Enterprise risk management (ERM) strategies protect credit unions from unforeseen events and boost their bottom lines. From a holistic perspective, these strategies proactively identify, measure, and manage risk.
Implementing an ERM approach can improve a credit union’s risk-return relationship up to 20% in the first year of implementation, says Tony Ferris, managing partner with The Rochdale Group.
More credit unions are adopting ERM cultures, but many credit unions still manage risk in silos—within each department—rather than from a credit union-wide perspective. While this provides some degree of protection, it overlooks the cumulative risk of conflicting or inconsistent departmental decisions.
ERM provides an overarching framework for risk management, rather than managing risk in asset/ liability, investment, security, and other silos, Ferris says, enabling credit unions to see risk in a more meaningful way.
“Much of the risk management today is driven by compliance,” Ferris says. “Credit unions are focused primarily on complying with regulatory requirements, and they overlook the overall risk parameters. But proactive credit unions are using ERM as a strategic asset and looking at the broader implications of the things they’re doing. Most credit unions, however, manage risk well in silos.”SIDEBAR:
But even the best silo approach has its inadequacies. For example, a credit union might have 40% of its credit in residential mortgages. Someone in the loan department might typically evaluate the risk of these loans. The credit union might consider the 40% level an acceptable risk.
But the credit union’s investment department might have 50% of its investment portfolio in mortgage- backed securities, which could be an acceptable risk for that investment department.
If you take an ERM perspective and consider both portfolios, you’d conclude that the credit union is overexposed to risk in residential mortgages, explains Joe Ghammashi, chief risk officer for Corporate One Federal Credit Union, Columbus, Ohio.
When you take an ERM perspective, you can see how the risks that you didn’t think were connected really are connected, and that helps you see how you might be overexposed to risk in some areas.
“It’s the difference between being proactive and reactive,” says Ferris. “If you identify enterprise risks more quickly than the next guy, you’ll be more successful than the next guy.”
In addition to highlighting overexposure to a particular type of asset, ERM also helps credit union management plan for unforeseen events. “If you don’t have any unforeseen events, then you don’t need it,” quips Ferris.
Doing nothing isn’t recommended because unforeseen events—problems on Wall Street, unexpected regulatory decisions, or natural disasters—are inevitable.
It’s important for all credit union employees to adopt an ERM mindset, says Ghammashi, who was hired in 2005 to develop Corporate One Federal’s ERM practices. “You have to have a culture of risk management,” he says.
That means credit union employees “can look members in the eye and say the credit union used all the tools at its disposal to make sure its decisions were sound and were expected to be profitable,” Ferris says. “You can’t be blind to potential events. ERM helps you identify the potential magnitude of various issues and what to do about them.”
NEXT: What does success look like?