Strategic Risk Management:
Improving Your Organization’s Chances for Success
Two perspectives:
IBM Paychex
RIMS Conference 2012Philadelphia
Enterprise Risk Management (“ERM”) is a strategic business discipline that supports the achievement of an organization’s objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio.
Strategic Risk Management (“SRM”) is a business discipline that drives deliberation and action regarding uncertainties and untapped opportunities that affect an organization’s strategy and strategy execution.
Strategic Risk Management Defined (RIMS)
Stuart Horn Director, Enterprise Risk Management IBMArmonk, New York Stuart is Director of Enterprise Risk Management at IBM, in the role since 2008. The ERM program has a global scope over all IBM business lines and internal operations, which reaches 170 countries, over $100B of revenue, and 400K employees. During his 27 years at IBM, Stuart has had experience in application development, IT services delivery, consulting, and business process services interacting and overseeing working operations centers globally. This background provides him the institutional knowledge to implement, align, and customize ERM for IBM's context.
Today’s Panel
John PhelpsDirector, Business Risk SolutionsFlorida BlueJacksonville, Fl.
Mod
erat
or
Frank FiorilleDirector of Risk Management Paychex, Inc.Rochester, NY Frank is the Director of Enterprise Risk Management at Paychex, a leading provider of payroll, human resource, and benefits outsourcing solutions for small- to medium-sized businesses. The company has more than 100 offices and serves approximately 564,000 payroll clients and 12 million employees nationwide. Fiorille has over 20 years experience in risk management and credit and joined Paychex in 2002 to lead the company’s initiative to build an enterprise wide risk apparatus.
• Revenue: $107B• Operating Net Income: $16.3B• Workforce: 433K• Countries: 170 Countries• Acquisitions: 130 Companies since 2000• Capital Expenditures: $50B over past 12 years
Company Profile
IBM’s ERM mission is about enhancing the odds of success
ERM is an approach to identify, assess and address risk inthe Formulation of the Strategy of an Enterprise
ERM is an approach to identify, assess and address risk inthe Execution of the decided Strategy of an Enterprise
ERM is an approach to identify, assess and address risk inthe Operations of an Enterprise
Take advantage of the scale and scope of IBM’s globally integrated enterprise to improve performance through enhanced identification and management of enterprise risks.
IBM’s ERM MissionIBM’s ERM Mission Statement
Doing business in new places and new ways while providing new solutions presents new risks we may be unfamiliar with
Risk management is centered in the Business Units, where risk is taken for commercial gain
IBM Organization At a Glance Business Units -Senior Vice Presidents
Business Units -Senior Vice Presidents
Lead and Own strategic and operational risk management
Set the tone to take and manage risks across the business for commercial gain
Oversee program
Effectiveness of risk mgmt
Cross enterprise collaboration
ERM Steering CommitteeERM Executive Council
ERM Steering CommitteeERM Executive Council
Systems & Technology Group
(STG)
Global Business Services (GBS)
Software Group (SWG)
Global Technology Services (GTS)
Sales & Distribution (S&D)
Business UnitsGeographies Processes & Functions
HR
Mkting & Comms
IT
Finance
Legal
RESO
Sales Ops Service Labor
Mgmt Transformation
HW ProductMgmt Transformation
SalesIncentives
Major Markets- North America- Europe- Japan
Growth Markets
SupplyChain
Order to Cash
Opportunityto Order
ERM reports to CFO, but takes an enterprise-wide view of strategic and operational risks
ControllerControllerTreasury
CFOCFO
CEOCEO
Corporate Business Controls
Corporate Business Controls
Pension Fund
Enterprise Risk Mgmt
Financial Risk Assess
General Auditor
General AuditorTax Corporate
DevelopmentChief Risk
Officer
General CounselGeneral Counsel
Chief Trust & Compliance Officer
BU CFO
CFO, S&DCFO, S&D
CFO, STGCFO, STG
CFO, SWGCFO, SWG
CFO, GBSCFO, GBS
CFO, GTSCFO, GTS
Risk & Insurance
Management
Risk & Insurance
Management
StrategyStrategy
Enterprise Risk Mgmt Department (3 Headcount):• Supports the ERM Steering Committee and Executive Councils in
