Tuesday, 19 May 2015

Towers Watson's Global ERM Survey - Knowing ERM, Knowing You...

A couple of treats from two of the powerhouses of the 'writing things down' industry on the practical use of ERM to drive decision making, rather than simply accompany it.

Towers Watson are targeting the Solvency II audience (at least on this side of the Atlantic) with a timely release of the results of their 8th Biennial Global ERM Survey. I say the results, as there is no sign of the full survey itself - any closer to their chest, it would be an areola's backpack...

As ever, these kinds of publications oscillate between flannel and insight, so while I cover those below, feel free to read the infographic and call it quits!

General observations from the main press release include;
  • Three-quarters of (the almost 400) respondents say they are viewed as "important strategic partners" by the Board and Executive - I'm less inclined to see that as a mark of superiority, given that risk functions in some firms won't have the ambition or aptitude to achieve that status
  • Implication that some respondents do not have a risk appetite framework in place - very worrying, unless this is just bad wording.
  • Some firms said to be only "...using ERM for regulatory compliance". It may depend on jurisdiction, but I'm not inclined to agree that is even possible.
  • The "ultimate vision" for a firm's ERM capabilities is referred to, which is a brow furrer, even conceptually. TW seem to bundle up risk culture, risk monitoring and risk tolerance into the "Vision" bucket, in case that term takes your fancy.
  • The expression "very strategic approach" appears in print for the first time!
Getting Value from ERM?
- "Kiss my Face"
From the more elaborate Q&A document, we find the main granular material which TW were prepared to publish. Fortunately for readers this side of the Atlantic, the EMEA Director Mike Wilkinson holds sway over much of that conversation, including his tale of the firm who recently had an ERM/Business Strategy-inspired "Aha" moment.

That session contains a fair bit of contention, such as;
  • Asking the questions "What's the purpose of risk management" or indeed the "purpose of your ERM Program" in the Q&A - if these had been directed to the respondents themselves, it would have contextualised a number of the seemingly negative responses i.e. If the purpose of your ERM Program is "don't get shut down", you are probably less bothered about being a "strategic partner"!
  • That the business should "...challenge the risk group to create reports that help them make decisions" - Excel Jockey is hardly the work of a strategic partner...
  • In a similar vein, that insurers are "drowning in data, drowning in metrics" - hardly a new phenomenon, and doesn't give any credit to the critical faculties of employees to filter what they do have.
  • "...many [internal capital] models have matured" - a sharp intake of breath can be heard down at Moorgate!
  • That "...an ERM Program can't properly be assessed until it has been in place for a while" - pretty sure the S&P crowd wouldn't hold off assessing you while you "embed"
Mike in particular does manage to keep a good focus throughout the Q&A on maximising trade-offs between risk and return being the big differentiator between Risk functions who are capable of influencing strategic decision making, and those who are perhaps more likely to be tabling red-amber-green reports tracking the outcomes of decisions which have already been made.

Other strong points include;
  • In the context of Risk Tolerance, how to cater for the discretion required by an insurer's asset managers in handling investment portfolios.
  • Touches on a couple of pieces which stood out in the CRO Forum's Risk Appetite publication last month, namely around the increasing number of measures being used to run businesses other than capital, allowance of movement within risk tolerance levels, and whether firms have effectively articulated their organisation-wide Risk Appetite and Risk Tolerance limits down into its subsidiaries/departments.
One aspect which gnawed at me throughout this reading is the constant referrals to "ERM Programs" - I don't think I am bathing in semantics to suggest that Programs normally start and end, whilst ERM would surely constitute a Framework. You might choose to redecorate the Framework periodically with a Program (Solvency II a prime example), but you wouldn't expect a Program to "mature" or "evolve", you expect it to conclude!

Nitpicking?




Monday, 18 May 2015

Central Bank of Ireland speeches - "and there's more"...

Solvency II-ready?
"It's the way I tell them"...
I rejoiced on Friday at the sight of more speech material emerging from the Central Bank of Ireland directorate, if only due to the Frank Carson* gag I could wheel out due to the volume of their recent speech-giving...

As an industry we should always be happy to hear the regulator on lead vocals, so I gave the pair of speeches released a once-over to see what Irish concerns have justified the recent bounty of public addresses.

