MAS 4-Notes
MAS 4-Notes
MAS 4
Tags Finals
Risk Management
Internal Control
MAS 4 1
-usually affects large number of organizations -If not managed, it directly affects
individual organizations first
-cannot be fully assessed and anticipated in
advance in terms of TIMING and GRAVITY -usually assessed well in advance with
reasonable efforts; risk mitigation can be
E.g INTEREST RATE RISK, MARKET
RISK, PURCHASING POWER RISK planned with proper understanding and
risk assessment techniques.
E.g COMPLIANCE RISK, CREDIT
RISK, OPERATIONAL RISK
Business RISK
-related to sales volatility as well as to *operating leverage
= If all OPEX are variable, sales volatility will be passed directly to operating income.
Default RISK
-related to probability that some or all of the initial investment will not be returned
Financial RISK
-firm’s capital structure or sources of financing
-any of various types of risk associated with financing, including financial transactions
that include company loans in risk of default.
If firm is partially financed by debt that requires fixed interest payments or by preferred
share that requires fixed preferred dividend payments. — Fixed charges introduced
FINANCIAL LEVERAGE
MAS 4 2
Interest rate RISK
-most commonly associated with bond price movements.
Liquidity RISK
House in a market with an abundance of homes relative to the number of potential buyers.
-this investment may not sell for several month or even years. If piece reduced sufficiently,
real estate will sell, BUT investor must take SELLING PRICE CONCESSION in order for
transaction to occur.
-T-bills can be sold immediately with very little concession on selling price
Management RISK
-risk-financial, ethical, or otherwise associated with ineffective, destructive, or
underperforming management.
-if management is not that well, all risk associated that may occur on an entity will be
affected.
-decisions made by firm’s management and BOD materially affect the risk faced by
investors.
Areas affected: Product innovation and production methods, and financing to acquisitions.
-difficult to recognize
! Easy to observe decline in price of stock or bond, but more difficult to recognize the
purchasing power of return earned on an investment has declined (risen) as a result of
inflation (deflation).
MAS 4 3
RISK ASSOCIATED WITH MANUFACTURING, TRADING, AND SERVICE CONCERNS (4)
Market RISK
-risk that an investor faces due to decrease in market value of financial product arising out
of the factors that affect the whole market and is not limited to particular commodity.
-PRODUCT risks: Complexity, Obsolescence, Research and Development, Packaging,
Delivery of Warranties
Operations RISK
-risk of losses caused by flawed or failed processes, policies, systems or events that
disrupt business operations.
-Process stoppage
-Environmental
-Technological Obsolescence
Financial RISKS
-the likelihood of losing money on a business or investment decision.
-Foreign Currency
-Liquidity
-Derivative
-Viability
Business RISKS
-exposure a company or organization has to factor(s) that will lower its profits or lead it to
fail.
-Reputation
-Political
-Shareholder relations
-Credit rating
MAS 4 4
-Capital Availability
-Business Interruptions
Adequacy, Completeness
RISK RESPONSES/TECHNIQUES
International Organization for Standardization (ISO 31000) - suggests that once risks
have been identified and assessed, these techniques should be applied to manage the risks.
Risk Avoidance - also means losing out on the potential gain that accepting risk may have
allowed.
-also avoids the possibility of earning profits
-not performing an activity that could carry risk
Risk Sharing - sharing with another party the burden of loss or the benefit of gain, from a
risk, and the measures to reduce risk.
MAS 4 5
E.g. Outsourcing - if outsourcer can demonstrate higher capability of managing or reducing
risks
Risk Acceptance - accepting loss or benefit of gain from risk when it occurs.
E.g. Self insurance
Risk Creation
a. Risk planning
response to risk
Create Value
MAS 4 6
Process of Risk Management
Risk Identification - can start with analysis of source of problem or with analysis of problem
itself.
Common risk identification methods:
a. Objective-based risk
b. Scenario-based risk
c. Taxanomy-based risk
d. Common-risk checking
e. Risk charting
Risk Assessment - critical to make the best educated decisions in prioritizing the
implementation of risk management plan
MAS 4 7
— Risk management for megaprojects
— Risk management of information technology
SEC Code of Governance Recommendation 2.11 and corresponding explanation provide the
ff:
Board should oversee that a sound ERM framework is in place to effectively identify,
monitor, assess, and manage key business risks.
Risk management framework should guide the BOARD in identifying units/business lines
and enterprise-level risk exposures, as well as the effectiveness of risk management
strategies.
Principle 12 was the one that deals with strengthening the Internal Control System and
Enterprise Risk Management Framework
—> “To ensure the integrity, transparency, and proper governance in the conduct of its
affairs, the company should have a strong and effective internal control system and
enterprise risk management framework.”
