|By Macon Albertson,
President, Tatum Professionals
If “disruptive” was the biggest term to describe this year, it may well be replaced by “volatile” in 2018. The fact is, the overall business operating environment can increasingly be characterized as highly-volatile – from macro-economic factors such as, Brexit and the U.S. political landscape to factors that greatly impact every day operations, including changes in domestic, regulatory or the competitive landscape and technological advancements. These factors, and many others, have made a complex and uncertain business environment even more so.
For CFOs, that means the importance of a wide-encompassing and proactive risk evaluation and mitigation strategy is even greater than before. The future framework of enterprise risk management requires new ways of addressing potential risks, a shift in mindset about how to respond to possible threats, and how to incorporate it throughout the organization. More importantly, the evolution of risk management is grounded in a new lens through which to view it – using risk as a tool to create value and achieve higher levels of performance.
Findings from a recent AICPA survey uncover a need to refocus and invest in upgrading ERM programs. According to the study, only 25 percent of companies describe their risk management processes as “mature or robust.” And, the majority of organizations do not believe their processes reflect “complete” or formal enterprise-wide risk management.1 We’ve outlined four strategies that can help move the dial on ERM programs and drive better outcomes and even better corporate performance.
Risk cannot be managed from the top alone. Many organizations’ strategy is to focus on and implement enterprise-wide risk management processes. Although this can deliver value through management insight into risk management, it fails to take into account the potential risks that can arise within individual business units, and a lack of engagement and adherence to risk strategies within organizational silos.
Risk management should be integrated into businesses processes within the enterprise in order to have a more transparent view into the organization’s true risk position, and a more comprehensive understanding of vulnerability. Too often, the more centralized a company’s risk management function, the more likely it exists in isolation from the rest of the enterprise. A more effective approach is to integrate risk management into all of the company’s routine management processes, including planning, capital allocation, controlling and reporting.
Building collaboration among operating management will also ensure more buy-in and adherence to risk management strategies. Many enterprises are broadening their approach to focus on vigilance, both among human capital and by developing ways to detect patterns that may alert or even predict risk events. The end goal is an organization that consistently considers issues of risk and uncertainty.
- Augment human vigilance with emerging technologies. Advancements in cognitive technologies, artificial intelligence (AI) and data analytics offers CFOs a broader suite of solutions that go beyond traditional means of managing risks. Smart machines and predictive analytics can now detect, predict and prevent risks in high-risk situations. This real-time and dynamic risk management can improve risk-related decision-making in areas such as, internal audit, supply chain management, finance, cybersecurity and controls testing. Even among companies already utilizing a governance, regulation and compliance (GRC) software solution, many are still not leveraging or unlocking the full benefits of this investment. Whether the enterprise is investing in new, emerging technologies such as smart machines and cognitive technologies, or simply not unleashing the value of an existing GRC software, consider engaging specialists or upskilling employees to extract better insights and data from these systems.
- Don’t overlook the threat of non-financial risks. Although the focus of the CFO is naturally on financial and regulatory risks, today’s interconnected and transparent world means greater threats to reputation risks. With information able to spread like wildfire, in an instant, CFOs should fundamentally rethink their approach to reputation risks and proactively address them. Many companies are managing risks in a manner that reflects the new hyper-connected, social and mobile reality by evolving their risk processes to a more open, collaborative approach to identify and manage risk. This strategy includes constant insight and scanning of media sources with technology-enabled intelligence capabilities, and partnership with CMOs and CHROs to proactively nurture external brand advocates. The objective is to improve reputation risk resilience and create capabilities to manage and respond to risk in ways that create value and drive business performance.
View risk management as a performance enabler. ERM programs of the future require an organizational culture that views risk management as not only to address risks reactively, but to proactively manage risk to create new areas of competitive advantage. Given organizations’ need to remain innovative and agile, a more focused “risk/reward” strategy may identify opportunities to embrace risk in order to gain important business advantages.
Shedding the traditional “fear and avoidance” mentality regarding risk can free up organizations to focus on more than simply completing the necessary, compliance-driven activities. Once an enterprise achieves more accurate, measurable and tangible ways of identifying risks, a clearer picture emerges of potential upside value for risk. This new mentality is almost mandatory in today’s fast-paced and innovation-driven business environment, with the goal being to identify smart risk-taking and create a risk-intelligent culture.
As the year comes to close, there is a new alertness with which businesses are navigating the path towards growth and success. As we look ahead, CFOs will need to alter the way they approach ERM, seeking ways that risk can be either converted into opportunity or mitigated before they can cause any permanent damage.
Enterprises that make informed choices and exercise discretion, with applicable risk mitigation mechanisms, are the ones that will be ready to face and overcome challenges and will eventually succeed.
About Macon Albertson
As Tatum’s President, Macon brings more than 20 years’ experience driving profitable growth in the solutions, consulting and staffing sectors. His industry-specific leadership has been critical to building an operating platform allowing for Tatum’s growth and sustained success. Macon previously served as Senior Vice President of Randstad Professionals, overseeing multiple regions. His proven track record in employee and managed services demonstrates an ability to handle even the toughest of turnarounds through disciplined business development and operational management tactics and philosophies. When Macon isn’t in the office, he enjoys being outside and pursuing his passion for race cars.
The CFO Leadership Council offers monthly programs featuring expert panels and interactive sessions that drives meaningful conversation and leadership development amongst our membership. Visit www.cfolc.com to find the chapter near you.
1 AICPA Survey, “The State of Risk Oversight,” 2017 https://www.aicpa.org/InterestAreas/BusinessIndustryAndGovernment/Resources/ERM/DownloadableDocuments/AICPA_ERM_Research_Study_2017.pdf