Tag: Risk committee

Three Practical Steps to Oversee Enterprise Risk Management

The following post comes to us from Latham & Watkins LLP, and is based on a Latham publication by Scott Hodgkins, Steven B. Stokdyk, and Joel H. Trotter.

Oversight of enterprise risk management, or ERM, continues to challenge boards and occupy a prominent place on the governance agenda. Effective ERM seeks to balance risk and opportunity while enhancing value-creation opportunities. Proxy advisors may recommend “against” or “withhold” votes against directors of companies that experience a material failure of risk oversight.

A leading ERM framework, developed by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission, directs boards to:


The Influence of Board of Directors’ Risk Oversight on Risk Management Maturity and Firm Risk-Taking

The following post comes to us from Christopher Ittner of the Department of Accounting at the University of Pennsylvania and Thomas Keusch of the Department of Business Economics at Erasmus University Rotterdam.

A variety of external events, including inquiries into the causes of the 2008 financial crisis and changes in regulations and listing rules have fostered rising expectations for boards of directors to exert greater oversight of their organizations’ risk management processes. The primary impetus behind these external pressures is the belief that stronger board oversight over risk management processes will lead to substantive improvements in risk management and more informed risk-taking. Many observers, however, argue that board members often lack the time, skills, and information necessary for effective risk oversight. They contend that the adoption of governance practices that are advocated or mandated by external parties is often window-dressing. This point of view suggests that board risk oversight will have little effect on companies’ risk management practices or risk-taking.


Boards of Directors, Corporate Governance and Cyber-Risks: Sharpening the Focus

Luis A. Aguilar is a Commissioner at the U.S. Securities and Exchange Commission. This post is based on Commissioner Aguilar’s remarks at the recent “Cyber Risks and the Boardroom” Conference; the full text, including footnotes, is available here. The views expressed in the post are those of Commissioner Aguilar and do not necessarily reflect those of the Securities and Exchange Commission, the other Commissioners, or the Staff.

I am pleased to be here and to have the opportunity to speak about cyber-risks and the boardroom, a topic that is both timely and extremely important. Over just a relatively short period of time, cybersecurity has become a top concern of American companies, financial institutions, law enforcement, and many regulators. I suspect that not too long ago, we would have been hard-pressed to find many individuals who had even heard of cybersecurity, let alone known what it meant. Yet, in the past few years, there can be no doubt that the focus on this issue has dramatically increased.


Risk Management and the Board of Directors—An Update for 2014

Martin Lipton is a founding partner of Wachtell, Lipton, Rosen & Katz, specializing in mergers and acquisitions and matters affecting corporate policy and strategy. This post is based on a Wachtell Lipton memorandum by Mr. Lipton, Daniel A. Neff, Andrew R. Brownstein, Steven A. Rosenblum, and Adam O. Emmerich.



Corporate risk taking and the monitoring of risks have remained front and center in the minds of boards of directors, legislators and the media, fueled by the powerful mix of continuing worldwide financial instability; ever-increasing regulation; anger and resentment at the alleged power of business and financial executives and boards, including particularly as to compensation during a time of economic uncertainty, retrenchment, contraction, and changing dynamics between U.S., European and emerging market economies; and consistent media attention to corporations and economies in crisis. The reputational damage to boards of companies that fail to properly manage risk is a major threat, and Institutional Shareholder Services now includes specific reference to risk oversight as part of its criteria for choosing when to recommend withhold votes in uncontested director elections. This focus on the board’s role in risk management has also led to increased public and governmental scrutiny of compensation arrangements and their relationship to excessive risk taking and has brought added emphasis to the relationship between executive compensation and effective risk management. For the past few years, we have provided an annual overview of risk management and the board of directors. This overview highlights a number of issues that have remained critical over the years and provides an update to reflect emerging and recent developments.


Dodd-Frank Enhanced Prudential Standards for Foreign Banks with Limited US Footprints

The following post comes to us from Luigi L. De Ghenghi and Andrew S. Fei, attorneys in the Financial Institutions Group at Davis Polk & Wardwell LLP, and is based on a Davis Polk client memorandum; the full publication, including diagrams, tables, and flowcharts, is available here.

