Deloitte announces winners of the third Deloitte China Risk Intelligence Recognition Awards

Published: 8 June 2013

• 25 companies with stellar performance in risk management win the awards
• Among 10 garner special awards of the year
• Research reveals many Chinese enterprises can integrate risk management and corporate governance enhancement with corporate strategy, demonstrating outstanding risk intelligence management

Professional services firm Deloitte today announced the winners of the Third Deloitte China Risk Intelligence Recognition Awards, recognising the strong risk management performance of 25 companies. Ten of these were further honoured with individual awards of the year based on their results. In the same occasion, Deloitte released the Third Edition of the "Chinese Enterprise Risk Management White Paper," ("White Paper") that summarised the best practices of the 25 award-winning companies and findings from its survey of Chinese enterprises on their state of risk management. The most noteworthy finding was that many Chinese enterprises have successfully integrated risk management and corporate governance with their corporate strategy, demonstrating their strong capability in risk intelligence management. While there is always a risk factor in business, a crucial management issue for a company is to explore ways for effective risk management constantly.  

Since 2011, Deloitte has been organizing the China Risk Intelligence Recognition Awards. The ranking program aims at providing a platform for high-level experience exchange on risk management and encouraging the development of best practices in risk management among Chinese enterprises. It is open to all companies incorporated in the Chinese Mainland. Based on Deloitte Global’ s unique concept – Risk Intelligence – entries were evaluated by the working group of Deloitte China's Risk Intelligence Recognition Awards and the judging panel comprised of experts with in-depth theoretic knowledge and practical experience in risk management. Risk Intelligence is a diagnostic tool derived from nine principles defined by Deloitte to determine the risk intelligence maturity of a company. The analysis was conducted in three major areas: risk governance, risk infrastructure, and oversight and risk ownership. This year marks the third presentation of the awards, during which time many enterprises have achieved substantial reform and improvement in risk management and practice.

Together with the announcement of the winners, Deloitte also released the Chinese Enterprise Risk Management White Paper, which contained an analysis of research on risk management; quotes from 25 winners; media interviews; summary of the risk management practices; and insights from Deloitte’s experts. The White Paper was compiled to showcase the successful risk management practice to other Chinese enterprises, so that they can better understand the core value of risk management.

"Following the success of Deloitte China Risk Intelligence Recognition Awards in 2011 and 2012, this year's event has taken some innovative elements by deploying the new media. We aimed at continuing to encourage companies to further bolster their risk management effort through this ranking program and a series of interactions among senior executives. Over the last few years, along with the commencement of comprehensive risk management work, a group of Chinese companies have achieved noteworthy performance in this area. Although these enterprises still have a long way to become all-round risk intelligence companies, yet the quality they demonstrated has increased our confidence in the risk management capability of Chinese companies. The most encouraging fact is that six of last year's winners were honoured this year as well, showing the remarkable improvement that Chinese companies achieved in risk management work. It is worth noting that the number of winning companies from the financial sector has significantly increased by nearly 30% this year, nearly doubled when compared with that of last year. This illustrated the investment and effort of financial institutions in risk management in recent years. Companies from other sectors should take reference from them," said Mr. Danny Lau, Managing Partner of Enterprise Risk Services for Deloitte Greater China.

On top of the 25 winning companies that were recognized with the awards (see the Winners List in Appendix, tabulated without any particular order), 10 of them were honored with special awards in addition. These awards were namely: "Leading Risk Intelligence Innovation of the Year," "Leading Enterprise in Risk Intelligence of the Year," "Outstanding Achievement in Risk Intelligence of the Year," "The Most Valuable Risk Management of the Year," "The Best Legal Risk Governance of the Year," "The Best Risk Management Practice of the Year," "The Most Innovative Risk Intelligence of the Year," "The Best Integration of Risk Management and Internal Control of the Year," "The Best Achievement in Risk Theme of the Year," and "Excellent Internal Control and Risk Management of the Year."

The research findings in the White Paper revealed the current state of risk management among Chinese enterprises. Mr. Lau said, "Through research and on-site interviews, we found that risk management and internal control systems were originally developed to meet requirements set by the Central Government, State-owned Assets Supervision and Administration Commission of the State Council and China Securities Regulatory Commission (CSRC) or local CSRC bureaus. However, many companies can now set up these systems proactively, or even have integrated their risk management and corporate governance practice with the company's strategy. We believed these were good examples of eminent risk intelligence enterprises, showing many enterprises have benefited from their risk management work."  

All of the 100 companies that participated in the Deloitte survey have implemented risk management and internal control measures. They cover a wide range of sectors, including insurance, banking, funds, trusts, real estate, chemical, energy, pharmaceutical, power, mining, fiber-optic communications, electrical appliances manufacturing, electrical appliance sales and public services. Most of the respondents were directors, managers and other senior executives from state-owned enterprises, private companies and listed companies.

Based on the research findings, the White Paper provided statistics and analysis on nine major issues, including the unique definition of risk, the development of risk management framework, the important role of risk management, the risk management responsibilities and the risk management system. The key findings of this survey are as follows:

• Over 70% of the surveyed companies have set up risk management committees or risk control offices to control risk dedicatedly. Some companies have set up internal audit departments or other functions that can be responsible for risk control at the same time.
• Nearly 70% of the surveyed companies have a defined risk database that helps understand the negative impact and opportunities from risks to mitigate their adverse impact and realize their benefits.
• All surveyed companies have selectively adopted risk management frameworks for their practices, such as COSO1 "Internal Control – Integrated Framework" or COSO2 "Enterprise Risk Management – Integrated Framework" with 95% of them applying two or more standards. Nearly 90% of the surveyed companies had important decisions made after collective evaluation to avoid arbitrary management decisions or ultra vires approval.
• Over half of the surveyed companies said their boards of directors would assess the appropriateness of the risk tolerance and current risk management regularly and irregularly. About 70% of the companies conducted such an evaluation at least annually.
• Nearly all surveyed companies (over 97%) have set up reporting hotlines and mailboxes to record the reported cases by independent personnel. They have mechanisms in place to report the cases to the management or board of directors and follow up the incidents to ensure the transparency of corporate governance. Around 70% of the surveyed companies have a designated department to conduct regular audits or assessment and issue reports on the effectiveness of their risk management measures.
• Over 55% of companies have dedicated risk coordinators in every department. The coordinators play a role in conveying risk management information from top to down. These companies have also set up a dedicated risk management or internal audit department to look after the responsibilities of their risk coordinators.
• About half of the companies have acquired or developed risk management information systems. However, only 26% of them can combine these systems with other business systems effectively, improving the operational efficiency and providing guidance to the company's business operations.

"As both the market and the economic landscape are ever evolving, the risk management system of companies should be renewed and enhanced proactively and continuously. Only by weaving in risk management into the entire company that it can stand out from its peers, create greater value for shareholders, and achieve excellence in their corporate goals," Mr. Lau concluded.

For enquiries about the Third Deloitte China Risk Intelligence Recognition Awards, the research findings on Chinese companies' current state in risk management and the White Paper, or seeking advice in risk management from Deloitte experts, please us by email.