Risk Management through people

MILE Community Portal
Building an effective Risk Culture is much more than changing your organizational culture in line with your Vision, Mission, corporate values and risk appetite—you must factor in the interests of competing national cultures, sub-cultures, Maslow’s theory on individual self- actualization and the informal groups in the company.

The interactions between all of these are not predictable and variables cannot accurately be isolated.

An effective risk culture is not a matter of risk assessment or level of compliance; it is a matter of “conviction” -- a corporate state of mind where human beings can take well informed risk decisions because they want to, not because they have to.

ERM Policies, systems and reporting dashboards are all part of the foundation for good risk management. Once you have all of these in place, you can start building an effective risk culture. Remember also that there is too much complexity and subjectivity in culture to assume that individual reactions and responses can be aggregated to reflect or give an accurate picture of the whole organisation’s risk culture. You cannot “pop” an effective risk culture in the microwave, it takes a lot of preparation, dedication and time to get it to perfection.

You can have the best staff retention rates in the industry; or the most long service awards, both of these can also indicate a high risk of employee fraud. According to the ACFE research: 53% of fraudsters have more than 5 years of service and the median loss for fraudsters with 6 to 10 years of service is $200 000-00. 52% of fraudsters are between 31 and 45 years old and older fraudsters tend to cause larger losses.

The Future of Risk Management is not just looking through the windshield; scanning the horizon might just be the most important thing to do, you cannot control or stop what is coming, you have to prepare to respond to it. So many organisations spend large amounts of money to focus and report only on what is happening inside the organization, where they actually have control. Your biggest risks are outside of the organization, where you have no control.

Key elements for the future of your risk strategy should include internal networking; you have to talk to the informal groups and their informal leaders just as much as you do talk to the executives and managers, maybe even more. The real business does not always get done in the formal “boxes & lines” structure.

Just as important are the aspects of desk research and external networking. To have a good risk management strategy and action plan, you have to know everything about your industry, markets, competitors, supply chain, alternative supply chain, Global risks in an interconnected world and many more. Failure to adapt your business model; which drives your “risk for reward” system, to the ever-changing internal and external risk environments will lead straight to the corporate graveyard.

The Future of Risk Management is just: “Risk Management through people” You can have the best systems, great models and scenario analysis with elaborate dashboards; at the end of the day a person will take a decision.

Are your employees aiming at more than one target; or do you have a clearly defined risk for reward strategy and risk appetite statement to guide them? Business strategy and Risk Culture are parts of an interdependent system.

Start working on your success by training every employee some basic risk management skills.

As my Moody's colleague, Sarah Tennyson wrote last year: “Enterprise-wide risk management requires a shift in the behavior and mindset of employees across an organization. To realize the full benefits of improved systems, tools, and analytical skills, people need to learn new ways of perceiving situations, interpreting data, making decisions, influencing, and negotiating”

Read Sarah's article at Moodys.com: https://www.moodysanalytics.com/Publications/Risk-Perspectives/2014/RP04/Risk-Perspectives-Integrated-Risk-Management/Approaches-to-Implementation-Integrated-Risk-Management/Training-as-a-Powerful-Tool-for-Evolving-Risk-Culture

Originally posted by author on Zawya.com
Discussion started by Horst Simon, on 1215 days ago
You need to be a member of this community before you can participate in this discussion
John Mulhall
Indeed Mr. Ubaid, many fail to recognise the importance of proactive risk management (V crises management after the fact). One reduces the chances of the other happening.... that has to be a good thing!!..
1191 days ago
Ubaid Lakhiar
important tips to face challenge of Risk Management..
1195 days ago
John Mulhall
Good points on risk management. Adoption of models which are company wide like Lean Six Sigma will help. However, I think anti fraud measures require specialist attention and management company wide. The rules of anti fraud behaviour for staff need to be set up, very understandable and retrained yearly like the process for US Companies under the Foreign Corrupt Practices Act provisioning for annual training in anti corruption rules for all staff.
1210 days ago