Global Risk Management Report

Regulation and risk is a central topic – because a considerable amount of regulation is designed and adopted, at least notionally, to prevent or mitigate risks, both empirically measured and subjectively perceived. In addition, one of the many difficulties of responding to the COVID-19 pandemic has lain in assessing the real extent of the pandemic spread and impact in different countries. Because of the significant percentage of asymptomatic cases, assessing incidence and prevalence is problematic. Very few countries have been able to have a testing coverage and approach (and/or a successful epidemic suppression response) that make the official number of cases likely to be close to the real number. The reported number of COVID-19 deaths is also problematic because of various degrees of under-reporting (deaths at home are typically not recorded, and deaths in care homes often are not – even deaths in hospital may not be recorded homogeneously between jurisdictions). To compensate for this, it is possible to look at the difference in mortality between the relevant months of 2020 and the previous years’ average (Banerjee et al., 2020[60]).

Again, this is by no means an in-depth research of the variety of regulatory delivery practices in regard to risk, but reflects the broad situation at the strategic level (resource allocation). Risk-focus and risk-proportionality have been increasingly used by governments and regulators when designing and delivering regulation. It is crucial in the perspective of achieving public outcomes at every step of the regulatory policy cycle, while minimising burden and unintended side effects of regulation and rules. Also, many impediments to its utilisation exist, ranging from resistance in institutions to the over-estimation of the effectiveness of “non-risk-based” regulation. The COVID-19 crisis has shown the obstacles that regulation can pose to response needs when it is not in line with a risk-based approach, nor flexible enough.

While addressing this “interpretation gap” goes beyond the scope of this chapter, it is important to acknowledge it, as it helps explain some of the implementation difficulties. Widespread restrictions on travel and mobility together with workplace social distancing rules and temporary closure of business created specific obstacles to in-person inspections, a critical tool for surveillance of compliance with food safety regulations. As a direct result, some countries and regulators chose to scale-back or halt in-person inspections or other compliance activities, prioritising controls of high-risk situations focusing exclusively on critical safety issues – so as to minimise possible virus exposure for inspectors and workers.

Driving Compliance

We are a not-for-profit organization and the leading globally recognized membership association for risk managers. You will have nine months from the date of your paid registration and a maximum of two attempts to pass the exam. If you fail both times or do not take the exam within the nine-month registration period, you must re-register and pay another full registration fee.Should you fail, you will have to wait 30 days to retake the exam. Should you fail fewer than 30 days before the expiration of your nine-month exam period, you will be required to register as a new candidate. For this reason, we strongly recommend that you sit for the exam at least two months before the end of your window. Registration for the series cannot be transferred to another candidate.If you have little industry experience or are not well-versed in banking risk-related issues, we recommend that you spend at least two months reviewing the materials before sitting for the examination.

• Mr. OCAMPO said international financial stability was tied to the regulation of financial institutions so they did not accumulate too much risk and spread it to the rest of the economy.
• In Italy, the regions of Trento, Lombardy and Campania are currently piloting the use of Machine Learning for risk assessment.
• Business executives make up 49% of the sample, with the remaining 51% is split among executives in audit (16%), risk management (24%) and compliance (11%).
• These high-priority risks are tightly interconnected, which means one can amplify others and impacts can be far reaching.
• As indicated in previous sections, interesting experimentations are being done or considered in a number of fields – such as environmental protection, energy networks and mining, food safety etc.
• Sign up to receive the Banking Risk and Regulation newsletter below, or visit bankingriskandreglation.com.

In the United Kingdom, draft legislation has been published allowing the financial services regulators to create rules for critical third parties. For instance in both the United States and Canada reforms have been proposed on cyber security risk management. Increasing reliance on remote surveillance for enforcement purposes rests on the assumption not only that technology will not fail and that it will not be hacked. Thus, it remains in fact just Global Risk and Regulation as important to promote voluntary compliance so as to minimise the amount of fraud and enable to focus enforcement efforts on criminal behaviour, while fostering voluntary compliance as much as possible. Relying on a very large number of connected devices linked to the regulator’s network also creates major security vulnerabilities. The potential for hacking and misuse of the ‘internet of things’ is indeed well known and abundantly documented.

Not seeing your industry?

