The crisis led to the collapse of several large financial institutions, the bailout
of banks by national governments, and downturns in stock markets around
the world.

The crisis led to a global recession, with millions of people losing their jobs
and homes. The crisis also led to significant changes in the regulation of
financial markets and institutions.

ORIGIN OF RISK MANAGEMENT
Early development emerged in the United States out of the insurance
management function

In the 1950’s insurance costs became prohibitive and the extent of
coverage was limited
Organizations realized that purchasing insurance was insufficient if
there was inadequate attention to the protection of property and
people.
In the 1970’s the combined approach to risk financing and control
was developed in Europe
As this approach became established, It became obvious that there
were many risks facing organizations that were not insurable

THE IMPORTANCE OF RISK MANAGEMENT IN SPECIFIC AREAS OF
BUSINESS
Variable costs of raw materials Variable costs of raw materials can
be a risk because price fluctuations
can impact a manufacturer’s
production costs and profitability.
Cost of retirement and social As the average age of the work
benefits force increases, retirement cost,
health and other social benefits
become costlier; succession, if not
addressed can also present a risk
Desire to deliver greater A desire to deliver increased
shareholder value shareholder value can be risky
because it can lead to short-term
thinking, neglect of other
 stakeholders, and overly risky
financial engineering.
Greater transparency required to Sharing too much information
and required from organizations can slow down productivity,
especially when teams are on tight
schedules. Too much transparency
can contribute to the dissemination
of doubt and confusion
Pace of changes in business ever Change Management risks refer to
increases potential negative outcomes that
could occur during the process of
implementing a change. These
include things like operational
disruptions, financial losses, or
security vulnerabilities.
Impact of e-commerce on all Threats: cyber security, data privacy,
aspects of business life logistics and competition
Increased reliance on IT systems Increasing reliance on technology
and the proliferation of digital
devices in daily life will create
increasing risks related to ‘Data
privacy’, cyberattacks, and
consequences of system failure.
Increasing importance of Protecting trademarks, designs,
intellectual property inventions, etc. can result to
financial loss, damage to reputation,
loss of competitive advantage
Greater supply chain 1. Suppliers can go out of business,
complexity/ dependency not deliver products on time, or not
deliver the correct quantity.
2. Natural disasters, economic
downturn. political instability can
disrupt the supply chain.
Reputational damage – especially Loss of customers, business
to worldwide brands partners. high employee turnover
High profile losses and failures ruin Biggest ever accounting fraud case:
reputations Lehman Brothers -the most
notorious accounting fraud case in
 the global financial crisis - firm hid
over $50 billion in loans disguised as
sales.

Example: Increased Reliance on IT Systems

RISK MANAGEMENT
In General

Is the process of measuring or assessing risk and developing
strategies to manage it.
Is a systematic approach in identifying and controlling areas or events
with a potential for causing unwanted change

In Business

Is the identification, assessment and prioritization of risks, followed
by coordinated and economical application of resources to
minimize, monitor and control the probability or impact of
unfortunate events and to maximize the realization of
opportunities.
The process of minimizing or mitigating the risk
Starts with the identification and evaluation of risk followed by
optimal use of resources to monitor and minimize the same
A risk prioritization process is followed - those risks that pose the
threat of great loss and have great probability of occurrence are dealt
with first.
ENTERPRISE RISK MANAGEMENT
Is a process, effected by an entity’s board of directors, management and
other personnel, applied in strategy setting and across the enterprise,
designed to identify potential events that may affect the entity, and manage
risk to be within its risk appetite, to provide reasonable assurance regarding
the achievement of entity objectives.

COMMONLY USED TERMS
1. Business risk – the possibility that the business may not be able to
generate sufficient revenue, or an increase in production and
operating costs may occur.
2. Credit risk – the risk that a counter-party will pay to fulfill his
obligation
3. Default risk – related to the probability that some or all of the initial
investment will not be returned
4. Counter-party – the other party such as the borrower or customer
who has an agreement with the principal party
5. Risk appetite - Is the level of risk that the company can accept in
pursuit of its objectives. (risk aversion vs. risk tolerance)
6. Pure risks – refers to the prospect of a loss such as the risk that a
plant may be destroyed by a fire
7. Speculative risks – refers to the chance of a gain but might result in a
loss, ex. Investment in a new project, or marketable securities
8. Demand risks – the probability that the demand for a product or
services will change
9. Input risks – refers to production costs such as labor and materials
that face the risk that they may increase and the company may not
be able to pass such increases to their customers
10. Environmental risks – risks from forces of nature, ex. climate change
11. Financial risks – risks that interest rates and exchange rates may
change and thus result to unexpected increase in costs
BENEFITS OF RISK MANAGEMENT
1. Forecasts probable issues
2. Avoids catastrophe
3. Enables growth
4. Helps to stay competitive
5. Improves business process
6. Enables better budgeting