assisting the business in identifying and managing enterprise level risks • Sets standards for ERM assessment & reporting• Integrates risk with strategy & execution• Institutionalizes ERM knowledge
Setting the context for ERM is important and unique to each company
Exiting Businesses
Setting Strategic Direction
Acquisitions
BRIC country revenue up 16%(constant currency)
Growth Markets are 22% of Geographic Revenue (constant currency)
Shift to Higher Value
0 %
1 0 %
2 0 %
3 0 %
4 0 %
5 0 %
6 0 %
7 0 %
8 0 %
9 0 %
1 0 0 %
2 0 0 0 * * 2 0 1 1
44%
40%
16%
Percent of Operating Segment Profit*
Hardware / Financing
Software 25%
40%
35%
** Stock-based compensation expense was not recorded at the segment level and excludes Enterprise Investments
* Sum of operating segment pre-tax income not equal to IBM pre-tax income
Services
Shift to Higher Value
0 %
1 0 %
2 0 %
3 0 %
4 0 %
5 0 %
6 0 %
7 0 %
8 0 %
9 0 %
1 0 0 %
2 0 0 0 * * 2 0 1 1
44%
40%
16%
Percent of Operating Segment Profit*
Hardware / Financing
Software 25%
40%
35%
** Stock-based compensation expense was not recorded at the segment level and excludes Enterprise Investments
* Sum of operating segment pre-tax income not equal to IBM pre-tax income
Services
'00 '01 '02 '03 '04 '05 '06 '07 '08 '09 '10 '11
Hardware / Financing Services Software
Sum of external segment pre-tax income not equal to IBM pre-tax income
* Non-GAAP: Excludes acquisition-related charges and non-operating retirement-related charges2000 & 2001 segments not restated for stock based compensation; 2000-2010 Segment PTI is reclassified to conform with 2011 operating presentation
Operating PTI / EPS *
Segment Operating PTIOperating EPS
$13.44
'00 '01 '02 '03 '04 '05 '06 '07 '08 '09 '10 '11
Hardware / Financing Services Software
Sum of external segment pre-tax income not equal to IBM pre-tax income
* Non-GAAP: Excludes acquisition-related charges and non-operating retirement-related charges2000 & 2001 segments not restated for stock based compensation; 2000-2010 Segment PTI is reclassified to conform with 2011 operating presentation
Operating PTI / EPS *
Segment Operating PTIOperating EPS
$13.44
Recognizing emerging risks provides value by driving business change
Recognizing emerging risks provides value by driving business change
Shifting market mix to enable growthShifting market mix to enable growth
Risk Management is explicit in Board & Executive responsibilities
…The Board is responsible for overseeing management in the execution of its responsibilities and for assessing the Company's approach to risk management…
… an overall review of risk is inherent in the Board’s consideration of the Company’s long-term strategies and in the transactions and other matters presented to the Board...… the Board's three committees, each of which examines various components of enterprise risk as part of their responsibilities…
Proxy Statement General Information – Board of Directors
…motivate our leaders to deliver a high degree of business performance without encouraging excessive risk taking;
…emphasis on longer-term financial success and prudent risk management……our compensation program and policies do not encourage excessive risk taking…
Executive Compensation Section of the IBM Proxy
Risk is an integral part of IBM’s Business Leadership Model
Consider risk in theformulation of strategy
Anticipate and prepare for managing risk in execution
Integrate risk actions intomanagement systems
Supplement market insight with external risks, challenge the innovation process, question assumptions, and assess the viability execution
Marketplace Insight•External risks•Migration of client value risks•Competitive risksInnovation Focus• Identify & cover discontinuities• New risk take-over offerings
Business Design Alternatives
Execution•Capabilities required to effectively manage the risks inherent in the business design
Marketplace assumptions, Client priorities, Technology shifts
Strategy cycle emphasizes risks associated with enterprise initiatives and achieving growth
Consider new risks which may emerge in the pursuit of growth strategies
Identify other key risks that could be obstacles to achieving unit’s objectives
Cross-business unit interdependencies
Strategy Cycle
