Recently I presented to a group of leading CFOs at the CFO Summit in the Gold Coast and at a Governance and Risk Masterclass held by the Governance Institute of Australia in Melbourne. In both sessions, a key theme was what effective and contemporary risk management looks like in today’s environment.
From these sessions and the wide ranging discussions which followed them, a number of thinking points came up:
Risk is concerned with:
Change is a key theme because if things didn’t change, then life would be a whole lot easier. Decisions could be taken with more certainty for example and we would have a totally different perception of risk.
Think about the risk efforts in your company:
When viewed in this way, approaching risk in terms of opportunities and looking at the upside as well as the downside, risk efforts can start to have an empowering impact.
Workplaces with high health and safety risks will focus a lot of energy stopping ‘bad’ things from happening. Those on the other hand, say biotechs or companies with a strong research and development focus want something ‘new’ or ‘different’ to happen.
You can see therefore that risk efforts aimed at ‘stopping’ something from happening as well as risk efforts that encourage you to ‘do’ something unavoidably start to influence culture.
What culture do you have? Have you fostered a ’start’ or a ‘stop’ mindset?
It doesn’t take long to think of other organisations who have found themselves on the wrong side of a risk management failure. Some recent examples are global and involve technological/digital concerns (Volkswagen, Ashley Madison); some are more local with more traditional worries (7-11, Seven West Media, Dick Smith).
The key lesson from these and other failures is found in that word: lesson.
Look around, learn and find the lessons to translate into your company:
Looking at these high profile failures, I am drawn to the fact that you would be hard pushed to find an organisation that does not have an appropriate, reasonable or sensible 'tone from the top' messaging. Particularly when just about every entity will have a set of policies and procedures on culture, conduct and expectations.
Where things can begin to go wrong is when cultural drivers and pressures (intentional or otherwise) change how this is represented in the ‘tone in the middle’. What do your people know that they are not telling you? If they are telling you something, are you actually listening to the ‘moan in the middle?’
Similarly, what about the grass roots of your organisation? What is the ‘grumble at the ground’ telling you from the areas of your business dealing with the outside world, suppliers, customers, regulators etc.
It is this ‘transfer of intentions’ from the top to the middle to the ground of an organisation where messages can get confused, behaviours start to veer off track and in short, managing risk can become difficult.
Are you actively listening to those mumbles and groans?
Are there any other points for today’s leading risk functions?
I would love to know what you think.
Ken is a Partner in the Audit and Assurance practice of our Melbourne office. Ken brings an understanding of how complex groups work, the ability to work in and around the Boardroom and C-suite and from that, to cover the technical requirements of your external reporting requirements.
With over 20 year’s professional experience in the UK, US and Australia including time in commercial financial roles in industry, he understands the importance of ‘the Right Information, of the Right Quantity, of the Right Quality and at the Right Time’ in informing corporate decision making and financial reporting outcomes.
Ken holds an MBA where he focused on Corporate Governance and Board Performance and Director Induction matters in particular and is a Fellow of the Governance Institute of Australia (formerly Chartered Secretaries Australia), gaining the leading corporate governance qualification in Australia.
He is a recognised subject matter expert in corporate governance and experienced practitioner in providing tailored governance, risk and compliance solutions in both the public and private sectors, drawing upon learnings from his role as lead external auditor to some of Australia’s largest entities.
Ken is a published author on the topic of corporate governance and frequent lecturer on key themes as well as serving on the Governance Institute’s National Legislation Review Committee as an active member of a number of working parties providing comments to regulators and standard setters.
Click here for more information, and to contact Ken.