Forecasts Probable Issues

Remember the list of 11 risks in specific areas
One of the benefits of risk management is that it changes the culture
of a business organization.
Companies that tend to focus more on risk management tend to be
more proactive as compared to other companies which can be
reactive.
Risk management forces the companies to take a hard look at each of
their business processes and decide what can possibly go wrong. This
detailed what-if analysis helps companies become more proactive
and forecast probable issues.

Avoids catastrophe

Risk management prepares the companies for ali kinds of shocks.
Risk managers try to foresee the small shocks which affect the day-to-
day business of any firm.
However, they also try to focus on catastrophic events. Such events
have a very low probability of occurring.
However, if they do occur, then companies need to be prepared to
deal with them without going bankrupt

Enables growth

When new products have to be launched or when new markets have
to be entered, companies have a ready framework that can be
deployed in order to avoid these risks.
 Hence, in a way, risk management ends up enabling companies to
take calculated risks and expedite their growth.
Extensive risk management processes mean that the company has a
lot of data. This data can be mined in order to gain meaningful
insights which ultimately leads to better decisions.

Helps to stay competitive

Adverse events (recession) afloat lot of cash, continue to stay afloat
During crisis some companies seem to have the extra cash than is
required therefore, they can make acquisitions.
Risk management processes force different departments,
stakeholders to actively communicate with each other.
This communication is helpful since it increases the competitiveness
of the company.

Improves business process

Continuously monitor the working or various departments look for
things that can go wrong
Able to identify the parts of the process which are inefficient or
where there is scope for improvement
Business process reengineering)
Result Companies that have risk management processes in place have
better control of their finances as opposed to other companies.

Risk management requires plenty of information

The day-to-day processes of risk management force companies to
collect more and more information about their processes and
operations.
As a result, companies are able to identify the parts of the process
which are inefficient or where there is scope for improvement.
BASIC PRINCIPLES OF RISK MANAGEMENT
For Risk Management to be effective:

1. It should create value, meaning its benefits should exceed its costs
2. Management should first identify uncertainties and reasonable
assumptions should be in place
3. It should be an integral part of the organization, its decision-making
process and can only succeed under a supportive culture
4. It should be dynamic (responsive to change) transparent and well
communicated
5. Its practice should allow flexibility in order to have room for
enhancement if information and human factors so require
6. It should be systematic, structured and subject to periodic review

LESSON 6: RISK MANAGEMENT PROCESS
The process includes five specific elements:

Strategy/Objective setting: Understand the strategies and associated
risks of the business.
Risk identification: Provide a clear profile of major risks that can
negatively impact the company’s overall financials.
Risk assessment: Identified risks are strictly analyzed to determine
both their likelihood and potential.
Risk response: Consider various risk response strategies and select
appropriate actionable paths to align identified risks with
management’s risk tolerances. (avoidance, reduction. Sharing,
retention)
Communication and monitoring: Relevant information and data need
to be constantly monitored and communicated across all
departmental levels.
RISK MANAGEMENT FLOWCHART
1. Strategy/Objective Setting

2. Risk Identification

3. Risk Assessment

4. Risk Response

5. Communication & Monitoring

EXAMPLES OF AN ENTERPRISE RISK MANAGEMENT PROCESS
1. Strategy/Objective setting: Consider Tesla, a publicly traded company
operating in two primary segments – automotive and energy
generation. In this example, ERM will begin by considering what
drives the company’s value during the strategy/objective setting. For
Tesla, this could include the company’s competitive advantage, new
strategic initiatives, key product lines, or an acquisition
2. Risk identification: Once the key drivers are identified, the ERM
process will begin the risk identification process by evaluating
relevant risks that can potentially hinder the success of each key
driver.
3. Risk assessment: The risks must then be carefully analyzed from
cross-departmental views during the risk assessment step.
4. Risk response: Once the discussion and acknowledgment of the
potential risks are finalized by upper management, executives will
consider an optimal risk response strategy.
5. Communication and monitoring: Finally, upper management will
measure, monitor, and communicate the effectiveness of the risk
response strategies by utilizing any key risk indicators deemed
effective by that organization.

