GRC

Black Diamond Risk Enterprises (BDRE) specializes in providing  governance consulting services.  These comprehensive  services include the following:

A. Corporate Governance

In complex risk taking organizations it is nearly impossible to separate best practice risk management from best practice corporate governance.  At a best-practice organization , everything flows from a clear and agreed upon set of policies at the top that spawn and secure the independence of policies, methodologies and infrastructure downstream.  A joined-up approach to corporate governance and risk management (from the board level down to a business line) has become a critical component of a fully integrated ERM program.

The Open Compliance and Ethics Group (OCEG) notes in its Fall 2007 publication “GRC 360 ” that “to understand the complete portfolio of processes related to governance, risk & compliance, organizations must consider the following areas, all of which can benefit from a shared strategy & operational approach and from cross-communication & shared technology.”

Governance Strategy Risk Management Audit Legal

Compliance Information Technology Ethics & Corporate Social Responsibility Quality Management Human Capital & Culture

The OCEG report adds that each of the processes embedded in these areas “plays a key role in helping an organization drive principled performance”.  It defines principled performance as “the clear articulation of an enterprise’s objectives, both financial and non-financial, and the methods it establishes to stay within the boundaries it will observe while driving toward those objectives”.

B. Board Governance

A primary responsibility of a board is to ensure that it develops a clear understanding of the business strategy employed and the fundamental risks and rewards  that this implies.  Boards need to make sure that risks are made transparent to managers and to stakeholders through adequate internal and external disclosure.

Boards oversee management and hold it accountable.  Boards must characterize an appropriate “risk appetite” for the company.  Boards should ensure that business and risk management strategies are directed at economic rather than accounting performance.

Audit Committee – The role of the Audit Committee of the board is critical to the board’s oversight of the company.  The audit committee is responsible not only for the accuracy of the bank’s financial and regulatory reporting, but also for ensuring that the company complies with minimum or best-practice standards in other key activities, such as legal, compliance and risk management activities.  The audit function acts as an independent check on the companies risk management process.

Risk Management (RM) Committee – The RM committee of the board is responsible for independently reviewing the identification, measurement, monitoring and controlling of risk, including the adequacy of policy guidelines and systems.  The RM committee reports back to the board on a variety of items such as all loans and/or credits over a specified dollar limit.

C. Risk Education

Black Diamond Risk Enterprises (BDRE) provides Risk education services.  BDRE designs, manages and delivers both in-person and web based training programs . These programs are customized to meet individual client needs.

Dr. Mark, is the founding Executive Director of the Masters in Financial Engineering program  at the University of California, Los Angeles (UCLA) Anderson School of Management.  He is also the cofounder  of the Professional Risk Managers’ International Association (PRMIA), which offers   programs for Risk Industry professionals.  Dr. Mark earned his Ph.D., from New York University’s Graduate School of Engineering and Science.  Subsequently Dr. Mark received an Advanced Professional Certificate (APC) in accounting from NYU’s Stern Graduate School of Business and is a graduate of the Harvard Business Schools Advanced Management Program.

D. Sarbanes-Oxley (SOX)

The SOX legislation signed into US law in 2002 provided a huge stimulus to the development of enterprise-wide risk management.  Among other things, SOX codifies:

I.    Corporate responsibility for financial reports (personal accountability of top corporate officers)

II.   Management assessment of internal controls (along with auditors attestation)

III.  White-collar crime penalty enhancements (significant increases in fines and penalties, including imprisonment)

More than ever, Sr. Executives are accountable for the accuracy of corporate reporting.  The penalties for inaccuracy are severe.  The old adage that ‘what get’s reported get’s managed’ holds true.  Risk, in all of its forms, has a tremendous effect on an organization’s bottom line.  There is no reward without risk.  Risk identified, evaluated and capitalized upon creates value.  Risk identified, evaluated and mitigated preserves value.

E. Dodd Frank

Oversees Systemic Risk on Wall Street: The Financial Stability Oversight Council (FSOC) looks out for systemic risk (the risks that affect the entire financial industry). Treasury Secretary chairs FSOC with members such as the Fed, SEC, CFTC, FDIC, OCC, FHFA, CFPA, etc.