From its beginnings in the early 1990s to its current incarnation, enterprise risk management (ERM) has undergone a dramatic transformation. Over time, ERM has evolved in response to a number of large-scale macroeconomic events as well as the business and regulatory changes those events precipitated. In so doing, ERM has adjusted its core focus and expanded the scope of risks it covers.
This continuing evolution can be organized into three major phases to reflect the changing landscape of enterprise risks in the past, present, and foreseeable future. Figure 3.1 provides a summary of the two major phases between the early 1990s and the present, as well as the next phase looking forward to the next 5–10 years.
Financial institutions began developing ERM programs in the early 1990s to address financial concerns such as aggregate market risk and credit risk. In 1993, the Group of 30's (G30) “Derivatives: Practice and Principles” addressed risk areas such as credit, market, operations and systems, accounting, and disclosures for derivatives dealers and end users.1 Financial risks continue to be focal points of ERM functions, especially within the banking and financial-services industry.
Unfortunately for a number of derivatives end ...