MANILA WATER
Manila Water continues to implement its Enterprise Risk
Management (ERM) Program based on a globally-accepted
approach, the ISO 31000:2009.
 The program helps Manila Water and its subsidiaries monitor and
manage the strategic, regulatory, operational and financial risks.
It is a proactive process that is well linked to corporate goals and
objectives, embedded in the corporate culture and is well integrated
into critical and strategic planning and operational processes of the
company.
The ERM Program has been cascaded to all the departments in
Manila Water.
he same has been implemented in its subsidiaries in Boracay, Cebu,
Clark

DETAILED STEPS IN IMPLEMENTING THE RISK MANAGEMENT
PROCESS
1. Set up a RM committee chaired by a board member
2. A formal comprehensive RM system should be in place
3. The said system should have:
a. Goals and objectives
b. Risk language definition
c. Organizational structures
d. Documentation
4. RM process should follow these steps:
a. Risk assessment: identification, determination of the source
b. Develop and implement an action plan - reduce, avoid, retain,
transfer or exploit
c. Monitor and report RM performance
d. Continuous improvement of RM capabilities
5. Perform a periodic evaluation of risks and corresponding RM
strategies adopted by the enterprise
6. Observe and replicate best practices of other organizations

RISK MANAGEMENT PROCESS – KFC
Develop and implement an action plan - reduce, avoid, retain,
transfer or exploit:
Although KFC does not have 100% control all areas of supply chains, it does
have the ability to influence the terms of its contracts with its suppliers. For
example, it can use its 2018 experience to argue for increased supplier
accountability in the event of interruption. The final agreement should
specify that both parties assume financial responsibility. If the suppliers fail to
furnish the required ingredients, they must compensate for the resulting
financial losses. As long as this detail is addressed in the contract, the
corporation will be able to manage such a risk.

Monitor and report RM performance
Continuous improvement of RM capabilities

To continue operations, the corporation needed to immediately rearrange its
logistics.

RISK MANAGEMENT CYCLE
Assess
Evaluate
Manage
Measure

RISK MANAGEMENT FRAMEWORK

EIGHT R’S AND FOUR T’S
1. Recognition or identification of risks and identification of the nature
of the risk and the circumstances in which it could materialize
2. Rating and evaluation of risks in terms of magnitude and likelihood
to produce the ‘risk profile’ that is recorded in the risk register
 3. Ranking or analyzing the level of risk against the established risk
criteria
4. Responding to the significant risks and deciding on the appropriate
action: (a) tolerate, (b) treat (c) transfer or (d) terminate
5. Resourcing controls to ensure adequate arrangements are made to
institute controls
6. Reaction planning and event management, including disaster
recovery in case of hazard risks, as well as business continuity
planning
7. Monitoring of risk performance and communicating remaining risk
issues
8. Reviewing the risk management system, internal audit procedures,
review and updating of risk strategy and protocols

PHILIPPINE CASES ON RISK MANAGEMENT
1. Risk Management in Disaster Response and Preparedness: Typhoon
Haiyan (Yolanda)
2. Philippine Financial Institutions: The Case of the Asian Financial Crisis
(1997 – 1998)
3. Philippine Airlines: Crisis Management During the COVID-19
Pandemic
4. San Miguel Corporation: Risk Management in Business Diversification
5. PhilHealth (Philippine Health Insurance Corporation): Managing Fraud
Risk and Financial Sustainability
6. Risk Management in the Philippine Agriculture Sector: Typhoon-
Related Losses: Risk and Financial Sustainability

PRACTICAL GUIDELINES IN REDUCING AND MANAGING RISKS
1. Understand the nature of the risk
2. Identify and prioritize the risks
3. Consider the acceptable level of risk
4. Understand why risks become reality

TYPICAL AREAS OF ORGANIZATIONAL RISK
Financial inefficient cash management
 Commercial market changes
Strategic marketing entry, marketing
decisions
Technical equipment failure
Operational failure to maintain supply