Thus, even estimating the most “visible” part of the COVID-19 risk (deaths) is difficult – not to speak of the long-term health effects for non-fatal cases, which will become clear only over time (Halpin et al., 2020[61]); (Mitrani, Dabas and Goldberger, 2020[62]). Thus, in spite of its salience, the pandemic poses a first challenge to risk-based regulatory approaches – through the very high level of uncertainty. Because the implementation of a more outcomes-, risk-focused approach entails important technical and professional dimensions, many prominent and successful initiatives are made in a specific sector or regulatory agency, rather than in a cross-cutting programme of reform. Some of the most interesting examples are presented below in Box 6.7, and typically include a variety of complementary tools and interventions to make the regulatory delivery work more effective and efficient. In addition to such work to better assess “operational-level” risk, work at the “strategic level” is also increasingly data-driven. In 2017, Canada’s CFIA launched a review of its risk management model in order to ensure the allocation of resources where it can have the greatest impact on reducing risks.

Digital government developments, progress in computing power and methods, spread of technology and skills, evolution of systems in public administration etc. have led to a situation where these constraints are much reduced, and both “already known” good practices can be taken up more widely, and new, innovative practices can be implemented successfully. Experience demonstrates that training enables understanding and adherence to risk-based enforcement systems into inspections’ models with positive outcomes for regulatory delivery. When inspectors adopt a risk-based approach and start providing advice to businesses, the number of non-conformities and incidents decreases. Well-educated and well-trained inspectors are capable of providing useful advice to businesses and ultimately promote compliance and risk-management.

Take a deep dive into the risk regulatory landscape for 2023 and beyond

From interpreting country-specific insurance regulations to conducting due diligence prior to a cross-border merger and acquisition, you need knowledgeable partners who can create a global program that reduces your Total Cost of Risk (TCOR). Given a topic with so many ramifications and factors, this chapter can only provide a first overview, the start of a discussion, and tentative findings. Still, the issue matters enough that even such a provisional conclusion can potentially contribute to starting to solve this “crisis of confidence”.

Regardless of industry sector, these risks are likely impacting organizations’ strategies and operations. Our 2022 Global Risk Survey highlights five key actions that organizations should consider to drive their risk management capabilities forward. As a former banking supervisor, I am very comfortable with the concept of “home” and “host” supervisors. I understand the value of supervisory frameworks where the responsibility for overseeing globally-active entities can be shared among a number of financial regulators. By doing so, supervision is enhanced and the burden on the supervised organization can be controlled.

The spectacle of British politics has recently found new highs (or lows, depending on the observer). Although exciting to watch, it does nothing to placate the anxieties faced by businesses and households in the context of rocketing inflation, which was amplified by Liz Truss’s now collapsed administration and the failed ‘mini budget’. This article provides a brief history of the events – and explores the fallout – alongside some underlying economic risks. A Mutual Recognition Agreement (MRA) is a legally binding treaty between the regulatory authorities of the two countries that are part of the agreement.

We should not lose sight of the fact that listings on U.S. markets continue to command a valuation premium.[1]  Indeed, in the two years since companies have been reporting and obtaining audits on their internal control, the amount of capital raised by non-U.S. Companies on U.S. exchanges has grown, not shrunk as it did in the years directly after the scandals.[2]  Even with the expansion of equity markets in other countries, I expect that we will see a continued dominance of U.S. capital markets, particularly in the long term. It is healthy and appropriate for financial regulators, policy makers, and others to enhance our debate over the appropriate level and nature of financial supervision and regulation in the United States and other factors that may affect the decision to list on U.S. financial markets. To illustrate the importance of regulatory coordination to the PCAOB, more than 750 of the over 1750 firms registered with the PCAOB are in countries outside the United States, although they may be affiliated with large, U.S. based audit firms. As required by the Sarbanes-Oxley Act, many of these firms are registered with the PCAOB because they audit non-U.S. Companies whose securities trade in U.S. markets and are required to file audited financial statements with the SEC.

Natural Resources

In addition, as also provided for in the Act and the Board’s rules, a number of other non-U.S. With respect to both categories of firms, the PCAOB continues to work closely with its foreign counterparts to minimize unnecessary overlap and achieve our shared objectives in the oversight of these non-US firms. With regard to your theme of multi-jurisdictional challenges, it is worth pointing out that the PCAOB’s oversight mandate specifically includes the audits of non-U.S.