Deputy Governor Cyril Roux was very targeted in his speech, delivered to PwC's Annual CEO Dinner. It apparently gave him "great pleasure" to be in PwC's offices, which presumably means they weren't on the meter...

Some of the statistics and comments served to highlight that Ireland is something of a special case in the context of Solvency II, in that two-thirds of Irish gross premiums are to cover 'foreign risks', and that many insurers under their auspices will not have proximity to or oversight of much of their distribution network.

A few messages jumped out from the rest of the speech;

  • A lot of positive messages had a caveat implicitly wrapped with them - "...we are in the main satisfied with your engagement with the Central Bank"; "On the whole international firms generally file returns on time..."; "I also commend your general adherence to our Corporate Governance Code..."
  • Goes as far as using the IMF's recent review findings to tell firms to stop poaching regulatory staff while simultaneously complaining about turnaround time!
  • Nice point about keeping focused on current risks through the PRISM framework, rather than drifting into Solvency II mode before 2016.
  • Having recently been complimented by Sr. Bernadino on Ireland's reserving governance (p12), he reinforced that assumptions pertaining to reserves are expected to be "critically debated".
  • On ORSA, that the CBoI "...expects to see Boards actively directing the use of risk management tools...such s stress or scenario testing"
  • On Internal Modelling, he not only expects Boards to "...have sufficient knowledge and skill to challenge the model outputs", but adds that they "...like to see a Board direct the modellers in their firms to run specific stresses and scenarios prior to an item being discussed at the Board" - a big advance on previous murmurings on use test from supervisory bodies.
  • Pulls up firms who are seemingly not tailoring their model's parameters for the Irish-specific business.
  • Similarly a message of insisting that cross-border distributors tailor Group-driven materials and processes for the Irish market such as "...group policies and output, such as the ORSA, and internal model...".
  • A cute but important distinction that "embedding" Solvency II, rather than complying with it on paper, is still going to take considerable effort.
Sylvia Cronin's speech (well, the Solvency II aspect of it) stayed along the same lines as she pursued at the Industry event in late April, where she was harsh on a number of specific elements in preparatory phase ORSA Reports which had been observed.

In a section of the speech covering "challenges to be overcome", a number of pieces of insistent ORSA direction are given, for example;
  • "Your Board must use the ORSA to more fully align business strategy and capital"
  • "You also need to use it as a lever to discharge your core responsibility not to take on risks and exposures which the capital base does not support".
  •  "...there is a lot of work yet to do by firms to get this element of the new regime embedded to the extent we required" - I add here that, given they will have only reviewed 2014's preparatory phase ORSA Reports and Processes, is this not a given, particularly after CBoI sponsored a template-filling approach for the smaller firms?
On the wider world, the speech covers;
  • That Solvency II sets out "clear standards and expectations around your internal control and risk management" - agree on the latter, but the former?
  • Believes that the "scope for subjective judgement" may open up regulatory arbitrage opportunities, and that "a number of iterations" will be required before EU-wide consistency is achieved, in a sly dig at, errrr, everyone in mainland Europe
  • Similarly, the volume of cross border business HQd in Dublin poses a problem due to the geographical boundary of CBoI's "prudential remit"
  • Reinforces the message fro April that Pillar 3 readiness is a growing concern
  • A large suite of views on Conduct Risk, where "culture" and "conduct" are hogtied together as the grimmest twins since DeVito and Schwarzenegger - that message won't be changing in a hurry, so I strongly recommend your work in that area caters to the supervisor's tastes.
Useful insight from what appears to be a supervisor with their sleeves rolled-up - keep up the good work.

* PS I know the connection is tenuous as he's a Belfast man, but give me a chance!

Friday, 8 May 2015

Solvency II Industry Forum in Ireland - Clint and Chocolate

Having treated the speech by EIOPA's Chair as the main course a few days ago, I'd better take a look at the hors d'ouevres and pudding. At the CBoI's industry event in late April, a couple of their biggest hitters delivered speeches of their own, with a similar tone to the PRA's effort in October (i.e. a considered yet firm rollicking).

Solvency II Marathon
- no Snickering...
Sylvia Cronin's speech, in which she referred to Solvency II as the "Marathon of Marathons", shone some light on how Ireland plc has dealt with ORSA during the preparatory phase. If you remember, the CBoI kindly provided ORSA templates for the entities lower down the PRISM spectrum, which I felt at the time was fully justifiable, and a tactic other NSAs should have adopted.