Execution cycle emphasizes risks associated with execution of strategy
Risk associated with the execution of strategies, actions to manage them, and metrics for measuring the effectiveness of the actions
Provide discrete allocation of funds or resources (as appropriate)
Cross-business unit interdependencies
Corporate strategy and growth priorities guide the business unit strategies & execution
Execution Cycle
Scenario-based analysis to test and improve flexibility and resiliency
Problem Statement
• Identify Risks• Define potential outcomes: likelihood of occurrence,
timeline and implications on the market and our business
Scenario Modeling
• Develop scenarios based off range of outcomes• Size business and financial implications• Prioritize scenarios based on likelihood and size of
impact
Response
• Preventative actions to manage risk• Responsive actions should scenario materialize• Both proactively and reactively under different
conditions
Management Actions
• Recommend next steps• Immediate actions• Management system to monitor, determine future
action
Scenarios where the company exceeds or misses performance objectives Consider external risk factors, business context, and unit interdependencies
Identify upside opportunities where we can help clients address the risk
Scenarios where the company exceeds or misses performance objectives Consider external risk factors, business context, and unit interdependencies
Identify upside opportunities where we can help clients address the risk
Summary
• Inform strategy with consideration of risk– Understand the risks the company can and should take on and how to be
appropriately compensated for taking on those risks
• Prepare to manage risk in the execution of strategies– Identify additional actions to take to improve the chances of success
• Manage risk in ongoing operations– Are there process changes or standards that should be set or augmented or are
there opportunities to collaborate on best practices to increase uniformity
• Provide value– Keep line of sight to the elephants and gorillas in the room
– Enhance strategy effectiveness by engaging cross-enterprise to address interdependencies and take advantage of scale
– Transparency of risks and effective management enables greater appetite and tolerance in pursuit of commercial gain
17
• Provider of comprehensive payroll, human resource, and benefits outsourcing solutions for small to medium sized businesses
• Approximately 564,000 clients
• More than 100 offices nationwide
Paychex Profile
Board & Executive Engagement
Company Strategy “We are focused on achieving strong, long-term financial performance by…”
“Our future results of operations are subject to a number of risks and uncertainties. These risks and uncertainties could cause actual results to differ materially from historical and current results and from our projections…”
Corporate Governance“…lead the Board, particularly as it focuses on strategic risks and opportunities facing the Company.”
Risk Oversight“One of the functions of the Board is oversight of risks inherent in the operation of the Company’s business. The Board fulfills this function through reports from officers for oversight of particular risks within the Company, through legal review of the Company’s strategic plan, and through delegation of certain risk oversight functions…”
Paychex 2011
Annual Report
Paychex 2011 Form 10-K Item 1A. Risk Factors
Paychex 2011 Proxy Statement
Strategic Risk Management• A comprehensive process to identify, evaluate and manage strategic risks to reduce
uncertainty AND maximize opportunities
• Guiding Principles of SRM:– Primary component of an organization’s ERM process– Ultimate goal is protecting and enhancing shareholder value– Effected by boards of directors, executive management and others– A strategic approach to risk and managing uncertainty is necessary to achieve company objectives– Continuous process
Frequency & Severity
Related Impacts Interdependencies
Risk Profile
Informed Decisions
Assess Analyze
Retain/Finance Or Transfer
Corporate Tolerance Risk/Opportunity
Mitigate/ControlIdentifyAlign to
Corporate Objectives
Monitor/Report
Adapt/Improve
20
Extended Enterprise & Value Chain
Setting strategy, objectives, tone,
policies, risk appetite and accountabilities;
monitoring performance.