There is also an additional link between technological regulatory solutions and the COVID-19 crisis, as the need to avoid risk of contagion has led to many regulatory and third-party inspections being suspended, with only the highest-risk controls still to be performed. This has put the onus both on the quality of risk-assessment, and on the potential for developing and using “remote audits”, i.e. using technology to “inspect” without a site-visit. While defining risk abstractly is relatively straightforward, developing robust methods to predict the level of risk of different businesses or establishments is far more difficult.

First, the resources at stake are often considerable, representing quite a significant share of overall state employment and resources, and deserve more systematic attention than has often been the case. Second, the allocation of resources can differ sharply between different regulatory fields, without clarity on whether this reflects a proportional difference in the supervision workload or in the underlying risks. Third, there are sharp variations in “intensity” of supervision in terms of number of inspectors by inhabitant, worker, or enterprise, even between neighbouring and otherwise comparable data. Mr. BERTUCH-SAMUELS said that international institutions needed to focus on reducing the severity and frequency of financial crises.

• Most often, comparisons of risk levels are done within a given category of harm – e.g. potential losses of life, or potential financial losses.
• Moreover, there also has been a consolidation in knowledge, with increased sharing of experiences, an increased number of good-practice examples, and further development of international guidance (in particular (OECD, 2018[22])).
• The United States agreed to lift countervailing and anti-dumping duties so long as lumber prices stayed above a defined range.
• Relying on a very large number of connected devices linked to the regulator’s network also creates major security vulnerabilities.
• He reported that his country was engaged in activities at the regional and international levels to identify effective measures and develop an action plan to avert a future global financial crisis.

An excessive number and range of rules means that it ends up being impossible in practice for most economic operators to know about all of them, and to comply with all. An excessively large scope of regulation thus can be setting itself for failure, and in turn harming the rule of law because it is widely accepted that full compliance is impossible (Baldwin, 1990[13]); (Hampton, 2005[14]); (Anderson, 2009[15]). An excessive number of rules and controls means that regulators may be “submerged” by an excessive amount of data – even with the help of modern data analytics tools and increased computing power, over-abundance of information makes effective decision making more difficult (Roetzel, 2018[16]). Regulations address a number of different potential harms (bodily, environmental, financial etc.), not all of which are of equal seriousness – in particular, reversibility or its absence creates a key difference. Likewise, regulation addresses many hazards – industrial pollution and explosions, food poisoning, building fires and collapses, marketing fraud, tax evasion etc. Again, not all of these are of the same severity, and the likelihood of each of these actually happening varies greatly.

Business leaders saw opportunities to thrive in the face of disruption during the pandemic. They began to question their business models and ways of working, and they engineered changes for the long term which were accompanied by risk. An organization’s risk management capabilities can create tremendous value if they help the organization take advantage of the upside of risks that have higher payoff. Our Global Regulatory Network (GRN) and risk and compliance consulting professionals help the C-suite and board-level bank executives respond to constantly changing risk management, prudential regulatory and accounting requirements.

At the outer limit, such an excessively risk-averse regulatory approach can have a negative impact on the aggregate risk level even if it manages to achieve compliance, if the negative economic impact is particularly high, while the direct positive safety impact is low. Indeed, as life expectancy is related to income and to overall GDP levels, the negative aggregate impact on life expectancy may exceed whatever gains are achieved through the regulation (Helsloot, 2012[20]). More broadly, these findings indicate that risk-based regulation should not be seen as an approach that trades-off safety for economic growth. While, of course, trade-offs in regulation exist and should be properly acknowledged, for a given chosen level of protection and regulation, risk-based design and enforcement of regulation will, based on available research, achieve better outcomes both in terms of safety and in economic and social terms (Coglianese, 2012[21]).

The lifespan of many bilateral investment treaties was about ten to 15 years, and the bulk of them had been signed in the 1990s and early 2000s. More than one-third had already reached their maturity, giving the opportunity for countries to reformulate their investment landscape. Emphasizing the shift of focus from bilateral to regional, he noted the dozen regional investment treaties currently in negotiation. Countries had also moved towards the direction of factoring in sustainable development in treaties. The weak recovery greatly complicated efforts to accelerate progress toward achieving the Millennium Development Goals by 2015.