Click here To view the latest edition of CEO TODAY

Michael Walker, Chairman, Institute of Risk Management

Business decisions always involve the consideration of risk and its treatment, but too often companies see risks almost exclusively in financial terms. Will the firm meet its earnings targets? Could there be surprises in the results and if the company worries about its reputation, the company usually meets its standing with investors.

This concentration on numbers may not recognise that there are other critical risks to the organisation, such as wider reputation or brand damage. In many industries, for instance, the opinion that government or regulatory bodies have of the company is critical to its medium and long-term success, although investors may like good quarterly earnings in the short term.

Since strategic actions such as deciding whether to take over another business, expand into a new territory or outsource an important function, can be crucial to the company’s future, it is imperative that the risks associated with the "Do we/Don’t we" process are identified, and that these are not limited to purely financial risks.

Thanks to the EU Accounts Modernisation Directive, the requirements of which have been in place since 1 April 2005, virtually all UK companies must now disclose "the principal risks and uncertainties facing the company," which specifically includes non-financial issues such as environmental matters. Directors, therefore, must have a global view of the risks that could affect the company and the potential interaction between them.

The CEO is the ultimate manager of risk in the organisation

With a breadth of vision and understanding of the company’s business objectives, the CEO is the ultimate manager of risk in the organisation. On a more functional level, however, the business needs someone with a solid knowledge of the identification and treatment of risk. This person must have the ability to communicate, ensuring that risks are considered on an enterprise-wide basis and not just in divisional silos, where dependencies may fall through the gaps.

The person fulfilling this role should be responsible for viewing and managing the risks faced by the company in its operations, in developing into new global locations, innovating new products and protecting its staff and shareholders. Important non-financial risks may not be recognised if the corporate risk management role is treated as little more than a vocational or a technical function, perhaps with just an emphasis on buying insurance.

Managers of risk must be excellent communicators. In addition, for the future, they must develop skill sets in terms of leadership, breadth of vision and strategic thinking in order to play a more proactive role; this will help their respective companies improve planning and anticipation of events to match or better the competition.

The role of the Institute of Risk Management (IRM), founded 20 years ago when risk management was its infancy, is to provide professional education for those managing risk so that they have the professional and business skills to meet these demanding, and sometimes difficult to define, roles. The Institute also recognises that directors and managers have increasing pressures to speak the language of risk, and so it has developed short courses for this purpose.

Twenty years ago we did not have email, mobile phones, global warming fears, obesity and diabetes in our children, avian flu, Turnbull or Coso, Al- Queda terrorism or computer viruses. Just think what changes will be wrought over the next 20 years. Will the organisations you represent be ready without tomorrow’s risk managers?

Biography

Michael Walker is Chairman of the Institute of Risk Management and a Director of Currie & Brown (UK) Ltd. He has over 25 years’ experience in the construction industry, and specialises in risk management and construction risk finance.

For information on risk management qualifications and training, membership and jobs see www.theirm.org

 

Click here to obtain a copy of