November/December 2008 / Cover Story
The Credit Crisis and Corporate Governance Failures
Like the crises precipitated by Enron, WorldCom and the wave of corporate scandals a few years ago, today’s credit crisis suggests widespread failures of corporate governance, specifically with regard to evaluating and managing risk. A report from the SEC’s inspector general, for example, found that risk managers at Bear Stearns may have been too closely allied with traders and that mortgage models were not properly reviewed.
The current financial crisis, the authors write, “should therefore be a wake-up call to corporate boards and management regarding the need to ensure that their governance structures and practices adequately identify, measure, and evaluate risks, and that management undertakes risk only within acceptable parameters.”
The authors go on to define and advocate for “enterprise risk management,” which involves directors and managers in analyzing and addressing risk across the entire business. According to the ERM model, this is in contrast to piecemeal risk management undertaken in operational units, common referred to in this context as “silos.”
A strong risk management culture, the authors observe, begins at the top, permeates the enterprise and consciously defines “risk appetite.” The authors note that Standard & Poors is starting to rate even non-financial companies according to the effectiveness of their ERM programs.