Transcript Risk Management Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd Who Are MSM Compliance? • MSM is a national professional.

Risk Management
Policy & Procedures
An Overview for Staff
Prepared by
MSM Compliance Services Pty Ltd
Who Are MSM Compliance?
• MSM is a national professional services
business focused on the general insurance
industry.
• Your company has engaged MSM to assist in
the management of its obligations as a holder
of an Australian Financial Services Licence.
• MSM helps to ensure that you and your
company comply with your AFS Licence
obligations with the least disruption to your
core business.
Why Are You Reading This?
• To provide you with an introduction to our
Risk Management Policy and Procedures.
• It will present you with a synopsis, but not the
detail.
• You should still take the time to read the full
Risk Management Policy & Procedures.
What Is Risk?
• The chance of something happening that
will have an impact upon business
objectives and goals. It could be physical,
financial, economic or legal.
• It includes potential for gain and exposure
to loss.
• It is the volatility of potential outcomes;
“How surprised do you really want to be?”
How Is Risk Measured
• Measured in terms of consequences and
likelihood.
• Risk = consequences x likelihood.
• Risk is also measured by the level of outrage
or concern a particular event may have on a
business or employees of the business.
Examples Of Risk
•
•
•
•
•
•
Injury to staff and clients.
Property damage.
Loss of AFS Licence.
Damage to business reputation.
Theft of money or data.
Liability to clients for incorrect / inappropriate
advice or failure to follow client instructions.
• Loss of computer data.
What Is Risk Management
• The culture, processes and structures that
are directed towards the effective
management of potential opportunities and
adverse effects.
• The aim of risk management is to
maximise opportunity by managing risks.
It is a way of confidently taking the right
risks and then managing the outcomes for
success.
What Risk Management Is Not
• Another name for insurance (Insurance is the
treatment option for an identified risk where
the risk is shared or transferred).
• Just accounting controls.
• About creating risk averse management.
• A green light to careless enthusiasts.
• Opening the door to “risky management”.
• Something that other people do.
Why Is A Risk Management
Program Important?
• Risk management is recognised as an integral part
of good management practice.
• An effective Risk Management program is also a
mandatory requirement for AFS Licensees.
• The effective management of risks reduces the
likelihood of major disruptions to the plans of the
business and increases the chances of the
business achieving its goals.
The Benefits Of Risk
Management
• More effective strategic planning.
• Better cost control.
• Increased knowledge & understanding of
exposure to risk.
• More systematic & thorough method of
decision making.
• Prevention rather than reaction to risk
• Greater transparency in decision making.
Who Is Responsible For Risk
Management?
• The Responsible Manager(s) is ultimately
responsible.
• The Risk Management Officer is responsible for the
day to day operation of these Policy and
Procedures.
• The Risk Management Officer is indicated on our
Organisation Chart by the Code RMO under their
name.
• All staff and Authorised Representatives must be
familiar with and comply with this Policy and
Procedure.
• All staff are encouraged to look for improvements
to our risk management procedures.
Risk Management Process
Overview
Establish Context
Identify Risks
I
N
P
UT
Analyse Risks
M
O
N
I
T
O
R
&
Evaluate Risks
Treat Risks
R
EV
I
E
W
Risk Management Process
• Establish the Context – generally we are conservative and
risk adverse.
• Identify Risks – only risks identified can be managed.
• Risk Analysis –risks are classified according to likelihood
and severity.
• Risk Evaluation – prioritised for further action.
• Risk Treatment – decide on and implement course of
action;
(i) avoid, (ii) avert, (iii) transfer or (iv) retain
• Monitoring & review – how effective are the processes?
• Communication & Consultation – ensure all staff and
relevant stakeholders are involved.
Risk Management Table
• The Table lists all risks that we have
identified as part of our Risk Identification
process.
• Each Risk is assigned a Risk Level indicating
the potential severity of the risk.
• A Treatment Plan has been implemented to
effectively manage each risk.
Review & Updates
• Our Risk Management Policy & Procedures
will be reviewed on an annual basis as part of
our the Business Planning process or after
any major or catastrophic loss or near loss
impacting on the business.
• Any changes will be advised by management
either via Email or at our regular Staff
meetings.
In Summary
You should
• Read the full Risk Management Policy &
Procedures.
• Identify the Risk Management Officer (RMO)
on our Organisation Chart.
• Be aware of the risks listed in the Risk
Identification Table.
• Inform the RMO or Compliance Officer if you
become aware that our Risk Management
program is not being adhered to.
Where To From Here?
Please take the time to read our full Risk
Management Policy and Procedures and if you
require further clarification discuss with our
Risk Management Officer.