Helping to Frame the Board’s Risk Conversation - A Profession in Transformation
by AIRMIC John Hurrell and Julia Graham
This session presented on October 04, 2016 during the FERMA European Risk Seminar in Malta, set out some of the issues involved for risk managers making this professional journey and offer practical ideas and suggestions on how risk managers can seize these professional opportunities.
Reinforcing FERMA’s vision of “a world where risk management is embedded in the business model and culture of organisations”, this session will focus on how risk management can be embedded in the business model of the organisation and the importance of risk culture and the profiling of risk culture as part of this process.
The session introduced models, tools and techniques designed for the risk manager developed in partnership with colleagues from other professions and in consultation with those who have a seat at the boardroom table.
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
Risk Leadership on the Boardroom Agenda
1. 2 October 2016 – Malta
Helping to Frame the Board’s Risk Conversation
A Profession in Transformation
John Hurrell and Julia Graham
2. 2
www.airmic.com
The Association for
those responsible for
risk management and
/ or insurance in their
organisations
1200 members in 450
companies generally
with turnover in excess
of £1bn
Extensive research
programme into risk
related issues
4. Leadership needs to
think the unthinkable
Ineffective
Complacent
Striving
Strong culture of trust and respect
Board and management challenge each other
Chairs run meetings well
Feedback
Conduct regular evaluations
Chairs ask for input after each meeting
Risk managers need to be equipped and positioned to support the Board
5. Member Survey 2016 findings
For the first time the top two risks associated with cyber
Lower levels of confidence for less ‘traditional’ risks
Risk management not fully integrated with wider business units
Risk education not fully integrated within the organisation
Budget constraints
Risk culture not embedded within organisation
Risk management not integrated with strategy
Risk management team better access to the Board
The focus on risk has never been greater
Airmic member views
6. Most risk failures are directly or indirectly a consequence of
inappropriate behaviours.
Effective risk governance is achieved through the promotion of
effective cultures and behaviours.
Good behaviour and culture are key factors in the successful
delivery of the purpose and objectives of an organisation and the
creation of value.
Culture and Behaviour – Airmic research findings
7. Why did companies fail?
Lack of board skill and NED control
Board risk blindness
Leadership failures
Poor communications
Organisational and risk complexity
Inappropriate incentives
Risk management ‘Glass Ceiling’
‘Roads to Ruin’
8. ‘Roads to Resilience’
1. Exceptional Risk
Radar
2. Flexible and diverse
resources and
assets
3. Strong relationships
and networks
4. Rapid response
capability
5. Constant review and
adaptation
Why do companies succeed?
9. Exceptional Risk Radar
Everyone is responsible
Constant vigilance
Complacency engineered out
Constant questioning and challenge
Communication critical
10. Flexible and Diverse Resources and Assets
Actively managed dependencies
Active networks with ability to switch
rapidly
Availability of crisis management
expertise
11. Strong Relationships and Networks
Shared common purpose
No blame culture – (“fix the problem”)
Flatter Structures
Engaged leaders
12. Rapid Response Capability
Quick and appropriate action
Defined processes and teams
Ability to identify appropriate resources
quickly
Rehearsing and practising
13. Constant Review and Adaptation
Investigation through scenario
analysis
Learning as a core value
Near misses must be
communicated
Active and transparent responses
14. Risk Responsive Roads to Resilience
Roads to Ruin Risk Compliant
Respond,
Recover, Review
Prevent,
Protect &
Prepare
15. • It’s all about behaviour and risk culture ….
Why do so many companies appear unprepared and
unresponsive when the crisis hits?
18. Black Swans
Black Swans represent 'unknown unknowns'
As such, how can you plan for them?
But our research shows that you do not need to
It's not Black Swans which are the biggest threat!
19. Grey Rhinos represent ‘known unknowns'
You can you plan for them
Highly probable, high impact neglected threats
Warnings and visible evidence but leaders fail to address obvious dangers
Acting in time can make a situation better or keep a crisis from deteriorating
But it’s not Black Swans or Grey Rhinos that are the biggest threat, it’s ............
20. It's Black Elephants!
It’s the Black Elephant
The Black Elephant was always in the (board) room
But nobody saw it!
Or if they did, they chose to ignore it
But this Black Elephant has been visible to many within organisations
And obvious to all once the crisis had hit!
21. Most risk failures are
directly or indirectly
as a consequence of
inappropriate
behaviours
Effective risk
governance is
achieved through
the promotion of
effective cultures
and behaviours
Culture is in the spotlight
The UK Corporate Governance
Code 2014 sets out explicit
responsibilities for risk
management and internal
controls
Guidance includes specific
reference to risk culture and
assurance – to ensure that an
appropriate culture is
embedded throughout the
organisation, including
embedding risk considerations
into reward systems
24. When organisations get into trouble, fixing the culture is usually the
‘cure’
… but culture isn’t something you fix
Cultural change is what you get after you’ve learned lessons and
implemented them
Culture is not the culprit – it’s about people
Source: Lausanne University 2016
25. Beware of Board risk blindness and complacency
Research indicates that there can be a gap
between perception and reality
Boards report high confidence levels on a
range of subjects
Yet rarely discuss some of them in depth ...
26. Integrated process across all departments, functions and levels
Integrated with the business model, strategic decision making and planning
Appropriate performance reward structures in place
Monitoring process including annual effectiveness review in place
Educated and informed people across the organisation
Educated and informed stakeholders
Peer to peer team working
Proactive and insightful professionals
Future gazing skills
Educated and informed risk leaders
Roadmap to the new risk leadership
27. Key findings
Digital – a great change driver
Data – the great differentiator
Innovators and futurists –
forward looking
Expanding the range of
expertise – imperative
Professionalism – key to
cementing hard-earned
influences imperative
Make friends in the right places – business and
governance
Do not seek to become an expert in everything –
look internally and externally for the best advice
Become a storyteller – encourage risk thinking
Communicate with knowledge and confidence – this
will help to drive influence at all levels
Understand the power of data analytics – and how
this can be integrated into existing risk management
practices
Develop techniques like horizon scanning and
scenario analysis
Use a common language for business and data –
avoid jargon
The role of the risk manager
is transforming
Priorities for the next generation of risk managers
The Changing Role of the Risk Manager: ACE 2015