We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Manage Tomorrow's Surprises Today

Steven Minsky

SEC Reprioritizes ERM in 2014

user-pic
Vote 0 Votes

gov-300x98The Security and Exchange Commission announced its examination priorities for the New Year, and Enterprise Risk Management heads the list. The priorities, selected by Senior Staff from the National Examination Program, aim to address areas of weakness that threaten fair, orderly, and efficient markets.

On the subject of Enterprise Risk Management, the NEP states that it will continue to meet with boards and high level senior management to discuss the firm's Enterprise Risk Management process, especially as it pertains to identifying legal, compliance, financial, and operational risks.

This initiative is designed to: (i) evaluate firms' control environment and "tone at the top," (ii) understand firms' approach to conflict and risk management, and (iii) initiate a dialogue on key risks and regulatory requirements.

The SEC's renewed focus comes on the heels of 2013, a year that featured a bevy of high profile failures in risk management, such as the Edward Snowden NSA leaks, European horse meat scandal, Barney's and Macy's shop-and-frisk incident, Carnival Cruise Line's generator fire, and culminating with Target's credit card heist and the security breach of over 70 million customer records.

Also of note is the language used in the Commission's briefing. Too often, enterprise risk management is seen as a static or silo'd practice, but the SEC specifically identifies dialogue as a critical component of any ERM program. The SEC is further demonstrating the need for organizations to be proactive in their risk management practices, and the days of maintaining an out-of-sight out-of-mind approach to risk management have been replaced by regulations designed to prosecute boards and leadership that fail to adequately address their ERM process.

Formalize your ERM process from the ground up with a tool built to promote dialogue and satisfy your regulatory requirements, download our ERM One-Page Overview.

Enhanced by Zemanta

Leave a comment

In this blog, risk expert Steven Minsky highlights the differences between traditional risk management and true enterprise risk management, which is about helping things happen rather than preventing them from happening. Manage Tomorrow's Surprises Today is designed to help you think about risk in new ways and learn how to benefit practically from this rapidly evolving field.

Steven Minsky

Steven is the CEO of LogicManager, Inc. the leading provider of ERM software solutions. Steven is the architect of the RIMS Risk Maturity Model for ERM, author of the RIMS State of ERM Report among many other papers, and a RIMS Fellow (RF) instructor on ERM. Steven has conducted ERM and RIMS Risk Maturity Model training for hundreds of organizations around the globe. Steven is a patent author of risk and process management technology and holds MBA and MA degrees from the University of Pennsylvania’s Wharton School of Business and The Joseph H. Lauder Institute of International Management. You can reach Steven at steven.minsky@logicmanager.com.

Recently Commented On

Monthly Archives

Blogs

ADVERTISEMENT