MAS 4 8
Risk Management Framework
Subject to corporation’s size, risk profile and complexity of operations, the BOARD
should establish a separate Board Risk Oversight Committee (BROC) that should be
responsible for the oversight of a company’s ERM system - to ensure functionality and
effectiveness.
atleast three (3) members; majority of whom should be independent directors including
Chairman.
atleast one (1) member of the committee must have relevant thorough knowledge and
experience on risk and risk management.
Subject to its size, risk profile and complexity of operations, the company should have a
separate risk management function to IDENTIFY, ASSESS, AND MONITOR KEY
RISK EXPOSURES.
Primary disctinctions:
Siloed vs. Holistic
TRM - various risk functions within an organization “own” their respective risk and tend to
operate in silos
ERM - takes more holistic view, looking at relationships among various risk types
Risk averse vs. Risk taking
Reactive vs Proactive
TRM - tends to be reactive; company changes its behavior after a risk manifests
ERM - takes proactive approach to risk management using a combination of people,
processes and technology
Insurable vs. Uninsurable
MAS 4 9
TRM - focus on risks that are insurable versus non-insurable risks.
DISTINCITIONS 0.2
Reactiveness:
TRM - Reactive: respond to incidents that have occurred and focus on preventing
reoccurrence
ERM - Proactive: looks forward to prevent risk occuring
Scope:
Adaptability:
TRM - Standardized, prescribed approaches
MAS 4 10
ERM - aligns with recognized standards like the COSO Framework (internal framework) to
ensure risk management approach is in line with best practice
Prominence:
TRM - keeps risk conversations to team or department level
ERM - elevates risk discussions to board level
Responsiveness:
TRM - static checklist of risks and responses
ERM - real-time, responsive approach to the changing organization and risk landscape
New law set out reforms and additions in four (4) principal areas:
Documents have been reviewed by signing officers and passed internal controls within
last 90 days
MAS 4 11
Documents are truthfully represent the company’s financial health and position
-Financial statements should also represent any off balance liabilities, transaction, or
obligations
Section 404 - Management Assessment of Internal Controls
-requires management and auditors establish internal controls and reporting methods to
ensure adequacy of those controls
Section 409 - Real time issuer disclosures
MAS 4 12
consists of 9 sections and establishes PCAOB, provide independent oversight of public
accounting firms providing audit services.
addresses new auditor approval requirements, audit partner rotation, and auditor
reporting requirements
consists of 8 sections and mandates that senior executives take individual responsibility
for the accuracy and completeness of corporate financial reports
consists of 5 sections, requires Comptroller General and SEC to perform various studies
and report their findings
consists of 7 sections, referred to as the Corporate and Criminal fraud accountability Act
of 2002
consists of 1 section
identifies corporate fraud and records tampering as criminal offenses and joins those
offenses to specific penalties
MAS 4 13
TOPIC 2: Internal Control
Safeguarding of assets
Elements/Components
Control Environment
-entity’s ethical and behavioral standards and manner in which it communicates and
reinforces them, determine entity’s integrity and ethical behavior
Commitment to Competence
-knowledge and skills necessary to accomplish tasks that define employee’s job
-management’s approach to taking and monitoring business risk, its conservatice or aggresive
selection from alternative accounting principles
Organizational Structure
-personnel within organization need to have clear understanding of their responsibilites and
rules and regulation that govern their actions
MAS 4 14
-important elements of IAS is the people who perform and execute established policies and
procedures.
-new technology
-new business models, products, or activities
-corporate restructurings
-expanded foreign operation
-new accounting pronouncements
Application to Small entities: Entity’s risk assessment process is likely to be less formal and
less structured.
-FR objectives may recognized implicitly rather than explicitly.
Initiate, record, process, and report entity transactions and to maintain accountability for
related assets, liability, and equity.
capture information relevant to financial reporting for events and conditions other than
transactions
MAS 4 15
Ensure information required to be disclosed by applicable financial reporting framework
is ACCUMULATED, RECORDED, PROCESSED, SUMMARIZED, and appropriately
reported in FS
*Entity’s IS includes use of standard JEs that are required on recurring basis; includes use of
non-standard JEs to record non-recurring, unusual transactions o adjustments.
Develop, purchase, produce, sell, and distribute an entity’s products and services
Control Activities
-policies and procedures that help ensure that management directives are carried out
3 major categories of control procedures
Performance review - uses accounting and operating data to assess performance and
takes corrective action
Physical Control
MAS 4 16
Monitoring of Controls
-process that entity uses to assess quality of internal control over time.
-involves assessing design and operation of control on timely basis and taking corrective
action as necessary
Control Environment - set of standards, processes and structures provides basis for carrying
out internal control across organization.
Risk Assessment - forms basis for determining how risks will be managed
Control Activities - actions established through policies and procedures that help ensure risk
are minimized
MAS 4 17
requirements and expectations
Control Environment
Enforces accountability
Risk Assessment
Control Activities
Communicates internally
Communicates externally
Monitoring Activities
MAS 4 18
-relatively broad in scope -broken into series of rigid categories
MAS 4 19