The myths around emerging risks are numerous and would have us believe that there are all sorts of emerging threats with potential negative consequences. The press and internet tell us that there are new and emerging risks all the time, yet, it could be argued that these are actually new and unpredictable causes to predictable impacts, or new and unpredictable impacts to known causes.
The economic outlook in Nigeria is currently facing head-winds due to vulnerability to the continuous decline in the price of crude oil, volatility in the stock markets, tight monetary & fiscal policies, rising inflation, currency depreciation, insecurity & insurgency across the country. All these together with increased regulatory pressure have created uncertainty and constantly unfolding emerging risks for many Nigerian businesses.
Drawing from a Risk Management survey (‘the survey’) conducted by KPMG Nigeria in 2016 aimed at identifying the key risks that will impact organisations in the nonfinancial sector, the Macro-economic risk arising from changes in economic factors such as currency exchange rates, interest rates, equity price, inflation, recession, and unfavourable fiscal policies was rated the highest.
Respondents to the survey (mostly CEO’s and CRO’s) were asked to select key factors that have given rise to the increased risks they face. The top three (3) factors were:
1. Uncertainty due to recession and financial crisis; 2. Unstable geo-political environment; and
3. Pressure from regulators and regulatory compliance requirements. Varying degrees of emerging risks are the result of these factors and/or a combination therefrom.
But do those emerging risks matter? Well actually many of them present opportunities as well as threats. The impacts of these are what need to be reviewed and appropriate responses designed.
A cursory reading of just a few of the publications on the topic of emerging risks quickly resembles a crash-course in risk aversion therapy. We have been subjected to a bewildering and ever lengthening series of lists of emerging risks.
For a better understanding, emerging risks can be classified according to those risks that are ‘new’, those that are ‘crystallising’ and those where the impact is getting more pronounced – identified as ‘aggravating’ risks.
New risks include uncertainties due to Technological innovation. They are those that are genuinely new, which emerge from new technologies and processes. Technological change has always presented a challenge, but when addressed correctly it has also presented an opportunity such as with satellites and the ease it has brought to communication. The response here is to develop technological competence and construct risk management responses that are fit-for-purpose.
Cyber-attacks of all varieties are now top of mind for governments, utilities, individuals, medical and academic institutions and companies of all sizes. Because of the increasing global interconnectedness and explosive increase in use of mobile devices and social media, the risk of cyber-attacks and data breaches have increased exponentially. Hackers can shut down a company’s network or steal customer and employee personal and financial information.
Crystallising risks are those that are not new, but whose manifestation and implications are emerging. In this context we are looking as much at emerging losses, as emerging risks. Crystallising risks, by contrast, will by their nature always operate to a large extent outside the bounds of current knowledge. The only response is therefore to establish business practices that aim to detect “weak signals†and monitor them in case they become “clear tendencies with a high potential for danger.†The important issue here is that organisations and governments should set in place a set of early warning indicators to monitor the nature of change and speed of change of these types of risk.
Aggravating risks are relatively well known, but where their incidence and impact are becoming potentially more aggravated. This category would include climate change, and pandemics. Terrorism developments could be argued as being an example of an aggravating risk.
Aggravating risks are by their nature fairly well understood. The difficulty arises from mis-estimating their scope and extent, particularly with regard to the impact of the risk. The response is very similar to that for technological change in terms of building expertise and knowledge.
Above all there is a need to build credible models of potentially accumulating incidents so that risk appetites can be aligned with the exposures being faced.
Whatever the category of emerging risk, a challenge may lie in modelling and quantifying their potential impacts. Only in this way can organisations leverage their key capabilities, which is the creation of sustainable value using risk management.
With the right enterprise risk management strategies, organisations and governments stand a chance of transforming emerging risks into a competitive advantage and sustaining performance in the face of significant changes in the operating environment.
Thus future developments in risk management will be concentrating on the ability to forecast changes in risk causes and impacts. Key Risk Indicators and Early Warning Indicators will become much more important and prominent in enabling governments and organisations to make strategic decisions, and many businesses will profit by being alert to the opportunities and being prepared for the threats.
The need for organisations to strengthen their Enterprise risk management (ERM) practices cannot be over-emphasised, given that the present and future business environment will be quite challenging for all sectors of the economy. An effective ERM programme can help drive informed decision-making for better performance and greater rewards. As a critical management science, ERM methods help empower public and private sector managers to tackle their risk potential head-on – proactively identifying, understanding and managing uncertain outcomes for sustainable long-term growth.
