Global risk management and performance - From the internal control to the ERM

The industry has undergone three major phases of consolidation over the past 60 years. Growth began in the 1960s, diversification in the 1980s and, since 1990, the focus has been on market share and targeted projects. Growth must be profitable and create value for the company.

At the end of the 1990s, the scope and expertise of risk management within industrial and commercial companies were essentially based on a dichotomy between insurable and non-insurable risks. Management of the former was outsourced to a broker. For the latter, a positive operating result ensured the financing of residual risks, enabling the company to achieve its strategic objectives at a relatively high level of confidence.

Since then, a succession of financial, accounting, banking, technological, industrial and natural events of the LP-HC type have taken place, and their frequency and severity are increasing. The first consequences were the introduction by governments of an avalanche of regulations designed to protect investors, savers and policyholders, and to improve the quality of corporate financial information.

The volume, complexity and impact of some of these regulations on the internal and external governance of organizations have required manufacturers and trading companies to devote considerable resources to compliance. Ad hoc audits have been transformed into genuine internal control processes. Risk assessment has developed in non-financial companies, with so-called "risk mapping" processes based on a triptych concept:

• identification ;

• processing ;

• financing.

Expertise in transferring risks to insurance companies has sometimes been internalized, leading to the creation of captive insurance companies. QHSE insurance companies are called upon not only for product and process compliance, but also for regulatory requirements and risk management. For large-scale industries, the operational safety department has developed an approach and methods for controlling risks. Human factor analysis is progressing along two distinct axes: failure or resource. Finally, finance departments have improved their management of so-called "financial" risks.

On an organization-wide scale, observations of risks with distribution tails, extreme values and a non-linear overall correlation structure are becoming a daily occurrence. The present is not explained by the past, it is explained imperfectly, and forecasting horizons are shrinking. We are not always in a position to provide precise estimated probabilities and consequences. Observed frequencies therefore differ from a priori estimated probabilities....