We are already in the second quarter and the year is moving fast. By now one ought to be implementing their strategies for the second quarter of the year. But before that, it is a prudent thing to reflect on the performance, challenges and risks faced during the current quarter and possibly the same quarter in the previous year as an individual or an organisation.
This provides the basis for coming up with robust strategic plans as a way forward. The way an organisation manages its risks defines the kind of reward it will earn at the end of a specified period. Most successful companies have embraced the culture of risk management and as such have developed and put in place robust risk management frameworks which they review and test on regular basis. Risk Management is, therefore, one thing managers at all levels need to embrace and ensure that their organisations adopt and put in practice.
So what is risk management anyway? It is simply a systematic process of managing organisations’ risk exposures to achieve its objectives in a manner consistent with public interest, human safety, environmental factors, and the law.
It consists of the planning, organising, leading, coordinating, and controlling activities undertaken with the intent of providing an efficient pre-loss plan that minimises the adverse impact of risk on the organisation’s resources, earnings and cash flows.
There are seven principles of risk management as advanced by Randy Wheeler which some organisations may need to embrace as early as the year begins if they require improving on their performances and delivery.
Principle one; Know your risks:
Management of boards of companies need to have a keen understanding of the risks their organisations face. The biggest problem in risk management is failing to recognise potential threats that could stop an organisation in its tracks. It is therefore important that organisations need to know where there losses are coming from and be able to pinpoint problem areas that would benefit loss control programmes.
Principle two; Create a risk management culture:
Risk managers cannot afford to ignore the importance of `culture’ in a successful risk management program. Companies need to put in place a systematic approach to building awareness of risk processes, policies and objectives, establish a culture that values every individual’s participation in controlling programme results and costs.
Such a risk management culture can be facilitated through the three`C’s of culture creation i.e communicate, collaborate and connect.
Principle Three; Know your risk appetite:
Take risk within the risk appetite and be consistent with the approved strategy. This can only happen when the organisation knows how much risk it is willing to take at that material time. Many organisations handle transferable risks by purchasing an insurance policy. However, alternatives such as self-insurance, risk retention and captives can be sound risk management strategies, as long as an organisation has the appetite to take on certain amount of risk. When a company retains risks, it allocates funds to cover unexpected losses, liabilities and exposures, instead of paying insurance premiums.
Principle four; Maximise claims management for efficiency, cost savings and risk reduction at each step of the process:
Settling claims is still a core business process in the risk management and insurance industry and its single greatest expense.
Principle five; Utilise a centralised data hub as the risk management infrastructure to connect key stakeholders and to automate workflow.
A centralised data hub is a powerful tool that enables the accessing and sharing of information among key stakeholders.
Principle six; Ensure compliance with country laws and regulations:
The number of regulations affecting risk management and insurance has escalated and put further burdens not just on the risk management divisions but also on finance, internal controls and compliance divisions of many companies.
Principle seven; incrementally incorporate processes for enterprise risk management to anticipate strategic and operational risks.
With the fall of the in the stock market, the events of September 11, corporate bankruptcies, colossal shareholder losses and scandals such as Enron a WorldCom, enterprise risk management has emerged as a new paradigm for assessing and managing risks more vigorously and systematically.
Adhering to the above principles will enhance efficiency and effectiveness in the day to day operations of the organisation and will also improve on the internal controls of the company. This is simply a pick of a bigger picture of risk management. The writer in his next article will discuss why both public and private companies need to embrace business continuity programmes in their risk management systems
Dennis Echeru is the general manager risk at Centenary Bank.