TYPICAL RISK CATALYSTS
1. Technology - new system, new hardware
2. Organizational change – new management, new agreements
3. Processes – new products, new markets
4. People – losing key people, lack of succession planning
5. External factors – changes in regulation, political, economic or social
disruptions

WHAT COMES NEXT?
1. So far, the previous topics identify the factors that may trigger risk
2. The next step is to quantify them

Pointers:

a. Risks that lead to frequent losses can often be solved using past
experience
b. Unusual or infrequent losses may be harder to quantify
3. Once Identified, Control the Risks
a. Share information
b. Prepare and communicate guidelines
c. Establish control procedures and risk management systems

CONTROL THE RISK
1. Install accident prevention and emergency equipment
2. Train people to use them
3. Take security measures to prevent crime, sabotage, espionage, etc.
4. Share risks through:
a. Joint ventures
b. Licensing agreements
 5. More collaborative and flexible way to enter a new market
a. Can combine your strengths, resources, and capabilities with a
partner.
b. Can also benefit from the local knowledge, contacts, and
credibility of a partner
c. Share the costs and risks of the venture

Quality assurance programs This system involves standardizing
processes, training employees, and
monitoring operations to ensure
products meet quality
standards. ISO 9000 is an
internationally recognized QMS that
encourages the production of high-
quality goods and services.
Environmental and control Regulating and managing
processes environmental factors to maintain
desirable conditions such as
temperature, humidity, airflow, air
quality, noise, and vibration
Health and safety regulations Personal protective equipment, laws
on hazardous substances

PRACTICAL TECHNIQUES TO IMPROVE PROFITABILITY
Focus decision making on most profitable areas
Decide how to treat least profitable products
Make sure new products enhance overall profitability
Manage development and production decisions
Set the buying policy
Consider how to create greater value from existing customers
Develop people through training, motivation, support and good
leadership

CONTROL COSTS
Focus on big item expenditures
 Be cost conscious
Maintain a balance between cost and quality
Use budgets for better financial management
Develop a positive attitude to budgeting
Eliminate waste
Understand the impact of cash flow

MANAGE COSTS TO AVOID PITFALLS
Understand the impact of cash flow
Financial expertise must be widely available
Consider the impact of financial decisions
Avoid weak budgetary control
Know where the risks lie

TAKE ACTION, REVIEW STRATEGY
Improve profitability
Avoid pitfalls in making financial decisions
Reduce financial risks

Note: Profitability and cost control will be illustrated during the discussion on
financial control

INTERNAL CONTROL (INTRODUCTION)
Management 101 – planning, organizing, leading/motivating and
controlling
What does controlling entail? – evaluating how well an organization is
achieving goals, putting processes and taking action in case of
variance between objectives and actual performance

COSO Definition – a process effected by an entity’s board of directors,
management and other personnel designed to provide reasonable
assurance of the achievement of objectives in the following categories:

1. Operational effectiveness and efficiency
2. Financial Reporting Reliability
3. Applicable laws and regulations compliance
*Committee of Sponsoring Organizations (read COSO framework)

FIVE INTERRELATED COMPONENTS OF INTERNAL CONTROL
1. Control Environment is the responsibility of the BOD,

To set the philosophy and operating style of an organization
To assign authority and responsibility to the officers who comprise
the management
To organize and develops its people
To establish a management control system that includes:
a. Internal audit function
b. Personnel policies and procedures
c. Delineation and segregation of duties

2. Risk Assessment process refers to management’s

Ability to initiate, record, process and report financial data
Identify, analyze and manage risks pertaining to the preparation of
the financial statements
Once identified, assess he risks as to significance, likelihood of
occurrence and how they should be managed
Establish action plans and programs to address specific risks

3. Information system and business processes relevant to financial reporting
and communication

Journal entries, general ledgers, financial reports (balance sheet,
income statement, statement of cash flows, changes in capital)
Consists of procedures and records designed and established to
a. Initiate
b. Record, process report transactions of the company
c. Maintain accountability for each particular asset, liability or
equity that is being recorded and reported
Transfer information from transaction processing to general ledger
Capture information relevant to financial reporting for events and
conditions, such as depreciation and amortization
Resolve incorrect processing
 Process and account for system overrides
Ensure information required to be disclosed is accumulated,
recorded, processed, summarized and appropriately reported in the
FS