Implementing a Risk Management Program

1. Implementing a Risk Management Program Scott Jones MEAG Power APPA Business & Finance Conference - 2009

2. About MEAG Power • Created by Georgia Legislature in 1975 • Provide wholesale electricity to 49 communities in Georgia • Total Assets - $4.6 billion • Total Revenues - $770 million • Nine generating units at four plant locations with about 2,100 MW • 120 employees

3. What is EWRM? • “Methods and processes used by organizations to manage risks and seize opportunities to the achievement of their objectives” • Most agree it to be some version of a comprehensive risk management program • Ideally include a centralized approach to evaluation and/or monitoring

4. Is the Ideal . . Ideal? • Difficulties with EWRM implementation: • Most can not devote numerous resources • “Academically ideal” program is expensive, system driven, sometimes not needed • What does your entity need? Seriously. • Must balance value of risk management with company size, complexity, resources • Something short of “ideal” might be appropriate

5. MEAG – Pre EWRM • Reasonable risk management and analysis • A “silo” approach – each department handled their own process • No company-wide culture of risk management • No formal communication lines or company-wide oversight

6. MEAG – EWRM Phase One • EWRM Policy • Board approved • Established Board committee, Executive committee, RM Department, single Executive over RM / Internal Audit • Defined roles of each authority level

7. MEAG – EWRM Phase One • Created more formal communication • Required risk assessment process • RM Department reported to committees regularly, submitted work plan • Some analysis by RM, some by individual departments

8. MEAG – EWRM Phase One • We combined RM and Internal Audit • Saw similarities in philosophy of both • Internal audit had moved toward more risk-based approach, less small-dollar audits • Moved to project-based approach with both audit and RM work being done in concert

9. Phase One - Lessons Learned • Reasonable approach, worked well • Having single Executive was ideal, but perhaps not necessary with our size • Recognized importance, but size and staff limitations made us think • Made progress in creating a RM culture • Good sign: People came to RM for advise, review of ssues

10. MEAG – EWRM Phase Two • Reorganization in April • RM / Internal Audit remain combined • Manager of RM / Audit reports to Controller (under Chief Accounting Officer) • Manager has dotted line to CEO and RM Committee of Board • RM remains an important area with high exposure and heavy involvement

11. What makes a good program? • Not a clue . . . • Each company is unique, solution is unique • Experimentation is alright, don’t be afraid to try different structures • Communication and Analysis are key • Empowerment of groups needed • Make policies that memorialize your intent

12. Bottom Line: Good Communication • Good programs need focus on communication • Set a structure that makes sense, put analysis where it makes the most sense (centralized or departments), but force areas to communicate • Better communication of issues, analysis, and decisions has been the primary benefit of our program