A major takeaway from the Riskworld mega conference this month in Chicago was that risks are becoming more intertwined, which requires a total rethinking on how to manage them.
Here’s another one for CFOs to consider: Today’s risk landscape requires organizations to be proactive and nimble. That is, risk management should be embedded in company strategy, but leaders must recognize they’ll need to adjust their strategy quickly as risks evolve, experts told us.
“If you thought you knew the marketplace and your risk exposure a year ago, let’s totally re-evaluate it. It’s probably changed,” Tim DeSett, president of commercial property and casualty at insurance broker Hub International, told CFO Brew. “Even if we find out that the exposure itself is relatively the same, the financial objectives, the financial priorities for the company are probably different.”
DeSett said companies should revisit their risk plans regularly, either through their enterprise risk management (ERM) program if they have one, or a less formal, but still very serious and frank sit-down sesh.
Corey Parker, principal and ERM services leader at Baker Tilly, told us that companies wishing to incorporate a companywide risk strategy should first start with governance. Typically this involves a “management-level risk committee,” he said, consisting of representatives of finance, cyber security, supply chain, and other operational functions so the committee can fully map out a risk’s potential impact on the company.
“Building a mechanism to share information and have the information to make those decisions [and] share information with your colleagues, that is critical in this process,” Parker told us. He added that this governance structure “makes decision-making at every level below that point easier.”
Not all organizations have a dedicated risk manager, Ray Santiago, head of financial lines in North America for insurance company Sompo, pointed out. In those cases, organizations may need to lean on their vendors, insurance brokers, or carriers to help manage risks. It’s therefore critical to work with third parties that have an array of risk management tools and services available, he told us.
News built for finance pros
CFO Brew helps finance pros navigate their roles with insights into risk management, compliance, and strategy through our newsletter, virtual events, and digital guides.
“I think those are important factors, when companies are making choices on who they partner with,” Santiago said, “so they maximize their ability to manage the risks to the best of their capabilities.”
Get comfortable with being flexible. Risks aren’t static, and a company’s long-term strategy shouldn’t be either, according to a Riskworld panel of experts who discussed the current landscape of global risks.
Franck Baron, group deputy director of risk management and insurance at health and security risk services company International SOS, posited that “the long term strategic plan does not make sense anymore” when considering how quickly companies have to respond to external factors. He said organizations’ risk management practices should emphasize resilience and adaptability.
Baron clarified that companies still should have a long-term vision. They just need to be flexible about how they’ll arrive there.
“So it’s not about saying that we should not have any more strategic plan…It’s more about saying that we know where we want to be, but let’s be open to things that may happen tomorrow,” Baron said.
Reid Sawyer, head of Marsh’s emerging risks group, told attendees they should save 5% to 10% of their time and energy for pondering the risks that are “over the horizon.” He said it’s easy to become overwhelmed when risks are volatile and rapidly evolving.
“If we’re not finding ourselves as risk professionals preserving that five or 10% of [our] capacity about what could change…we’ll continue to get punched in the face from this,” Sawyer said, “and not be able to have that positioning with senior management advocating for investment resources to drive this forward.”