Press & Media Relations
Tel.: +32 2 515 10 71
12 December 2007
Speaking at the EURELECTRIC conference on Financing the
Future of the Electricity Industry on 3 December, session
Chairman Agustin Moliner de Palacio of Spanish
electricity major Endesa explained that the importance of
Enterprise Risk Management has risen for the electricity industry
as companies' exposures to market and regulatory risks is mounting
and players are facing increasing demands from stakeholders
concerned about risk transparency and control. As a response to
this situation, EURELECTRIC has set up an expert group on
Enterprise Risk Management in order to achieve a
common understanding of the subject and develop high-level concepts
for dealing with it.
Professor Marc Oliver Bettzüge of the University of Cologne stressed that in a competitive environment investment decisions inevitably have uncertain outcomes. Therefore companies need to be able to deal with these uncertainties and translating this into a company "risk management" programme requires the expertise of both technicians and high-level decision-makers. By helping to prepare for strategic decisions, enterprise risk management (ERM) can constitute a competitive advantage for a company. A company should not aim to reduce risk when analysis shows that it might be advantageous to take risk, Professor Bettzüge pointed out.
Describing six guidelines for the implementation of a proper risk management programme, Professor Bettzüge stressed that ERM must cover the entire company in order to take account of diversification effects. He also recommended a top-down approach driven by the company board. The ERM process should include risk measurement, a decision regarding the desired risk position, the actual management of risks, and also include communication aspects.
In order to deal with open positions, companies must develop adequate quantification tools and provide effective trading capabilities, he told the audience. However, positions that cannot be traded due to lack of market liquidity must be addressed in a different way. He concluded his guidelines by reminding the delegates that ERM will not necessary lead to the total abolition of risk as profit-making often requires risk taking.
David Knipe of consultants Oliver Wyman took up Professor Bettzüge's point that while many companies focus only on compliance and "checklist" initiatives following a strategy to purchase a solution or to manage risk down, in reality "risk is a fundamental part of strategy and should be employed to make financial returns". There is in fact currently a shift among companies towards augmenting the sophistication of their ERM programmes towards producing outputs that are pivotal factors in corporate strategic planning and budgeting decisions. These companies are aiming to develop or strengthen their analytical capabilities and expect ERM to play a leading role in that strategic effort, Mr Knipe explained.
A key requirement for arriving at an adequate risk profile is to develop a clear view on the company's risk appetite and capital requirements given the level of risk. In order to really add value, ERM must be embedded into key decision making processes, he underlined.
José Diaz Morales of consultants Ernst and Young focussed on the recent Sarbanes Oxley Act in the United States and its influence on the relevance and reliability of financial information. He explained that there are differing views on Sarbanes Oxley (SOX) ranging from "a regulatory confusion costing billions of dollars" to "benefits from enhanced financial processes". Although SOX has been mandatory since 2004, even in 2006 auditors were still of the opinion that around 7% of the filers did not have effective internal controls in place. The main reasons were "accounting documentation, policy and/or procedures" and "material and/or numerous auditor /year end adjustments".
Mr Diaz pointed out that as there are still some problems in the reliability of the financial information provided by listed companies there is still room for improvement in optimising cost and efficiency in the process of certification. This is in particular valid in relation to section 404 of SOX which requires management and the external auditor to report on the adequacy of the company's internal control over financial reporting. Both management and the external auditor are each responsible for performing his own assessment in the context of a top-down risk assessment.
Despite the shortcomings noted, Mr Diaz concluded that "the confidence of the companies in their internal controls for financial reporting is substantially higher than in their internal controls for the business/operational and IT areas."
Jacqueline Boucher of Belgian electricity major Electrabel outlined for the audience a project on operational risk and its application. The Linnaeus Project, which has been carried out within EURELECTRIC's Enterprise Risk Management group, is intended to provide advanced practice for identification, measurement, management and control of operational risks in the electricity industry. The first stage of the project was completed during 2007 and the second is currently ongoing.
The project's definition of "operational risk" is based on the Basel II capital adequacy rules for financial institutions but modified to include risks specific to the electricity industry. For example, operational risks have a slightly greater importance in the utility sector than in the financial sector.
The identification stage of the project was based on a common language and a definition of the main Operational Risk concepts for the electricity industry. These concepts eventually represent the data inputs that are required to build a strong operational risk management process. Each one of these concepts can have a specific typology that will allow systematic capture of the corresponding information. The pillars of the concept are analysing the event (actual or potential), the risk factor, the effect, the organisational dimension and the assets linked to the risk.
Press & Media Relations
Tel.: +32 2 515 10 71