• Wednesday, 15th May, 2024

Enterprise Risk Management – A Remedy

Business | 7 years ago

RISK MANAGEMENT WATCH

By Robert Mbonu

Our economy is underperforming partly because we are presented with different government policies. This week we will analyse the situation from an Enterprise Risk Management (ERM) perspective. ERM, applied in a public sector scenario is an all-encompassing methodology that allows the various units of government to pull together intelligence on all the factors from the different efforts that hinder the achievement of the objectives to be delivered. It will entail tackling those top level strategic or enterprise wide risks. What we are experiencing appears to be the opposite – whereby the various units of government are working in “silos” and solving fringe problems. The ERM approach will result in a bold, holistic and audacious effort to harmonize fiscal, monetary, exchange rate, trade and macro-prudential policies in a concerted manner. The current recession will be quickly resolved with these in place.

When you apply a medicinal ointment to an infected arm, it is unlikely that the arm will heal. In fact the infection in the arm may spread to the whole body, if a more intensive treatment is not prescribed to fight the infection. Enterprise risk management (ERM) is like that ‘whole body’ treatment for an organisation, or government.

Imagine a bank that is threatened with failure. It also has a poor history of management practices and false reporting to the regulator. Whilst the two risks might be linked, by improving the reporting risk (the medicinal ointment), you are still unlikely to be able to save the bank from failing. The bank needs something much deeper and more thorough in terms of risk management than just safety risk management. It needs enterprise wide risk management to get to the root of what is wrong, to turn it around and set it on the right path.

ERM is often mistaken as being strategic risk management – actually it is much more than that; it is the combination of risk management techniques for every aspect of the whole corporation, dealing with both value protection AND value creation, where the top level board and senior management engage in well managed risk taking, and the lower levels of management and supervision engage in controlling risk according to the boundaries of acceptable behaviour that is made clear through the ERM and risk appetite framework.

Top-down, ERM is about creating, and delivering value through sensible risk management practices and appetite set at board (ministerial) level and driven downwards. Bottom-up, ERM is about protecting the value created by exercising good control and managing tactical and operational risks.

Simply blaming the past for your current predicament is like driving a car using the rear view mirror and side mirrors. It will lead to a bigger accident which will manifest by way of unfulfilled promises and objectives. On the other hand by looking ahead through the windscreen, and avoiding the pot holes and obstacles (risk assessment), the car can be safely delivered to its destination. Many forms of commonly known risk management are about looking back, reviewing what went before and analysing the track record.

This is good only if it contributes towards providing intelligence for predicting the future and enabling an adjustment in the strategy. There needs to be a controlling mechanism to bring together all the information and intelligence so that decisions can be made as to how to navigate the unfolding risks. Herein lies the ERM framework – Risk Architecture (roles, responsibilities and reporting structure); Risk Strategy (appetite and attitudes) and Risk Protocols (guidelines), which is designed by an ERM expert.

ERM contributes to improved decision-making and supports the achievement of set missions, goals and objectives.
Through ERM, we can gain an overarching vision of the risks and exposures to which we are exposed, as well as the opportunities and capacity to engage in managed risk taking activities.

The requirement to understand the organisation and its context ISO 31000 (paragraph 4.3.1) makes ERM a top-level responsibility in that there should be a thorough understanding of the systems, capacity and capabilities of the organisation; governance, social and cultural, political, legal, regulatory, financial, technological, economic, natural and competitive environment; key drivers and trends having impact on the objectives of the organization; and relationships with, and perceptions and values of, internal and external stakeholders.

Enterprise Risk Management takes cognizance of the active elements of the risk management process – techniques of risk identification, analysis, evaluation and risk treatment.

Embedding Enterprise Risk Management requires more than a change of culture – it requires the right people to take ownership of their part in the process. All management and staff should be provided with the training and other resources needed to ensure that they have the appropriate skills, competencies and experience to carry out their responsibilities. It may take time and effort to gain momentum, train managers and specialists, and establish good tools and processes. But the overall benefit cannot be over-emphasized.

There is no standard size or allocation of resources for integrated enterprise risk management activities. In order to assess resource requirements for establishing and maintaining an enterprise risk management approach and process, it is important to identify the nature, adequacy, and usefulness of existing organisational tools, techniques, human resources skills, and expertise for managing risk to determine incremental requirements.

It is important to note that resource allocations should be aligned with the level of risk to be managed with resources being focused on the main risks, not necessarily every risk, but focused on those residual risks that are outside appetite (the “red zone risks”).

Within the government or organisation, it might one unit or someone is delivering sub-optimally, but just dealing with the one unit or individual will not help you to tackle the underlying cancer of poor performance or corruption throughout the business or sector. Enterprise Risk Management is about looking for the seat of the problem, cutting it out, treating the surrounding areas and then improving the whole body so that all parts of government or the organisation will fight the disease actively in real time.

Whilst the infection in the arm might appear to be what requires treatment, rather than apply a medicinal ointment, we need to look deeper than just the infection; what is the cause of the infection? Why is it so deep? Is there an issue with the ability of the body to deal with infection? Is there an underlying cause of the trauma or likelihood that the infection will recur after treatment? All those aspects of the infection need to be addressed in the same way that you would address an issue in government or the organisation. This is ERM in action.

• Mbonu FERP, HCIB, CIRM (UK), MBA, MsRM(Stern), B.Eng . Managing Partner MCB-RMCIR, qualified Engineer, is an experienced Banker and Enterprise Risk Management professional. Earned a post graduate degree in Risk Management from New York University Stern School of Business, and is a Member of the UK Institute of Risk Management (IRM). Can be reached on 09092092046 (SMS Only); email: rm4riskmgt@gmail.com

Related Articles

Founded on January 22, 1995, THISDAY is published by THISDAY NEWSPAPERS LTD., 35 Creek Road Apapa, Lagos, Nigeria with offices in 36 states of Nigeria , the Federal Capital Territory and around the world. It is Nigeria’s most authoritative news media available on all platforms for the political, business, professional and diplomatic elite and broader middle classes while serving as the meeting point of new ideas, culture and technology for the aspirationals and millennials. The newspaper is a public trust dedicated to the pursuit of truth and reason covering a range of issues from breaking news to politics, business, the markets, the arts, sports and community to the crossroads of people and society.

Helpful Links

Contact Us

You can email us at: hello@thisdaylive.com or visit our contact us page.