Risk Governance: Biases, Blind Spots and Bonuses

Cover
Half Title
Series Page
Title Page
Copyright Page
Dedication Page
Contents
List of figures
List of tables
Biography
Foreword
Preface
Part A Foundations of risk governance
	1 Emergence of risk governance
		1.1 Risk management and regulation
		1.2 Biases and blind spots
		1.3 Timing and incentives
		1.4 Financial institutions as risk governance catalysts
		1.5 Conclusion
		Notes
	2 Structures of risk governance
		2.1 Defining risk and risk management
		2.2 The role of the board of directors
			2.2.1 Risk appetite and strategy
			2.2.2 Risk framework and policy
			2.2.3 Supervising the executive
			2.2.4 Risk accountability
		2.3 Board risk committee
		2.4 Risk in the executive – chief risk officer
		2.5 Risk management function
		2.6 Compliance function
		2.7 Assurance
		2.8 Three lines model (aka three lines of defence)
		2.9 Executive compensation
		2.10 Risk disclosures
		2.11 Evidence for risk governance
		Notes
		Further reading and resources
	3 Assessing and embedding risk culture
		3.1 Risk culture/climate versus organisational culture
		3.2 Risk culture and risk management maturity
		3.3 Measuring risk culture
			3.3.1 Observation and interviews
			3.3.2 Risk culture surveys
			3.3.3 Other data sources
		3.4 Building risk culture
			3.4.1 Guidance for boards
			3.4.2 Speaking up and listening up
		Notes
		Further reading and resources
	4 Incentives and accountability
		4.1 Accountability
		4.2 Remuneration and performance measurement
			4.2.1 Components of executive compensation
			4.2.2 Time trends in executive compensation
			4.2.3 Controversies in executive compensation
			4.2.4 Pay/performance sensitivity
			4.2.5 The balanced scorecard and gateways
			4.2.6 Deferrals and share-based remuneration
		Notes
Part B The risk management process
	5 Risk management process overview
		5.1 Communication and consultation
		5.2 Scope, context and criteria
		5.3 Risk assessment
		5.4 Risk treatment
		5.5 Recording and reporting
		5.6 Monitoring and review
	6 Communicating and influencing for risk governance
		6.1 Dealing with hostility and suspicion
		6.2 Dealing with apathy and overconfidence
		6.3 Use of storytelling
		6.4 Appealing to fear
		6.5 General principles
		6.6 Quantitative information
		Notes
		Further reading and resources
	7 Context, criteria and risk appetite
		7.1 Context
			7.1.1 SMEs
			7.1.2 Start-ups
		7.2 Criteria
			7.2.1 Public sector
		7.3 Risk appetite
		Notes
		Further reading and resources
	8 Risk analysis
		8.1 Quantitative risk analysis
			8.1.1 Case study: Larry’s Luxury Food and Wine (with accompanying spreadsheet)
		8.2 Analysing risk interactions
			8.2.1 Interactions at Singapore Airlines
			8.2.2 Interactions at BHP
			8.2.3 Credit and operational risk interactions in banking
		8.3 Managing model risk
		8.4 Subjective risk analysis
		Notes
		Further reading and resources
	9 Risk treatment
		9.1 Treatments and their (unforeseen) consequences
		9.2 Treating ‘financial risks’
		9.3 Operational treatments and flexibility
		9.4 Financial flexibility as a risk management strategy
			9.4.1 Case study: Larry’s Luxury Food and Wine revisited
			9.4.2 Case study: BHP revisited
		9.5 Treating multiple risks simultaneously
		9.6 Evaluating expensive risk treatments
		Notes
		Further reading and resources
	10 Report, monitor, review
		10.1 Link to objectives
		10.2 Reporting to line 1
		10.3 Board risk reporting
		10.4 Monitoring and review
		Note
Part C Case studies
	11 Volkswagen Dieselgate case
		Notes
	12 CBA/conduct risk case study
		12.1 Governance, culture and accountability at the CBA
		Notes
		Further reading and resources
	13 Strategic risk management
		13.1 Strategic risk identification with the PESTLE
		13.2 Evaluating strategic risk through scenario analysis
		13.3 Treating strategic risk: flexibility and preparedness
		13.4 Monitoring and reviewing strategic risk
		Notes
		Further reading and resources
	14 Climate risk management
		14.1 Potential strategic responses
			14.1.1 Accept
			14.1.2 Operational adaptation
			14.1.3 Diversification and transition
			14.1.4 Divestment
			14.1.5 Managed decline
			14.1.6 Insurance and other contractual solutions
			14.1.7 Financial flexibility
		14.2 Governance of climate risk
			14.2.1 Board focus
			14.2.2 Disclosure
			14.2.3 Communication
			14.2.4 Incentives
			14.2.5 Analysis
		Notes
		Further reading and resources
	15 Cyber risk
		15.1 Nature of impact
		15.2 Why is cyber risk so challenging?
		15.3 Cyber security frameworks
		15.4 Insurance
		Notes
		Further reading and resources
	16 COVID-19 pandemic
		16.1 Behaviour changes and dread risk
		16.2 Financial and operational adaptation
		16.3 Rethinking risk management: resilience and adaptability
		Notes
		Further reading and resources
Risk governance glossary
Index