"Anything that can prevent you from achieving your performance objective, is a risk that must be managed"

Wednesday, 21 August 2013

Managing Risks Growing Businesses Face


Introduction

Growth (top-line) and profitability (bottom-line) are two major indices that define how well organizations are doing in pursuit of their strategic objectives and short term goals.

Business organizations achieve growth through organic or inorganic channels. Growth occurs largely via the development of a new product, creation of a new business line, mergers and acquisitions, increase in market share and direct expansion into a new market. In pursuing any, a combination or all of the aforementioned growth strategies business organizations face several risks. Typically organizations are faced with Macro-economic risk, Credit risk, Market risk, Reputation risk, problems associated with access to credit, social acceptance/corporate social responsibility risk, technology risk, political risk, geopolitical risk, Economic shock, etc. Effective risk management enables business organizations to successfully exploit business opportunities and contain threats. It does this by providing insights and assurances required to take advantage of profitable ventures.

Problem Statement

The risk management framework and practices that exist in most business organizations are not adequate to enable them to navigate to safety in times of trouble. The risk management culture, the governance and organizational structure, the design of the risk management framework, processes, policies and procedures, risk management tools, sophistication of risk identification and measurement techniques and skills available are not fit for today’s purpose and tomorrows expectations. This is evidenced by the impact of the recent global financial crisis. Systemically exposed business organizations are even more exposed. Business organizations need to embrace best practices to better prepare them for the rainy day.

Previous Options

Current practice in most business organizations is that risks are managed in 'silos'. Risks are also not managed in the context of strategy and objectives. Risk Management is often times seen as totally alienated from performance management. This means that each business line, group or division in an organization manages its strategic, business and operational risks independently, if at all.. A case of ‘’to your tents O Israel’’. Risks are therefore not managed centrally or in alignment with strategic objectives and so, many of the strengths an organization can build and the benefits of a centralized risk management do not accrue to such organizations.

Our firm, Clement Ashley Consulting provides a risk management framework that takes an enterprise-wide view of risk as against silo management. This approach is called Enterprise-wide Risk Management (ERM). Enterprise Risk Management implies that risk management is done at the enterprise level instead of at the business line, business group or business division level and so is centrally coordinated. Strategic, Business and Operational risks are therefore managed not independently but holistically at the enterprise level. For financial institutions that are regulated Economic capital is a must as against a purely regulatory capital limit. Risk assessment is done from time to time so as to reflect market realities. There is also frequent review of the application and suitability of the established process in order to identify gaps for improvement.

Our approach begins with a review of existing risk management process and framework in the organization with a view to modify existing framework and practice based on regulatory requirements, market realities, business needs and best practices.

Benefit 1

Clement Ashley Consulting's Solution is in concert with what regulatory and supervisory authorities and rating agencies demand and so enables business organizations to comply with regulatory and supervisory requirements. The framework which Clement Ashley provides is also in line with best practices world over.

Benefit 2

Risk aggregation at the centre provides the required knowledge about how risks interact, about risk concentration and the actual overall risk faced by the organization giving that some risks offset others while some reinforce others such that risk responses and controls provided are better targeted and therefore more effective compared to what can be achieved under silo management.

Benefit 3

Risk management is centralized in Enterprise Risk Management and so duplication is avoided and therefore cost is minimized. Central coordination also ensures that there is consistency in the risk management approach.

Benefit 4

Any thing that can prevent an organisation from achieving its objectives and targets (be they financial targets or otherwise) is a risk that must be managed. Enterprise-wide risk management therefore assists organizations meet and exceed their performance objectives and stakeholders expectations.

Implementation

Implementation involves assessing the effectiveness of the designed risk management process and framework. It includes checking how well risk responses and controls, early warning indicators, etc are working. If responses and controls are not effective then a further risk identification is required to identify any risks left that made the responses and controls ineffective. Implementation may be iterative. It is a real time and real life activity. It does not include any form of simulation. Implementation stage provides the opportunity to adapt the designed framework to market realities and at the same time maintain the desired robustness that allows it provide adequate safeguard. Implementation is usually done in phases in line with the priorities of the client.

Summary


Till date many organizations manage risks in silos. Today’s realities and tomorrows expectations make silo management utterly inadequate. Risk aggregation at the enterprise level allows for better responses and more effective controls in the risk management process. Beyond meeting regulatory and rating agencies requirements and other stakeholders’ expectations, enterprise-wide risk management reduces to the barest minimum chances of unexpected losses. Removal of duplication and the cost reduction that go with it make enterprise risk management a more cost effective way of managing risks.  

No comments:

Post a Comment