Enterprise Risk Management (Preview)

24 Part 1 – Concepts and Methods Canadian Regulations Canada and the United States are each other’s biggest trading partner, and almost all large Canadian companies have securities traded publicly in the United States. Accordingly, most of the regulations developed in the United States are adapted and applied in Canada. Both countries cooperate to harmonize regulations and rules to the best extent possible, in order to facilitate trade and reduce the administrative burden on companies. The Canadian Securities Administrators (CSA) is responsible for the regulation of capital markets in Canada. Its members are the provincial and territorial securities regulators located across Canada, such as the Ontario Securities Commission. The Office of the Superintendent of Financial Institutions (OSFI) is responsible for regulating and supervising financial services. A description of CSA and OSFI, and their regulations impacting risk management are presented in Appendix 1A. International Guidelines Many international organizations influence the evolution of risk management through principles and standards that are developed cooperatively with their members. These organizations include the International Organization of Securities Commissions located in Spain, the Basel Committee on Banking Supervision located in Switzerland, the Solvency II legislative program of the European Union, and the Financial Stability Board located in Switzerland. An overview of these organizations and their guidance applicable to risk management are provided for reference in Appendix 1B. RISK MANAGEMENT GUIDANCE The Committee of Sponsoring Organizations of the Treadway Commission in the United States, and the International Standards Organization based in Europe, develop risk management frameworks and guidelines that can be adopted by organizations as sound principles and practices to follow. Unlike regulations, these frameworks and guidelines are not mandatory, but they are widely recognized and adopted. Organizations use them for designing their approach to risk management, and for meeting regulations and stakeholder expectations. The frameworks and guidelines are updated periodically to reflect thought leadership and proven risk management practices. COSO ERM Framework The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a voluntary private sector organization. Its members are the American Accounting Association (AAA), the American Institute of Certified Public Accountants (AICPA), Financial Executives International (FEI), the Association of Accountants and Financial Professionals in Business (IMA), and the Institute of Internal Auditors (IIA). The mission of COSO is to “provide thought leadership through the development of comprehensive frameworks and guidance on enterprise risk management, internal control and fraud deterrence designed to improve organizational performance and governance, and to reduce the extent of fraud in organizations.” 32 COSO undertakes research projects to develop guidance in areas relevant for its member organizations.