It wouldn't appear that the industry has performed exceptionally in their 2014 efforts, with Ms Cronin drawing attention to the following flaws in execution
  • Variances in ORSA Report content between firms in similar sectors  "cause for concern" - a slightly worrying comment, given that some firms will be over-elaborating with content with the help of their friendly consultancy firm.
  • Boards were aggressively called out on the "ownership" front. If your Boards have been ambivalent to-date with regards to participation in the ORSA process, they will seemingly get a hard time from now on.
  • ORSA Process "...as important as the document itself" - music to my ears, and still a surprisingly difficult concept to convey
  • The "so called use test" is referenced around ORSA, and not in the context of internal model applicants - no idea what that is about, so will assume it was a clumsy turn of phrase, rather than a new element of legislation
  • Stress testing seen to be "too benign", with firms ignoring key risks and hard-to-quantify risks. Given that the UK firms received similar feedback on their 2014 ORSA stress testing efforts, it doesn't appear to be a country-specific failing.
  • 'Local' (i.e. Irish) ORSAs which filter into wider Group ORSAs have not been adapted to fit the business model of the Irish entity. Good issue to pull firms up on, if they are relying Head Office to provide them with process and reports in template format 
  • Business plan and forward looking time horizons not considered plausible, possibly a by-product of the lack of Board involvement in the ORSA Process
On the Pillar 3 front, she noted the following
  • Pillar 3 is now a "cause for concern" - decisions by firms on architecture and expenditure "now overdue".
  • Only half of High or Medium PRISM firms have participated in external user testing on Pillar 3. This still feels proportionally more than the PRA have tested out, though it is still viewed as a negative by the Bank.
"Problematic Applicant"?
Cyril Roux on the other hand wanted to reflect on "the good the bad and the ugly of Solvency II" in his address. While most executives paying for Solvency II programmes in EU insurance entities would suggest that "A Few Dollars More" is a more apt Clint Eastwood hook, he took a more macro view during which he;

  • Patted the Irish regulator for its "good work" putting the house back in order after the laissez-faire approach at the start of this century. 
  • Also reiterated that Pillar 3 preparations are light in the country, urging firms to "...devote the resources necessary"
  • Dwelled heavily on the subjects of investment risk appetite and prudent person principle
  • Pointed at "problematic applicants" who can now seek approvals to do business in the EU regardless of the supervisor's thoughts about their business models
  • Called Solvency II's quantitative requirements "ill conceived" and "overboard" and "clearly too complex"
  • Commented that SCR is "unlikely, unreliable tool to manage capital" - "...certainly the supervisor will not be using it for more than its worth".
  • Gave short shrift to the abolition of prudential reserving under Solvency II, and indeed Bernadino referred glowingly to the Irish approach to reserving governance (presumably to counteract this grievance?) in his keynote speech.
A lot to be taken from these speeches if you have any dealings with Irish insurers, and with the clock ticking, I can't imagine there will be better steers than these during the preparatory phase.

Tuesday, 5 May 2015

EIOPA Chair's speech in Ireland - Nothing Compares to U2...

The huff has concluded it would appear – EIOPA’s gaffer has returned to the speaking circuit after a few weeks where the institution’s communications had been reduced to Post-It notes on the fridge after the EU butchered their budget.
Bernadino - dodgy stand-up
 
A recent Solvency II industry event was held in sunny Dublin, with Sr. Bernadino providing the keynote address. He chose to start and conclude with U2 jokes, which were as lame as a constipated flamingo (I would have thought Ben Folds Five or Lulu would be top of his playlist right now…)

That aside, the meat in this musical sandwich was pertinent to the whole industry, so I've picked out a few highlights;