Operating in accordance with objectives; ensuring adherence to laws and regulations, internal policies and
procedures, and stakeholder commitments.
Identifying and assessing risks that may
affect the ability to achieve objectives; determining risk response strategies
and control activities.
Establishing Context
New Strategy & Risks
Maximizing return on capital Business Planning & Strategy Long term growth
in shareholder value
Risk Framework, Control & Monitoring
Optimizing volume and profitability
Operational & Change Mgmt (Systems, Processes, People)
10
Risk Strategy
Capital Management,
Business Performance Monitoring
Economic Capital
Allocation
Market, product, customer, operational strategy
New ventures, risk/capital
impact
Regulatory Capital
Calculation Corporate governance
Risk Identification
& Assessment
Maximizing operational cost
effectiveness
Projects (Objectives, Resources, Risk, Capital)
Strategic Risk Management Process
Classic Risks
Creative Risks
“The strategic bets that we place during our
poker game or try new things.”
“You’ve got to ante up to get into
the game or stay in business.”
“Paychex, like most firms, makes money and creates value by taking intelligent risks and loses money or
gets in trouble by failing to manage risk effectively.”
Why Integrate ERM with Strategy?
22
Internal Forces “Enabling Activities”
External Pressures
Paychex Strategic Process
Board of Directors
Political
Strategy
Cultural
Appetite
Tolerance
Ethics
Objectives
ShareholderExpectations Regulators Rating Agencies Stakeholders
Info
rmati
onG
uidance
Risk
Opportunity
ERMProcess
Protect and Enhance Shareholder Value
24
• Provider of comprehensive payroll, human resource, and benefits outsourcing solutions for small to medium sized businesses
• Approximately 564,000 clients
• More than 100 offices nationwide
Paychex Profile
Board & Executive Engagement
Company Strategy “We are focused on achieving strong, long-term financial performance by…”
“Our future results of operations are subject to a number of risks and uncertainties. These risks and uncertainties could cause actual results to differ materially from historical and current results and from our projections…”
Corporate Governance“…lead the Board, particularly as it focuses on strategic risks and opportunities facing the Company.”
Risk Oversight“One of the functions of the Board is oversight of risks inherent in the operation of the Company’s business. The Board fulfills this function through reports from officers for oversight of particular risks within the Company, through legal review of the Company’s strategic plan, and through delegation of certain risk oversight functions…”
Paychex 2011
Annual Report
Paychex 2011 Form 10-K Item 1A. Risk Factors
Paychex 2011 Proxy Statement
Strategic Risk Management• A comprehensive process to identify, evaluate and manage strategic risks to reduce
uncertainty AND maximize opportunities
• Guiding Principles of SRM:– Primary component of an organization’s ERM process– Ultimate goal is protecting and enhancing shareholder value– Effected by boards of directors, executive management and others– A strategic approach to risk and managing uncertainty is necessary to achieve company objectives– Continuous process
Frequency & Severity
Related Impacts Interdependencies
Risk Profile
Informed Decisions
Assess Analyze
Retain/Finance Or Transfer
Corporate Tolerance Risk/Opportunity
Mitigate/ControlIdentifyAlign to
Corporate Objectives
Monitor/Report
Adapt/Improve
27
Extended Enterprise & Value Chain
Setting strategy, objectives, tone,
policies, risk appetite and accountabilities;
monitoring performance.
Operating in accordance with objectives; ensuring adherence to laws and regulations, internal policies and
procedures, and stakeholder commitments.
Identifying and assessing risks that may
affect the ability to achieve objectives; determining risk response strategies
and control activities.
