Enterprise risk management (ERM) is the business discipline devoted to evaluating an organization’s risk competency and planning and managing activities related to minimizing and controlling those risks. ERM focuses on limiting fallout from risk-related activities, improving corporate risk-related accountability, and increasing stakeholder confidence. ERM has been applied to many different industries. Within the financial services sector, the practice has become a pivotal activity, due largely to the finance sector’s relationship to global economies and industries.
ERM differentiates from historical business risk management approaches in that it encompasses all components of an organization’s risk exposure (finances, operations, governance, reputation, etc.) and that it prioritizes and manages those exposures as an interrelated system rather than as independent problems. ERM recognizes that each individual risk can impact other components of the organization, as well as internal and external stakeholders. An ERM system upholds this holistic approach by establishing a structured process for addressing all risks and by instituting risk management within all crucial decision-making processes. Finally, ERM views the effective management of risk as a key to competitive advantage.