Since I left PwC in 2001 I have firmly been of the view that risk management was going to be represented in the boardroom (or C-Suite) with a CRO type person. In the UK they would join the board, in the USA perhaps the C-suite. I am now seeing this come to fruition.
However, I am equally interested in the non-executive side of the equation. We need NXD's (non-executive directors - if that is indeed a UK-centric descriptor) who are business-savvy, numbers-savvy and now, I would argue, risk-savvy.
I would be interested to hear of examples of non-executive directors who have a business risk background in boardrooms with which you are familiar. Does that work? Do they add value? Is there a role? Do they help deliver the all important assurance environment?
I would also be interested to hear your views as to whether there is a need for what I am calling the r-NXD.
Kind regards
Richard
Monday, March 8, 2010
Thursday, February 25, 2010
Strategic Risk
Risk management has a history of sloshing about in the nether regions of the organisation: focussing on operational type risks, processes, insurance, that type of thing. Don't get me wrong, I think those things are important, but shouldn't we be dealing with the strategic issues? You know, M&A, what is the future of the organisation? What is coming at us over the horizon?
I have a view that we should be looking a lot more at strategic risk, and I like to tie it back to value drivers (via objectives?) such as those that drive shareholder value (or whatever your equivalent might be for our organisation).
This leads me to pose several questions:
I have a view that we should be looking a lot more at strategic risk, and I like to tie it back to value drivers (via objectives?) such as those that drive shareholder value (or whatever your equivalent might be for our organisation).
This leads me to pose several questions:
- Do we as a profession have enough face time with the CEO and Chairmen of our organisations?
- Do we get involved in strategic plans before or after they happen? eg, do we get involved in risk based due diligence after the transaction is announced, or when options for acquisitions are being discussed?
- How often do we, as a profession, facilitate board awaydays focussing on more distant strategy (say 5 to 10 years out)?
- Does anyone have any really good war stories on this that you are happy to share on line?
Thanks
Richard
Wednesday, February 17, 2010
Ethics and Risk Management
It is my contention, as I have often said, that Corporate Ethics is one of four key attributes of Risk Management, and that is is often in tension with a performance culture (another of my four key attributes).
A number of things have cropped up over the recent years:
A number of things have cropped up over the recent years:
- Clearly Toyota has some "ethical" questions to answer with regard to brakes, accelarators and now steering systems.
- It seems unutterbaly proven that there were dubious (at best) ethics in banking which allowed the situation to arise for the financial crisis.
- A few politicians in the UK have exhibited less than the highest standards in the ethical field.
- Greece (aided and abetted by at least one bank) appears to have been cooking the books, with disastrous consequences for other Eurozone countries.
- BAe has paid a stinging penalty to the US and a modest one in the UK.
- We have a new bribery act coming onto the statute book in the UK (if it gets through before the election).
I believe that risk management can ONLY work where there is an ethical dimension to the organisation. And yet, perversely, this allows free-riding unethical corporations to duck and weave unhindered and leave the ethical corporation trailing - at least for a period of time.
I would welcome people's views on the interaction of ethics and risk management.
As ever, I am likely to turn the discussion into a paper in due course, summarising the contributions - if you are uncomfortable with that, let me know in your response.
Thanks
Richard
Monday, January 25, 2010
Management Rheumatism
I have been thinking about the need for a cure for what I describe as Management Rheumatism: a disease that typically occurs in older organisations, where the need for security (and therefore control) far outweighs the ability to embrace and implement change. For more see here...
Feedback welcome, as always!
Feedback welcome, as always!
Risk Appetite - reality v. aspirations
I have a new paper on risk appetite which has been written following on from a discussion on LinkedIn about Risk Appetite. The on-line discussion was followed by a real discussion at the Institute of Risk Management (www.theirm.org). The aim is to develop some practical guidance on the subject, which will be the subject of a follow on paper in due course. I am truly grateful to all those who took part in the discussion and especially to those who have allowed me to quote them in the paper. The paper is here...
I look forward to feedback: I thrive on feedback!
Thanks
Richard
I look forward to feedback: I thrive on feedback!
Thanks
Richard
Subscribe to:
Posts (Atom)
Posts