Establishing Context
New Strategy & Risks
Maximizing return on capital Business Planning & Strategy Long term growth
in shareholder value
Risk Framework, Control & Monitoring
Optimizing volume and profitability
Operational & Change Mgmt (Systems, Processes, People)
10
Risk Strategy
Capital Management,
Business Performance Monitoring
Economic Capital
Allocation
Market, product, customer, operational strategy
New ventures, risk/capital
impact
Regulatory Capital
Calculation Corporate governance
Risk Identification
& Assessment
Maximizing operational cost
effectiveness
Projects (Objectives, Resources, Risk, Capital)
Strategic Risk Management Process
Classic Risks
Creative Risks
“The strategic bets that we place during our
poker game or try new things.”
“You’ve got to ante up to get into
the game or stay in business.”
“Paychex, like most firms, makes money and creates value by taking intelligent risks and loses money or
gets in trouble by failing to manage risk effectively.”
Why Integrate ERM with Strategy?
29
Internal Forces “Enabling Activities”
External Pressures
Paychex Strategic Process
Board of Directors
Political
Strategy
Cultural
Appetite
Tolerance
Ethics
Objectives
ShareholderExpectations Regulators Rating Agencies Stakeholders
Info
rmati
onG
uidance
Risk
Opportunity
ERMProcess
Protect and Enhance Shareholder Value
Culture: Enabling Activities: “Become a part of the company’s DNA”
Mission: Protect and enhance shareholder value
Infrastructure
Vision/Goals Governance Oversight structure Common language Policies Technology Tools Techniques Tolerance/appetite Monte Carlo simulation
Process Integration
Operational processes Strategic planning Quality process Competency models Product development Capital projects Performance
management
The Paychex ERM Framework
Identify Risks & Opportunities
Businessgoals,
objectivesand
strategies
Assess Risks & Opportunities
Develop Action Plans
Implement Strategy
Integrate Results
Monitor & Report Results
•Risk management is recognized as a key contributor to value creation.
•The risk culture is defined and enshrined to give managers and employees the requisite freedom of maneuver.
•An awareness of risk and the need to manage it pervades the enterprise.
•Risks are identified, reported, and quantified to the greatest possible extent.
•Equal attention is paid to both quantifiable and unquantifiable risks.
•Risk management is everyone’s responsibility and is not fragmented into compartments and silos.
•The enterprise avoids products and businesses it does not understand.
•Scenario planning embraces uncertainty and considers all possible developments.
31
Paychex ERM Framework
32
Financial Risks Strategic Risks
Hazard Risks Operational Risks
Enterprise Risks
•Adverse Changes in Industry Regulations
•Inadequate/Inaccurate Financial Controls/Reporting
•Equipment/Facilities
•Business Acquisitions/Divestitures
•Adverse Changes in Environmental Regulations
•Health Care/Pension Costs
•Debit/Credit Rating
•Counterparty Risk
•Asset Valuation•Transaction Processing Errors
•Accounting/Tax Law Changes
•Revenue Management
•Uncompetitive Cost Structure
•Liquidity/Cash
•Credit Default
•Shareholder Activism
•Fuel Prices
•Interest Rate Fluctuations
•Currency/ForeignExchangeRate Fluctuations
•Financial Markets Instability
•Economic Recession
•CurrencyInconvertibility
•Offensive Advertising
•Corporate Culture
•Timing of Business Decisions/Moves
