Credit rating agency evaluations may change the CRO's role.
by Joe Gimenez
The job responsibilities of utility company chief risk officers may be on the verge of another significant transformation with the advent of new credit rating agency evaluations of non-financial (i.e., energy and utility) companies' management of their enterprise risks. Not since the immediate aftermath of Enron, when the Committee of Chief Risk Officers was formed in 2002, has there been such focus on the role of CROs, their office, and their ability to affect enterprise risk management systems with such great import to the future of their company.
 |
The reason? Energy companies' cost-effective access to capital could be on the line as the credit rating agency evaluations are implemented. Any reductions to ratings could increase the interest rates at which utilities borrow, negatively affecting profit margins. Since both political parties in the U.S. are pressuring utility companies to produce more energy from renewable sources, increased financing costs for such projects—and their grid counterparts—could have serious long-term effects on utility profitability.
In this new environment, the question of how the CRO will define the function and form of his or her office looms large. CROs will need new skills coupled with the correct background and experience to meet the challenges.
An either/or history
While some risk strategists have viewed the CRO office as presiding over one of two organizational approaches available to risk management, there's no consensus on which will be the right approach in the future.
Just two years ago, Accenture's George Popov presented the idea that CRO offices are either risk-oriented (centralized) or business unit-oriented (non-centralized), each having its strengths and weaknesses. In his presentation, "The Evolving Role of the Chief Risk Officer in Energy Companies," given in Moscow in 2006, Popov said that the centralized CRO office classifies risks by type across the organization independently from commercial heads, and aggregated credit, market and operational exposures across business units so they could be better managed by corporate leadership. This approach structured only loose relationships between risk managers and their business unit heads, so that key nuances of trading might be lost, with either profits being minimized or risks going unnoticed.
Popov noted that the non-centralized CRO structure forced business units into closer relationships with the CRO's risk managers, making commercial heads responsible for their direct knowledge of risks within their organization. The downsides were that the risk managers reported to the commercial leaders, calling their independence into question, and risks weren't easily classified by type across the entire organization in a coherent fashion.
A changing definition
Today's CRO office has additional choices to make and new impetus to make them now that Standard & Poor's corporate rating agency announced in May that it will assess and rate how well non-financial sector companies, including energy and utility companies, monitor and manage the enterprise risks.
Conceivably, the examination and grading of enterprise risk management (ERM) systems could affect companies' access to investment capital, both positively and negatively. Other ratings agencies, like Moody's and A.M. Best, are following S&P's move using their own methodology. Regardless, all the ratings agencies see this as a means to shore up their reputations with investors after the recent mortgage industry bust.
While more announcements are expected, S&P has said that it will take an expansive view of enterprise risk management to include its impacts on liability management and financing decisions. S&P also said it will not view favorably any hodge-podge mixture of risk management processes and will instead expect a systematic approach that has a transparent holistic framework. It will judge utility and energy companies on industry-specific risk factors.
Industry reaction
When S&P issued its decision to include ERM in its ratings, consultants like Towers Perrin applauded the move. "We believe that ERM is a key capability for any firm, independent of the stance of the rating agencies, and that rating agency considerations in this area will reinforce the influences that have brought ERM as a discipline to top of mind for senior management and boards ?. Rating agency action in this area can serve as an additional stimulus for organizations to look more closely at their risk management practices, structures and processes."
In fact, some industry observers believe there's a good chance the investment community will like what they see in energy companies risk management programs. After all, the energy and utility verticals had their wake-up calls after the Enron collapse in late 2001. Many companies learned their lessons and for the last seven years have been strengthening their risk management systems. Indeed, the Committee of Chief Risk Officers—the organization born out of the Enron meltdown—has been studying ERM since early last year and has developed two white papers to help their member CROs frame their response.
In May 2007, the CCRO issued a white paper in which it concluded that "it is paramount to understand that ERM is not a product, but rather a process by which utilities can iteratively improve upon their understanding, control and management of risks. An ERM framework for utilities should ultimately strive to first identify and quantify material risks, and identify the levels of risk that are acceptable for all stakeholders .? Once the framework is in place, a continuous review of the risks, controls and metrics is essential to establishing a lasting and improving risk management function within a utility."
The question now is how the CROs will view their own strengths and weaknesses in this new operating environment. What changes do they foresee in how they staff their department? What role do they see technology playing in this change? Is there a new job description for CROs, what is it, and what experiences should qualify the aspiring CRO to utility companies?
These questions and more will be discussed in a future article that studies the responses of several CROs to these questions. Stay tuned.
Author
Joe Gimenez is an independent public relations consultant focused on communications for the energy and utility sectors. With 20 years of experience, his clients include RiskAdvisory and Microsoft. Contact him at joe.gimenez@g3publicrelations.com.