Enterprise Risk Management - Some Guidelines for Incremental and Iterative Implementation. Case Study: Romanian T.S.O. Transelectrica

摘要

The need for enterprise risk management (ERM) in the European electricity sector has two mainorigins. First, players in the electricity industry are exposed to more risks today than has been the casehistorically. Exposures to market and regulatory risks, in particular, have increased significantly andthese risks can have a major impact on profit margins, company reputation, and the ability to fulfilsocial obligations. Second, players are facing increasing demands from stakeholders concerned withrisk management. In particular, regulation for listed companies - as Transelectrica - has become moredemanding in terms of risk transparency and control.In Transelectrica – the Romanian Transport and System Operator, enterprise risk management (ERM)consists of a set of organisational components that together aim to raise the level of risk managementeffectiveness across the organisation. These organisational components cover: Risk managementprocesses – including risk identification and prioritisation, risk strategy, governance and control,Elements of organisational structure, Tools, methodologies, and systems and Skills.The paper is aimed to present Transelectrica’s ongoing process of a systematic and comprehensivedefinition of the critic risks and of quantifying their impact with the view of implementing anintegrated program, to minimize and control the risks and to set the appropriate strategies on treating,preserving, transferring and recovery procedures meant to protect the values of the company.ERM has overall responsibility for the risk-mapping process, ensuring the quality of the output, andsynthesising the main findings for the company's management team and board of directors. The maindesign principles for effective risk governance and control consist of clearly delineated risk oversightresponsibilities, a clear allocation of risk ownership responsibilities, the separation of risk managementand risk control, and proper alignment of incentives with roles and responsibilities. To achieveeffective risk governance and control, companies can follow a three-step approach: define governanceand control design principles, set up the basic governance and control mechanisms, and recognise andavoid the most frequent pitfalls.Transelectrica wants, as well, the change of the organization’s culture, so that the decisional process tobe sustained on risk management system implementation, offering a new view of the managerialbehaviour. The place of the risk notion is in the middle and at the bottom of analysis and decisionsmade in the Company, according to the corporate governance principles.