There has been much discussion in the Enterprise Risk Management world about how to measure the success of an ERM program. Many of the financial institutions relied heavy on risk modelling and quantitative assessments like VaR to evaluate the soundness of their ERM program, but they lacked a robust qualitative assessment process and risk communication structure.
Risk management requires a balance between qualitative and quantitative assessments. There is no substitute for good prudent judgment. As we read in the Financial Crisis Inquiry Commission Report and in Thomas L. Stanton’s new book ” Why Some Firms Thrive While Others Fail” both indicate that poor risk management and corporate governance practices within the financial institutions was the root cause to our Financial Crisis.
So what was the disconnect ? Qualitative assessments requires a ” constructive dialogue” as Thomas L. Stanton states in his new book. ” Constructive dialogue needs to be a two-way street. Supervisors need to be open to input that examiners are engaging in checking -the -boxes drills without understanding the real risks of the company’s business.”
Too many financial institutions practiced ERM as a compliance exercise never drilling deep enough to uncover the root cause of a potential risk event. Without this knowledge, much of their ERM program became reactionary instead of taking a proactive approach into addressing the critical risks to their firms.
Also by practicing both qualitative and quantitative assessments of risks to their financial institutions, these firms would have seen the inter-relationships of risks in their firms and been better prepared to see how combined risk events could have a devastating outcome to their survival.