Looking at the changing role of risk management and how people from a variety of sectors and backgrounds are beginning to accept the value of effective risk management strategy across numerous settings. How the strategy has infiltrated everything from cyber security to tackling poverty in recent times and asking where else it can be used within modern society. There so many new factors which have to be considered in risk management assessments now, such as social media, that didn’t exist years ago. Does this make the initial assessment process tougher? Are risk management strategies becoming more popular?
Many people probably think that the idea of risk management is the exclusive preserve of the insurance community as they look at a multitude of details before deciding whether or not a business or individual is insurable.
While it is true that the concept is used frequently by insurers for this purpose, there is also mounting evidence that risk management is something that is translating to other areas of society as various sectors/organisations recognise the benefits of thorough planning before problems arise down the line.
Prevention rather than reaction
Jim Yong Kim, World Bank President, recently offered his view on this very subject as he addressed policymakers and aid workers.
“We’re advocating a sea change in the way risk is managed. Our new approach calls for individuals and institutions to shift from being ‘crisis fighters’ to proactive and systematic risk managers,” said Kim.
As part of a wider report into the subject, the World Bank analysed major events such as the global financial crisis of 2008 and looked at how lessons from this period have led to the idea of risk management taking more prominent order in the way CEOs and even world leaders think.
The globally devastating impact of the financial crisis is undeniable. It affected all sectors of society, and led to an unprecedented review of the systems which are in place to govern working standards in the banking industry.
If a more thorough and comprehensive risk management strategy had been carried out by the companies and major figureheads involved before launching quite recklessly into a number of deals, could the subsequent damage have been avoided?
We might never arrive at a conclusive answer to that question, but there can be little doubt that whatever risk management structures did exist at the time were not applied diligently enough.
An official World Bank report even cited health and weather shocks as playing a “major role in pushing households below the poverty line” alongside economic issues. The World Bank clearly feel that if more companies and individuals in prominent positions can establish thorough risk management strategies to mitigate against such factors, it may be possible to bring the major problem of poverty under a greater level of control.
Tackling risk of data theft
A recent study from the United States looked at the vulnerability of electronic data in the US healthcare sector. The statistics that 94% of healthcare entities have experienced a cyber breach of some kind is particularly alarming.
The government and the wider public have noted the problem and healthcare companies are being increasingly encouraged to consider the requisite benefits of employing effective risk management strategies in dealing with such a problem.
The FBI opened a full scale investigation into the issue in October 2013, with particular emphasis placed on investigating the possibility of insider threats, as well as detecting the way external threats develop among other recommendations.
Seeing risk management applied in this fashion is yet another example of how a broad range of sectors across the globe are taking an attitude of prevention rather than reaction. This is particularly important when it comes to a complex and multi-layered issue such as cyber breaches. In most cases of this variety an investigation into any breaches after the event will be largely futile. The data has been compromised and the damage has most certainly been done.
A far more effective strategy involves putting effective, thorough and established risk management strategies in place before the problem presents itself. How secure is your system? Are you using the correct software? How many staff members have access to specific records?
Key questions such as these need to be asked in order to accurately assess how secure or otherwise a system is. Risk management is the best way to do this and more and more organisations appear to be realising this.
Looking down the line
So, if this is what risk management looks like in the present, what do we think it will look like in the near future? Gary Booth at Lloyd’s of London looked into this issue, and emphasised one key point which has been touched upon in this piece already.
Booth points out that Lloyd’s broker Aon recently indicated, in their view of the shape of risk management to come, that “more (non-financial) companies will appoint chief risk officers to complement their risk managers.”
The idea that an increasing amount of companies will look to create entirely new positions as part of a more stringent and thorough risk management strategy emphasises once again how prevalent the method has become in mitigating against trouble further down the line.
But it is the fact that Aon see companies from outside the financial sector taking this action which is most intriguing. If the concept has transcended the sector where it is used more than any other, this comprehensively demonstrates how risk management has penetrated wider society and taken up a new place in the modern world.
From world leaders to criminal investigation bureaus, risk management has quickly become the most effective way to tackle a host of varying problems. The theory behind it is simple, focus on identifying the potential of a problem before it arrives on your door.
The old saying that a failure to prepare simply represents preparation for failure has never been so true for so many different companies across so many different sectors. The potential for new, more sophisticated risks are a frustrating reality in many sectors, not just the well-worn financial sector.
The ability (or otherwise) to identify them before they happen may just turn out to be the difference between success and failure as you attempt to lead your company through a financial climate which is still so uncertain for many of us.