Risk is the fifth TIGERS principle that addresses ethical, quality-focused, productive, collaborative and successful organizations. Risk is taking a chance. When taking a risk fails, it results in making mistakes with a potential for loss or injury. On the downside, the fear of risk results in stagnation. On the upside, risk is the fuel behind change and innovation.
According to a new survey by Harvard Business Review Analytic Services, Global companies are intensifying their focus on enterprise-wide risk management (ERM) in the wake of the 2008 financial crisis and recession. However, most executives who responded to the survey feel their companies have a long way to go in building an effective, risk aware culture.
This would include decisions of chief executives in steering their organizations. The most recent example is seen in Greg Smith’s March 13 op-ed for the New York Times with regards to Goldman Sachs leadership and investment attitudes. The resulting PR fallout triggered a $2.2 billion drop in stock value yesterday. Will the decisions of other CEO’s come to light and follow suite? Time will tell.
Over two-thirds of 1,419 business executives surveyed in the new research sponsored by Zurich said risk management has increased in importance over the past three years. Yet only one in ten said their executive management is “highly effective” in creating a strong risk-management culture.
Why is this? Are these leaders unskilled or is there something else driving the risk/reward dynamic?
It is important to be able to link risk information and root cause problem solving to strategic decision making. According to the survey findings, although this skill set was identified as extremely important, only 14% felt their organization did that extremely well. Among the top barriers to better risk management cited:
- Over-focusing on compliance rather than fundamental processes (42%)
- Lack of strong management support (41%)
- Reluctance to de-silo related information (35%)
Could it be that root cause problem solving takes time and no one wants to invest it? is it more important to hide mistakes rather than exposing deficiencies that would lead to job insecurity? Are we seeing examples of corporate greed?
A majority of the companies said their approach to enterprise risk management continues to be basic or reactive. However, about 40% of executives surveyed considered their approach to ERM to be “proactive,” involving the board as well as business and functional leaders at all levels of the organization.
This “best practice” group included financial services, health care, and energy companies and those with 10,000-plus employees.
Executives in companies taking the proactive approach said that integrating risk management and corporate goals was key to gaining competitive advantage.
The study made clear that risk management needs to have a clear owner to be effective— executives reported that Chief Risk Officers are far more likely to oversee risk management now, than three years ago, although the CEO bears ultimate responsibility.
The study also found that at companies with strong ERM processes, “ownership” of risk stays in the hands of business and functional leaders. The CRO’s role is to advise and assist them by staying in regular contact and providing them with resources to better manage risk themselves. The result is what executives interviewed for the study call a “collaborative culture” that integrates risk awareness into the company’s strategic planning.
“Ownership of risk cannot be overstated, since the survey indicated that companies that employ a Chief Risk Officer, who works in tandem with the CEO and their executive leadership, scored highest in proactively managing risk in the organization,” said Alex Clemente, managing director of Harvard Business Review Analytic Services.
Some of the top benefits of ERM that respondents cited were not directly related to risk management. Instead, respondents described the integrated risk management approach as helping their companies achieve better operational performance by removing siloed communication and by fostering:
- Improved strategic decision making (39%)
- Improved governance (34%)
- Increased management accountability (31%)
Executives in the survey stressed that their goal was not to create a risk-averse environment but one in which better measurement and understanding of risk gives them more confidence about making strategic decisions to build the business.
“There is no doubt that in today’s challenging environment customers, shareholders and employees expect clear commitment to comprehensive and forward looking risk management from top management and board. Supporting the findings of the survey that it is extremely important to link risk information to strategic decision making, 41% of the companies said they are deepening and extending the ties between risk management and strategic planning,” said Axel Lehmann, Chief Risk Officer at Zurich.