•Loss of Intellectual Property
•Customer/Supplier/Dealer Relations
•Inadequate Management Oversight
•Ethics Violations
•Budget Overruns/Unplanned Expenses
•Pricing/Incentive Wars
•Attacks on Brand Loyalty
•Product Market Alignment
•“Gotta Have Products”
•Program Launch
•Ineffective Planning
•Customer Demand
•Seasonality/Variability•Technology Decisions
•Union Relations/Labor Disagreements/Contract Frustrations
•Product Development Process
•Product Design/Engineering
•New or Foreign Competitors
•Public Boycott orCondemnation
•Market Share Battles
•Negative Media Coverage
•Foreign MarketProtectionism
•Mergers/IndustryConsolidation
•Joint Venture/Alliance Relations
•Perceived Quality
•3rd Party Liability
•General/Product Liability
•Directors/Officers Liability
•Property Damage
•Building/Equipment Fire
•Loss of Key Facility
•Workers Compensation
•Boiler/Machinery Explosion
•Building Collapse
•Building Subsidence/Sinkholes
•Lightning Strikes
•Deductible Limits
•Land/Water/Atmospheric Pollution
•Volcano Eruption
•Tsunami
•Hail Damage
•Hurricane/Typhoon
•Animal/Insect Infestation
•Severe Hot/Cold Weather
•Cargo Losses
•Heavy Rain/Thunderstorms
•Blizzard/Ice Storms/Wind Damage
•Disease/Epidemic
•Tornados
•Terrorism/Sabotage
•Wildfire
•Earthquake
•Flooding
•Geopolitical Risks
•Cargo Losses
•Asbestos/Mold Exposure
•HR Risks – Key Skill Shortage, Personnel
•Turnovers
•Harassment/Discrimination
•Loss of Key Equipment/Personnel
•Warranty/Product Recall Campaigns
•Vandalism
•Arson
•Kidnapping
•Extortion
•IT System Failure – Hardware/Software/LAN
•Computer Virus/Denial of Service Attacks
•Gov’t Inquiries
•Workplace Violence
•Operator Errors/Accidental Damage
•Theft/Embezzlement
•Information Management Problems
•Accounting/Internal Controls Failures
•Health/Safety Violations
•Restriction of Access/ Egress
•Dealer Distribution Network Failures –Logistics Provider Failures,Logistics Route/ModeDisruptions
•Service Provider Failures
•SupplierBusinessInterruption
•Tier 1,2,3 –Supplier Problems,Financial Trouble,Quality “Spills”,Failure to DeliverMaterials
•Loss of Key Supplier
•Utilities Failures –Communications,Electricity,Water, Power
Environmental Scan
33
Identify & Assess RiskIdentifying the effectiveness of processes and controls via interactive participation with subject
matter experts. Step 1: Pre-work:
• Top-ranked risks are identified and reviewed to assess counter-measures
• Key risks are identified and better understood creating awareness and accountability
• Business unit identifies risks associated with operational errors. • Voting technology is utilized to score/rank the risks
Step 2: Workshop
Step 3: Mitigation Step 4: Results
Impa
ct
Likelihood
Operating Risk
Vendor Failure
Failed Systems
Human Error
Failed Processes
Internal Fraud
Interactive Risk Assessments
Assurance of preparedness
Redeploy resources
Enhance risk mitigation
Measure for cumulative impact
Impa
ct
Vulnerability
5
4
3
2
1 2 3 4 5
15
2
3
456
7
8
9
10
11
12
1314
1
High
Likelihood
Impa
ct
Risk 6
Risk 5
Risk 10
Risk 8
Risk 7
Risk 9
Risk 3
Low High
Dimensioning Risk Inherent Risk Residual Risk
Methodology – Top enterprise level risks are dimensioned using a proprietary 10 factor probability risk scoring formula. Risk velocity is incorporated and weighted in the calculation of inherent and residual risk to represent how quickly the onset of each risk measured translates to impact.