General
  • Wants to outline EIOPA’s move “from regulation to supervision” (p2), though goes on to say that “…EIOPA does not replace NSAs. The responsibility of the day-to-day supervision…rests with the NSAs” (p10). I think this subject warrants clarification from NSAs and EIOPA in concert, given we can see how having a remit-less overseer is putting the PRA on the back foot
  • Acknowledges that the result of the mathematical squabbles is “…perhaps a too complex SCR formulation” (p3)
ORSA
  • ORSA considered to be “…best practice at international level” (p4) – not sure if he means ORSA in general IAIS terms, or the ORSA concept he has curated within the EU!
  • While he drops some of the usual ORSA bluster in about it being a “game changer”, he beefs up on the Board’s obligations, citing their "fundamental role to play", and stating in particular that "they need to set, communicate and enforce a risk culture".
  • Of particular significance to his Irish audience was his emphasis on risk culture as "..an appropriate balance with the natural sales driven culture". This is perhaps the first instance where I have seen insurers' distribution arms formally considered by a supervisory body to be the enemy of 'risk culture', and for EIOPA's chair to choose Ireland, a country which has for years marketed itself as a cross-border sales centre on the right side of General Good provisions, is shown at the end speech to be a pre-emptive strike.
Internal Models
  • Like his associates at the PRA, he notes that the use of internal models on the banking side "has been subject to increasing scepticism" in justifying the rigour of the Solvency II approach to modelling
  • Worried that models will become a "capital optimization tool" - the PRA's NED briefing (slide 8) paints a similar picture if you read between the lines regarding missing risks and experience not reflected in parameter setting.
EIOPA's workload
  • "Current different supervisory cultures" in the EU are creating work for EIOPA, noting that "our feedback can sometimes be challenging". Wonder who they're getting at there, France!
  • They appear to be developing a Supervisory Handbook of good Solvency II practices. Chapters are already written on Risk Assessment, Boards and Governance, PPP and proportionality in Key Functions to name a few. Something to look forward to no doubt
Ireland-specific
  • Go out of their way to applaud the onerous reserving governance in Ireland (here?), considering it practice which other countries should emulate.
  • On the other hand, "...in the specific case of the Irish insurance market" he targets the country from a conduct risk/General Good perspective as one of the main cross-border players in the Union.

One can't help but feel the latter part of the speech was deliberately laid at the feet of the Irish, rather than aired in a more generic manner, given the country's continued corporation tax-related appeal to cross-border distributors. I guess when it comes to identifying the perfect audience to sketch out EIOPA's inevitable foray into Conduct Risk regulation, Sr. Bernadino found what he was looking for...




Thursday, 30 April 2015

Love RAFs? CRO Forum's Risk Appetite survey

The CRO Forum have recently published the results of their 2014 survey on Risk Appetite development in insurance entities. It is perhaps the oldest drum in Risk Management Town, but one we are always happy to hear the beat of, and while we shouldn't expect a forum with such luminary members to deliver any shocking results, a careful sift through the carcass is always a smart idea.
The Cure - to tolerance breaches?
The final presenter at the PRA's recent NED briefing noted that Risk Appetite is "no longer an aspiration", a comment I felt was further behind the times than Nana wearing Juicy Couture. That said, on page 8 it suggests that less than a quarter of firms are "very satisfied" with their RAF maturity, and over a third feel they have "a lot of work to do", so perhaps he hit the nail half on the head...

This document should clarify whether that caution is justified, and with 48 responses from the top table, it should be a reliable benchmarking tool. Despite starting like a GCSE essay ("the topic of Risk Appetite has exploded"?), it contains some useful, if a little dry, benchmarks, such as;
  • Principles for a RAF (p3-4) - hard to argue with
  • Main goals - dominated by preserving capital, while only a third are looking to "improve shareholder value" or "optimise capital"
  • Main stakeholder list (p5) seems good in breadth and priority
  • Almost everyone is using regulatory capital in some way as a Risk Tolerance measure (p9)
  • Stress and Scenario testing is being used by 80% to set Risk Tolerance levels, which feels at the right end of expectations
  • 60% report quarterly, with most others slightly more or less frequent
It takes a few odd turns, in particular;
  • One of the main objectives cited (p4) seem to be centre around boiling down things into a single document. I appreciate that pressure, but surely we feel that a RAF has a more substantial objective that document consolidation?
  • "Development of a Risk Appetite Statement is an evolution" (p6) - don't agree at all, it is a task, otherwise it would never get done.
  • Coverage of Risk Appetite Statements as "regulatory requirements", in particular under Solvency II. Just because the industry is choosing to discharge its obligations in EIOPA's Guidelines (SoG 15 & 16) by producing a single statement document, it doesn't make a Risk Appetite Statement a requirement.
  • Less than half are using a "1-in-x" loss that would breach regulatory capital in their Risk Tolerances - just feels like a very obvious one to use, so suprised by that number
Some of the more practical issues faced by firms are well covered, for example;
  • Difficulties for Groups when setting risk appetite. Does the parent/head-office set overall appetite, and the children sub-divide it by business unit/risk category/Both? Do the children set their own appetites and feed them up for aggregation?
  • Listing Risk Concentration targets looks awkward across the board (p5). While firms seem to be able to quantify Liquidity and Capital targets in their Risk Appetite Statements, other categories are much less consistently quantified. Market, Credit and Insurance Risk appear to be quantified by less than a third of respondents, preferring to address these in separate policies/guidelines (a Solvency II by-product perhaps?).
  • Setting Risk Tolerance levels is highlighted as a "minor" improvement required by over 60% of respondents.
  • There is a veritable bombsite of Earnings at Risk metrics in use, which is healthy for the industry I guess (p10).
  • What does one do when Risk Tolerance level is breached? Around a third are not OK with limit breaches and demand immediate rectification, while two thirds allow for a "Cure Period" to return the Risk Profile to its required form. A "Cure Period" seems the fairest breach rectification approach to me - after all, I don't care if Monday's blue...
A worthy benchmarking document, so fill those boots.

