corporate risk - iia › sitefiles › iia congres › 2015 › presentaties › iia... ·...
TRANSCRIPT
1
2
Corporate RiskBridging the Leadership Gap
22 Member Associations in 20 Countries
Over 4300 individual
members who are
responsible for risk
management and/or
insurance in their
organisations
Purpose
Co-ordinate, promote and support the development
and use of risk management, insurance
and risk financing in Europe
Be a significant stakeholder in the
decision making process at the European level on
risk management, insurance and risk
financing
Profession
Innovation
Diversity
Leading risk management
and insurance across Europe
Global Risks beyond regular Board activities
Risk maps focus on controllable risks
Global risks are big and catastrophic
Boards unclear how to manage these risks
Yet the Board is best placed to manage
Focus on impacts, outcomes and consequences
for operations, not the risks
Check critical dependencies
Check and reinforce crisis management
Improve risk radars
Focus on agility
Top 10 2014 2012 Mitigation Satisfaction
1. Political – Government intervention, legal & regulatory changes
2. Reputation and brand
3. Compliance with regulation and legislation
4. Competition n.c*
5. Economic n.c*
6. Market strategy, client n.c*
7. Planning and execution of strategy
8. Human resources / key people, social security (labor)
9. Quality (design, safety & liability of products & services)
10. Debt, cash flow n.c*
2014 FERMA Survey and Risk Map
Source - FERMA Risk and Insurance Report 2014
Roads to Ruin and Roads to Resilience’
Roads to Resilience 2014
(Cranfield)
Why did companies succeed?
Exceptional Risk Radar
Flexible and diverse resources
and assets
Strong relationships and
networks
Rapid response capability
Constant review and
adaptation
Roads to Ruin 2011 (Cass)
Why did companies fail?
Lack of board skill and NED
control
Board risk blindness
Leadership failures
Poor communications
Organisational and risk
complexity
Inappropriate incentives
Risk management ‘Glass
Ceiling’
The categories of risk related corporate failure
Failure of corporate strategy - e.g. Enron
Failure of the business model - e.g. Northern Rock
Failure to manage reputational risk - e.g. Arthur Andersen
Failure to respond appropriately to catastrophic events - e.g. Railtrack
The Resilient Company?
Source - Roads to Resilience Airmic and Cranfield
What makes a company more or less resilient?
Source - PwC
Risk Governance perceptions - before the crisis
Risk Governance reality - after the crisis
MANDATE
Culture
Values
Ethics
Tone set from the top
RISK ASSESSMENT
Culture
Discussion
Capability
Information and communication
Accountability and delegation
Advice and assurance
Effective risk culture
RISK
RESPONSIBILITYRisk management process
Principle risks and appetite
Risk culture and assurance
Risk profile and mitigation
Monitoring and review
Risk communication and reporting
Sound system
What every Board member needs to know
The board should regularly update and refresh their skills and knowledge
Board
responsibility
Board requirements Risk Manager contribution
1. Risk
management
processes
risk management
and internal control
systems that identify
the risks facing the
company
responsibility for planning,
designing and facilitating the
implementation of the overall risk
management process for the
company
devise risk management systems
and procedures that ensure that
the approach to risk is co-
ordinated and not fragmented
record the risk management roles
and responsibilities, as part of the
risk management systems and
procedures
develop the risk management
manual for the company, including
the statement of risk management
strategy
Inputs
• Financial
• Manufactured
• Intellectual
• Human
• Social and
Relationships
• Natural
Consider:
- Supply and
demand
- Cost
- Availability
- Quality
Business
activities
• Strategy
• Processes
• Projects
• Incentives
• Distribution
Consider:
- Changes to
activities
- Process
- People
- Technology
Outputs
• Products
• Services
• Finances
• Infrastructure
• Intellectual
Property
• Brands
Consider:
- Supply and
demand
- Quality
- Consistency
- Distribution
- Distinctiveness
•
Outcomes
• Market Share
• Reputation
• Profitability
• Share price
• Customer
Satisfaction
• Sustainability
Consider:
- Stakeholders
- Risk and
reward
- Long-term
viability
Effective Risk Leadership could prevent failures?
Ability to see ‘out of the greenhouse’ and to engage widely with broad networks
Ability to provide independent support for the board through objective, fact based, assessment and research
Scope to assess reputational risk exposures
Scope to plan appropriate crisis responses
Why is this important?
Business becoming more global
Increasing dependency on technology
Risks are becoming more virtual
Increasing complexity of risk
From defense to offence
Insurance Buyers
• Administering
Hazard
• Managing
Integrated
• Directing
Strategic
• Leading
1950’s – 60’s 1970’s – 80’s 1990’s 21st Century
Shifting Perspective from “Cost / Benefit” to “Risk / Reward”Copyright Risk and Insurance Management Society, Inc.. All rights reserved.
Source - RIMS
Balances Stakeholders
Collaborates
Drives EngagementCourage
Ensures Accountability
Dealing with Ambiguity
Vision & Purpose
Cultivates Innovation
Strategic Mind-set & Business Insight
Strategic Advisor and providing confidence to the Executive
Culture Change & Operational Effectiveness
Stakeholder Engagement
Leadership & Succession
New demands need new requirements
Career Experience/ Risk Sophistication
Fragmented
Co-Ordinated
Influential
Leadership
• Business Insight
• Technical Skills
• Builds Networks
• Communication
• Priority Setting
• Managing
Systems
• Strategic Insight
• Stakeholder Skills
• Courage
• Ensures
Accountability
• Credibility/Stature
• Vision & Purpose
• Political Savvy
• Drives Engagement
• Ambiguity
• Deal with Paradox
• Innovation
• External Perspective
in leadership capability
step-change
requires
advance
Each
Risk Management to Risk Leadership
We need to step away from risk managers who block and obfuscate new initiatives, to a leader who helps a business manage and mitigate in a strategic way
Andrew Blowers OBE
Chair of Risk, AA
“I am, like many CEOs, wary of Risk Management because of its reputation for being a box ticking function…
…I fundamentally believe that all the leadership are responsible for managing risk in a way that is forward thinking and commercial..”
Andrew Miller
CEO Guardian Media Group
Source - Tomorrows Risk Leadership
Airmic and Tomorrow’s Company
FERMA Certification
Know
ledg
e
Expe
rie
nce
Certification
Co
ntin
uo
us
Pro
fessio
na
l
De
ve
lop
me
nt
Accreditation
Eth
ics
Certification Content
Certification programme
Accreditation
• Risk management diplomas
Certification
• Risk Managers
License
• CPD events