Risk 4
Critical
Nominal
Management Control Effectiveness
Inhe
rent
Ris
k
Risk 6
Risk 7
Risk 4
Risk 3
Risk 9
Risk 10
Risk 8
Risk 5
HighLow
HighUnder-controlled
Over-controlled
Inherent Risk = Impact x Likelihood Residual Risk = Inherent Risk x Uncontrolled Management Effectiveness
Risk Velocity
Slow
Average
Fast
Risk 1Risk 1
Risk 2Risk 2
34
Possible - “might” happen (future knowledge)
Plausible - “could” happen (current knowledge)
Distance into the future
Uncertainty
Predictability
F S H
Forecasting Scenario Planning “Hoping”
Ranges of Usefulness
time
U
Risk Scenario Planning“The present moment used to be the unimaginable future”
Probable - “likely to” happen (current trends)
Preferable - “want to” happen (value judgements)
Key Risks Detail
Primary Organization Owner(s) - Risk Management
Risk Type - (K) Known
Primary IndicatorsBad debt write-offs, National Economic Indicators, ACH return activity, regional/industry factors, credit agency reporting CEI/DSO indicators
Mitigation Strategies• Branch and client transaction thresholds• Credit bureau monitoring; consumer and commercial credit review• Credit policies, including secured funding and security deposits• Monitoring for credit deterioration, industry/economic data and bankruptcy• Allowance for doubtful accounts (reserve)• Fraud industry coalition
Trending - Small businesses continue to hold course even though threat of a double-dip recession is starting to look more plausible. Access to credit continues to be elusive for many struggling businesses as evident by the SBA adding “extra support” to lenders to boost loan approvals; however, SBA-backed loans make up only a small portion of over all business loans market. Balance sheets have improved as businesses continue to deleverage due to caution about the future economic outlook and legislative landscape.
Results - While soft credit risk exposure has nearly doubled over the past several years to over $266 billion dollars, credit losses are down 82% from approximately $11 million to just $2.0 million last year.
1.
Primary Organization Owner(s) – Risk Management
Risk Type - U1 (Unknown)
Primary IndicatorsRegulatory activity, laws enacted, warranties/penalties, lawsuits, enforcement activity, regulatory inquiries
Mitigation Strategies• Monitoring enforcement trends, relevant publications and industry news• Strong regulatory agency relationships• Active participation in Payroll Consortium• Ongoing review and audit of compliance• Increased training for applicable personnel• Change management control process
Trending - Increasing pre-election pressures on the administration and Congress around lingering economic weakness and the debt ceiling may result in ad-hoc measures requiring compressed implementation timeframes. Debt ceiling legislation does not include a payroll tax reduction, but a push for an extension of the current employee payroll tax reduction through 2012. The Obama jobs proposal contains aspects which, if enacted, could present operational and systemic challenges, with a reduced implementation period.
Results - Despite the extraordinary environment of accelerated legislative changes under the Obama administration heightened by the recent recession, Paychex has been able to execute required changes with minimal to no adverse impact.
2. Risk DescriptionRisk of financial loss due to client defaults, dependencies on banking partner lines of credit, NACHA rules/regulations, unsecured credit and reliance on ACH as vehicle for collection and recovery
Credit/ACH1. Risk DescriptionMaintaining compliance for all products and services with applicable federal, state and local statutes, laws and regulations; ensuring timeliness and accuracy of regulatory change on Paychex platforms
Regulatory Compliance2.
36
Providing the Board and senior management with greater risk transparency
Compliance with risk policies and regulations• Exposures vs. policy limits • Regulatory compliance
Earnings-at-risk• Major internal drivers• Key external variables
Risk/return performance tracking• Business units• Customer segments• Products
Real time risk reporting• One touch visibility• Drill down capabilities• 24x7 escalation• Early warning signals
ERM Dashboards
The discipline of risk management has
evolved from strictly a value preservation-based focus to a balanced focus
between protecting assets and creating or
enhancing value.
OperatingRisk
Credit Risk
Model Risk
Entrepreneurial Risk
Regulatory Compliance Risk
Future/White Space
• Target Models (3B); Lifetime Value Models• Churn Models; Discount Engine Models• Upsell Models; Sales Territory Models
• Public Relations & Marketing Initiatives• Industry Coalitions• Client/CPA Webinars
• EDI Program• RCX Stale Date Fees• Taxpay Premium Processing Fee
• Federal Deposit Frequency Program• Client Penalty Abatement Service• IRS/Paychex Partnerships
• $100M Revenue Over Past 5 Years• EGTRRA Restatement• PBS, HRO, 401(k) Service Fees
Risk Management
A flexible and dynamic risk management
discipline is uniquely positioned to quickly adapt to change and identify opportunistic
risk to create new streams of revenue and
increase value
Value Preservation to Value Creation
Questions?