Wednesday, 29 April 2015

Pillar 3 implementation phase - "I can change, I can change"...

There has been a bit of noteworthy activity on the Pillar 3 side over the last few weeks, which I will cover below if I can keep awake long enough.
Pillar 3 Deadlines - "take it easy fella"
Pillar 3 was shouldered in to the NED briefing at the end of March (slide 19), and in a style similar to South Park's Saddam Hussein charicature, they effectively told the audience to "relax guy"...

Were those calming words justifiable? Given the PRA's admin function was seemingly on a "no uploading" break for Lent, we have in the last couple of days seen a whopping 3 months worth of minutes from their Regulatory Reporting Industry Working Group (or "Pillar 3 whingepit" as it more commonly known) made public. Interesting snippets include;

Jan 2015 - PRA full working group
  • Publication of example reporting schedules for anyone without a December year-end
  • "Early May" appears to be the starting point for any Category 1-3 firms who need to test out the PRA's QRT recepticle handiwork
  • Firms "must submit data in XBRL" from July of this year, in case there were any chancers out there
  • No additional information about the spectre of external auditors poring through your reporting efforts until Q2 2015 (i.e. now!). This will be in the form of EIOPA Guidelines, from which the PRA will "determine its position".
  • About 20% of firms responded to the PRA's readiness survey that they are behind the curve
  • Sourcing asset data still noted as an "issue", as well as vendor limitations, which would be of some concern for anyone who has splashed out on a software solution.
Feb 2015 - PRA testing sub-group
  •  Problems around compatability of firms' earlier efforts appear to emerge every time EIOPA apply a hotfix to their taxonomy
  • EIOPA filing rules and guidance were scheduled for Q1 2015 release - I can't seem to see them (though I haven't looked hard), so their timeliness maybe a victim of the EIOPA budget cuts?
  • Firms are directed to the draft ITS to distinguish between preparatory requirements on Reporting and "live" requirements. This seems to be a repeated message, so presumably firms are not reading this document properly. 
  • First testing cycle kicked off on 27th Feb, with (9) firms down at the PRA's offices. Second cycle scheduled for soon/now in April, performed externally to "test connectivity"
  • Firms were effectively encouraged to sent in any old tat in XBRL, which the PRA would feedback on.
March 2015 - PRA testing sub-group
  • Initial testing of the PRA's facilities doesn't appear to have been discouraging
  • Less that half a dozen firms will be kicking the tyres in the second test phase
  • EIOPA effectively overrule the PRA by allowing old and new taxonomies to be used in the preparatory phase.
  • The PRA's (unpublished?) validation rules will not be applied during the preparatory phase, which will be light relief to some firms.
This information seems to support rather than contradict the more general yet widely reported Grant Thornton survey which suggests there will be a good number of firms who will struggle with their 2016 obligations, let alone 2017's. They made the following points;
  • GI and composite firms seemingly the most worried
  • Half of firms are planning to create their own reporting solution (based on T4U?), mostly Lloyds and GI firms. Are these "have-a-go heroes" the hidden issue for the PRA, given their restricted testing group.
  • Around 20% are behind schedule on QRTs
  • A third have done little if anything on the SFCR/RSR front – the PRA have stated that these are required "in year 1" (Q17, and yes, both of them!)
  • Compared against an earlier survey they conducted, the one topic which hasn’t alleviated any concerns is the ability to extract data from internal IT systems.
  • Majority of firms are having a single dry run for quarterly and annual QRTs
Should anyone be worried given the granular information above, or is Pillar 3 still tomorrow's problem?