The Federal Reserve has issued a final rule adopting a tiered approach for applying Dodd-Frank enhanced prudential standards to foreign banking organizations (“FBOs”). Under the tiered approach the most burdensome requirements (e.g., the requirement to establish a top-tier U.S. intermediate holding company) will only apply to FBOs with large U.S. operations, whereas fewer requirements will apply to FBOs with limited U.S. footprints.

We have summarized below the Dodd-Frank enhanced prudential standards that will apply to the following FBOs with limited U.S. footprints:


Final Federal Reserve Rules for Foreign Banking Organizations

The following post comes to us from Joseph T. Lynyak, III and Rodney R. Peck, partners in the Financial Services Regulation practice at Pillsbury Winthrop Shaw Pittman LLP and is based on a Pillsbury publication by Messrs. Lynyak and Peck.

This post describes the final regulations issued by the Federal Reserve Board (the “FRB”) on February 18, 2014, that radically modify the former requirements applicable to foreign banking organizations (“FBOs”) pursuant to the FRB’s Regulation K. The final rules (the “Final Rules”) impose various requirements on large FBOs that previously have been applied to large U.S. domestic bank holding companies and banks under the Dodd-Frank Act. In addition, however, the Final Rules also alter many of the former approaches to the regulation of FBOs in general, including the necessity for many FBOs to form “U.S. intermediate holding companies” for their U.S. operations.

Regardless of the category an FBO falls into, the Final Rules present significant additional compliance burdens.


Enhanced Prudential Standards

The following post comes to us from Sullivan & Cromwell LLP, and is based on a Sullivan & Cromwell publication by Andrew R. Gladin, Rebecca J. Simmons, Mark J. Welshimer, and Samuel R. Woodall III. The complete publication, including Annexes, is available here.

On February 18, 2014, the Board of Governors of the Federal Reserve System (the “FRB”) approved a final rule (the “Final Rule”) implementing certain of the “enhanced prudential standards” mandated by Section 165 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act” or “Dodd-Frank”). The Final Rule applies the enhanced prudential standards to (i) U.S. bank holding companies (“U.S. BHCs”) with $50 billion (and in some cases, $10 billion) or more in total consolidated assets and (ii) foreign banking organizations (“FBOs”) with (x) a U.S. banking presence, through branches, agencies or depository institution subsidiaries, and (y) depending on the standard, certain designated amounts of assets worldwide, in the United States or in U.S. non-branch assets. The Final Rule’s provisions are the most significant, detailed and prescriptive for the largest U.S. BHCs and the FBOs with the largest U.S. presence—those with $50 billion or more in total consolidated assets and, in the case of FBOs, particularly (and with increasing stringency) for FBOs with combined U.S. assets of $50 billion or more or U.S. non-branch assets of $50 billion or more.


Risk in the Boardroom

Matteo Tonello is managing director at The Conference Board. This post relates to an issue of The Conference Board’s Director Notes series authored by Dr. Tonello and available here.

In a Director Note recently published, The Conference Board reviews current corporate practices on risk oversight by members of the board of directors of U.S. public companies. The study is based on findings from a survey of 359 SEC-registered business corporations conducted by The Conference Board in collaboration with NASDAQ OMX and NYSE Euronext. Data are categorized and analyzed according to 22 industry groups (using their Standard Industrial Classification, SIC, codes), seven annual revenue groups (based on data received from manufacturing and nonfinancial services companies) and five asset value groups (based on data reported by financial companies, which tend to use this type of benchmarking).

The publication details where the board assigns risk oversight responsibilities, whether it avails itself of dedicated reporting lines from senior management on risk issues, and the degree to which it adopts a standardized framework on enterprise risk management (ERM). Given the correlation between risk and strategy, data on the frequency and forms of strategic reviews is also presented.

The following are the main findings discussed in the study.


Board Oversight of Risk Management: Valuable Guidelines from JPMorgan Chase

The following post comes to us from Michael W. Peregrine, partner at McDermott Will & Emery LLP. This post is based on an article by Mr. Peregrine; the views expressed therein do not necessarily reflect the views of McDermott Will & Emery LLP or its clients.

