July 2010

S&P Clarifies ERM Treatment for Nonfinancial Companies

Print LinkedIn Subscribe more CommentsComments

Rating agency Standard & Poor’s (S&P) has clarified its treatment of enterprise risk management (ERM) practices of nonfinancial companies within its rating system. Whether one considers this a measured step back from S&P’s initial 2007 announcement on ERM or agrees with S&P’s view that some were "confused" and "misinterpreted [the initial announcement] as a change to the ratings process," one thing appears certain — nonfinancial companies will not be rated based on their implementation of a particular ERM framework or process.

S&P goes on to explain that, within most companies, ERM is not very well developed, and that the "most common approach to ERM involves maintaining a 'risk register' or 'heat map' that classifies top risks by likelihood and impact, along with a mitigation strategy for each. Fewer companies assign specific ownership for key risks, develop alternative mitigation strategies and communicate risk tolerances clearly across their organizations."

These observations are consistent with a recent Towers Watson survey of 244 risk and finance managers, which showed that, of the 55% of companies that identify themselves as having implemented an ERM process, just 71% have assigned ownership of key risks, and only 46% regularly communicate risk issues even at the board level. That suggests fewer than 40% of all companies have implemented even basic ERM practices, and about 25% have formalized the process.

Does this suggest that ERM for corporate entities is dead? Far from it. While some are tempted to write its obituary, others are advancing the cause, most notably the SEC. In its recently adopted proxy disclosure rules, the SEC requires, among other items, that companies disclose:

  • Compensation policies and practices that expose the company to material risks
  • The board’s role in risk oversight

The implications of these disclosure requirements are potentially far reaching, and may ultimately do more to accelerate the adoption of effective risk management practices than many expected would be the case when S&P first raised the possibility of reflecting ERM in its ratings of nonfinancial companies.

For more information about Towers Watson’s Risk Management consulting capabilities, please visit our Corporate Risk Advisory & Brokerage site.

More Information

Related

Next Steps

Related services:

Contact us with questions or to request services

About Towers Watson

Towers Watson is a leading global professional services company that helps organizations improve performance through effective people, risk and financial management. With 14,000 associates around the world, we offer solutions in the areas of employee benefits, talent management, rewards, and risk and capital management.

Global Headquarters:

875 Third Avenue, New York, NY 10022, USA

Copyright 2012 Towers Watson. All rights reserved. Terms of Use Privacy Policy