Tuesday, 28 April 2015

Jurassic Talk - enhanced NED challenges during Solvency II preparations?

 Britain's youngest NED
Given that there won’t be a heck of a lot more briefing done on the Non-Executive Director front, I’ve given the PRA Industry Event slide pack published the other week a bit more of a going over to see if the left and right hands are pushing the Solvency II wheelie bin in the right direction. I haven’t gone as far as watching the 1h 30m video of the event yet – if I wanted to watch a room full of fidgeting old men in ill-fitting suits I’d just go to Bridge Night at the bowling club…

I can’t say I was massively enthused by the read of the slides as an individual who is frequently delivering material to the very audience the presentation was aimed at. I would highlight the following oddities;

Internal Model-specific (slides 6-12)

  • That Solvency II “sets a high bar” for model approval – that feels a little disingenuous given that the PRA has had the whip hand in the IRSG’s internal model committee for years, and has evidently driven their CAT. Fair to say that the PRA set the "high bar" on behalf of the rest of Europe.
  • From the “lessons learned” section they suggest that some IMAP/CAT firms have used assumptions which are not matching their experience. Is that not bravado bordering on criminality? Doesn’t feel like small beer, so unless the PRA are splitting hairs with that comment, I trust the protagonists had a strip torn from them.
  • Some models ignoring “Key Risks” faced by a firm – how can this be? If this is about cheeky risk selection (i.e. let’s use SF, but model Market Risk as we get a good number from it) all well and good, but to say that firms are ignoring them is not a good steer, and if they are, then how is punishment not already being dispensed?
  • For Use Test purposes, NEDS told to have “belief” but not “blind faith” – this feels like Bank Creep, given that the PRA  have been vocal (here and here) on firms blindly following models after the banks got caught with their trolleys down a few years back (nice PRA summary here). Doesn’t feel especially fair to tar insurers with exactly the same brush in advance, even if it is smart!
  • Boards need to own validation design” – just sounds meaningless when you read it back. If you want them to “do” the design (which Andrew Marshall’s later slides deriding the efforts of the validation contracting community suggest also support), then just say it.
  • The “Key Questions” slides contain some very ropey gear. “Does the output of the model give a credible answer”? “Can the firm survive on the Standard Formula”? The terms used are so flimsy that one could spend hours arguing the toss about their definition – “so what is survival – EC+, SCR+, MCR+ with recovery plan” etc.

ORSA and SoG (slides 14-18)
Starts with a bit of good news – some generic industry feedback is seemingly due within the next couple of months (pertaining to our 2014 ORSA efforts?). The slide summarising findings to date is also a useful yardstick for those who can’t wait that long.

For System of Governance, the executive world should prepare themselves for NED questions regarding whether or not they (as opposed to their underlings and contractors) are reading EIOPA's Guidelines. Let's hope they have!

On the gnarlier side;

  • Seems to be an obsession with assigning named individuals (as opposed to roles or teams)  to perform mitigating tasks relating to anything ropey uncovered during the ORSA
  • ORSA should be holistic” – at what point is that breathtakingly grim term going to be put to pasture? For a NED briefing, the use of plain English should be considered par for the course. It is followed two slides later by “top-down/bottom-up” which is equally non-specific.
  • ORSA is not a compliance exercise resulting in a report to the PRA” – I think you meant to say “not ONLY...”!


The final slides from Ian Marshall’s presentation are revealing more due to the clumsy terminology often used at the table with NEDs (“Key Drivers” and “Key Correlations” for example – if you mean “most money riding on it”, then say it!). Also, the idea that Risk Appetite is “no longer an aspiration” is worrying – I would have given the insurance industry credit that it ceased to be aspirational some time ago, and doesn’t need a 2015 ‘tick’, but then I am a trusting fellow.

Does anyone think, off the back of these slides, that their NEDs will be chomping at the bit at the next Risk Committee/Board meeting using the ammunition supplied here?

Maybe I’d better watch the video after all…