How is ERM (Enterprise Risk Management) different from the Financial Risk Management

I was wondering that is there any difference between ERM and Financial Risk Management (FRM)? The question came to my mind while I was seeing both words being used simultaneously by many.

Whether you know it or not, everybody in an organization from the subordinate to the CEO engages in the risk management process of one sort or another daily.

The company would purchase insurance in the event of a mistake or otherwise extremely unhappy and dissatisfied customer.

There’s not a single doubt that actions like these are practical, but are important from the aspect of theoretical knowledge as well.

For a quick and effective glance at differences, let’s understand it more economically!

  1. Setting Quality Standards and implementing through other skills

The financial risk management process in its basic form has been common practice for companies and non-profit organizations for many years. There is a kind of designations an individual can earn from organizations.

Also, organizations starting their ERM journey have standards to refer to, with the two most common being COSO and ISO 31000. Both these standards released updated versions in 2017 and 2018 respectively. Despite inculcating more risk-taking into both standards, many practitioners and thought leaders feel they are still too focused on managing risks instead of achieving organizational objectives.

Also, many organizations become frustrated when exclusively using one of these standards because they often experience stalled processes and minimal value to the organization.

ERM which focuses on getting success requires a bit more finessing to be a valuable tool for decision-making.

  1. Insurable and Non-insurable Interest

In a Financial risk management framework, an organization looks at insurable things.

The company will also have liability and workers’ compensation insurance in the event someone does slip and get hurt. Purchasing insurance for any company vehicles or equipment is another example.

ERM, on the other way, goes beyond insurable hazards and includes areas of risk and appetite that cannot be transferred through insurance. If there is a data breach that occurs, the company can have insurance for offsetting the recurring cost of responding and addressing the problem.

  1. Risk Management and Analysation

In financial risk management, the management of risks occurs as needed on an individual basis. Departments would only look at risks within their areas and not communicate with other parts of the company. Satirizing risk management this way can expose a company to much bigger risks at worst.

On the other side, ERM combines these activities and uses a variety of tools to examine interdependencies, understand triggers between risks and cumulative effects of risks, and more. These kinds of tools help senior management better allocate resources and prioritize risks.

One of the tools is risk appetite and tolerance. Risks are compared to the applicable tolerance to determine the appropriate response. It is during this analysis where organizations may find some risks are being over-managed since they are well below their tolerance level. Going through this process allows executives to re-direct resources to more urgent needs.

  1. Culture and Mindset

Yes, I know that every organization manages financial risks to one extent or another but these kinds of activities tend to be chaotic without any reason, with no connection to strategic objectives, or other business areas.

On the other hand, an effective ERM process that is a valuable decision-making tool is systematic and ingrained in processes and ways of thinking. This is not to imply that every action or decision requires a formal process for identifying and assessing risks – in many cases, this will be an informal process where a manager or even an employee will stop for a minute and think about how their actions may create a reputation, talent, strategic, or some other risk to the enterprise.

  1. Financial Averse and ERM Emphatic

ERM considers both the upside and downside of risks but FRM considers the economic aspect more. This is true, but as long-standing ERM thought leaders explain, the difference goes much deeper than this. Up to this point, you may have noticed how the word “risk” has been used in the negative sense – in other words, seeing risks as threats and something to avoid or mitigate.

  1. Dimensional Aspect

If only looking at an issue from a loss prevention perspective, financial risk assessment also only considers the impact or severity of a given issue at a certain point in time. Consider our wet floor example – a company safety officer or facilities director will typically only consider what will happen if someone slips and falls, and take action for risk mitigation through liability insurance and safety improvements. Who is evaluating, at least informally, something they know is going to happen.

In other cases, financial risk management activities will also consider the probability of a certain risk or issue affecting the organization.

While the scope of enterprise risk management considers impact and probability, it peels the onion layers back to understand more about potential events (i.e. risks) and how they relate to the strategic plan, organizational mission, or a specific operation.

Conclusion and On the Note

Financial Risk Management (FRM) and ERM are two sides of the same coin. But they still have many differences. Both coincide and contradict but overlap each other. Both have an inclusion of others and both exclude other exclusion. It’s upon us how we understand and implement different aspects of it into our organization for achieving different goals.


https://www.erminsightsbycarol.com/traditional-risk-management-erm-differences/#:~:text=In%2 0a%20traditional%20risk%20management,at%20things%20that%20are%20insurable.&text=ER M%2C%20on%20the%20other%20hand,cannot%20be%20transferred%20through%20insuranc e.


Blog Published By: Vaibhav, Student Risk Committee Member


You may also like

Leave a reply

Your email address will not be published. Required fields are marked *

More in Riskshots