The current public controversy notwithstanding, valuable governance lessons arise from JPMorgan Chase’s internal analysis of the highly public 2012 losses in its synthetic credit portfolio; the saga of the so-called “London Whale”. The internal JPMorgan analysis should not be confused with the March 15 report on the “Whale Trades” issued by the Senate Permanent Subcommittee on Investigations. [1] Neither should its credibility be undermined by the Subcommittee’s critical report.

JPMorgan’s primary findings were contained in an exhaustive report of the trading strategies and management activities that led to these losses, prepared by a management task force. [2] Additional findings and recommendations were included within a much shorter companion report prepared by the board’s Review Committee. This companion report concentrated on the board’s risk oversight practices. [3] To a certain extent, the “sizzle” was contained in the lengthier management task force report, with its focus on what happened, why it happened, and who was to blame for it happening. But from a governance perspective, the lessons for corporate America are in the companion report, with its focus on improving the process by which risk information is reported to the board. These governance recommendations are highly relevant today, because the broader fiduciary landscape has been dominated of late by concerns about the quality of board oversight of risk.


It’s (Not) All About the Money

The following post comes to us from Nizan Geslevich Packin at the University of Pennsylvania Law School.

In the paper, It’s (Not) All About the Money: Using Behavioral Economics to Improve Regulation of Risk Management in Financial Institutions, forthcoming in the University of Pennsylvania Journal of Business Law, I focus on the Dodd-Frank Act’s risk management provisions, and specifically the requirement that financial institutions create separate risk committees. The goal of this regulation is to mitigate risks to the financial stability of the US, because despite media attention to financial institutions and great regulatory efforts, including the focus on risk management, little has changed in financial institutions’ business cultures. Indeed, excessive risk-taking by such institutions is still rampant. In the article, I argue that risk-related decision makers do not make decisions about risk-taking in a vacuum, but in an environment where multiple factors, noticed and unnoticed, can influence the decisions. Such factors include cognitive-related biases and group-related biases, and there are tools, which have not yet been analyzed in literature that regulators can use to reduce undesired or excessive risk-taking. Indeed, by shaping such environmental factors in which risk-related decisions in financial institutions are made, regulation can help actors make better, less pro-risk-taking, choices. With the goal of reducing excessive risk-taking by financial institutions, this article builds on an emerging focus in behavioral law and economics on prospects for “debiasing” actors through the structure of legal rules. Under this approach, legal policy may reduce biases’ effects and judgment errors by directly addressing them. Doing so will then help the relevant actors either to reduce or to eliminate these effects and errors. Accordingly, the article suggests using behavioral economic-based legal guidelines to supplement the Dodd-Frank Act‘s risk committee’s requirement. Such legal guidelines would help reduce the degree of biased behavior that risk committees exhibit.


  • Subscribe

  • Cosponsored By:

  • Supported By:

  • Programs Faculty & Senior Fellows

    Lucian Bebchuk
    Alon Brav
    Robert Charles Clark
    John Coates
    Alma Cohen
    Stephen M. Davis
    Allen Ferrell
    Jesse Fried
    Oliver Hart
    Ben W. Heineman, Jr.
    Scott Hirst
    Howell Jackson
    Robert J. Jackson, Jr.
    Wei Jiang
    Reinier Kraakman
    Robert Pozen
    Mark Ramseyer
    Mark Roe
    Robert Sitkoff
    Holger Spamann
    Guhan Subramanian

  • Program on Corporate Governance Advisory Board

    William Ackman
    Peter Atkins
    Joseph Bachelder
    John Bader
    Allison Bennington
    Richard Breeden
    Daniel Burch
    Richard Climan
    Jesse Cohn
    Isaac Corré
    Scott Davis
    John Finley
    Daniel Fischel
    Stephen Fraidin
    Byron Georgiou
    Larry Hamdan
    Carl Icahn
    David Millstone
    Theodore Mirvis
    James Morphy
    Toby Myerson
    Barry Rosenstein
    Paul Rowe
    Rodman Ward