• About us
  • Raising The Bar
  • Risk Committees
  • Team
  • Events
  • Blog
  • Contact
  • Menu

The Risk Coalition

  • About us
  • Raising The Bar
  • Risk Committees
  • Team
  • Events
  • Blog
  • Contact

Would risk committees benefit from spending more time focused on emerging risks?

March 22, 2022

Benchmarking data collated by the Risk Coalition indicates that emerging risks are a concern for senior executives, leaders of controls functions and non-executive directors alike.  For example:

  • 54% of all respondents and 66% of non-executive directors say that risk committees should be spending more time on emerging risks;

  • 39% of all respondents and 40% of non-executive directors consider that  horizon scanning processes should be better leveraged, including to exploit new opportunities;

  • 36% of all respondents and 43% of non-executive directors say that they could be contributing more to their organisations’ horizon scanning processes.

The inaugural Risk Committee Chairs Forum on 3 February 2022, hosted by the Risk Coalition and chaired by Chris Burt, saw 17 experienced risk committee chairs participate in a roundtable to discuss some of the challenges their committees face around emerging risks.  These related to: (i) ensuring their risk committee has the right focus, (ii) challenging the way things are done by their risk committees and (iii) making sure their risk committee members bring the right approach and mindset.

Ensuring the right focus

Risk committees have traditionally focused on a process which identifies risk, assesses them and then considers their mitigations.  The lesson from the pandemic has been the realisation that focus should be given to consequences and the impact of risk events, rather than simply concentrate on their causes.  Increasingly, high-performing risk committees are focusing on what might cause damage to a business and what could impact the achievement of its strategic objectives and business plans.  It is now evident that ensuring business resilience is a key goal, and that with risk also comes new opportunity.

Risk committee chairs also realise more focus needs to be given to emerging risks, but without being overly concerned about defining what is ‘emerging’ and what is not.  Some risks (cyber is a good example) are ever changing and it is important that the risk committee understands how these risks and threats are evolving – possibly very quickly – and avoid becoming complacent about their current mitigation plans.

Risk committees also acknowledge the need to give greater focus to low frequency but high impact risk events, ensuring their boards and organisations are well prepared for events that may be viewed to be unlikely to materialise.  The days of “it can’t happen to us…” are firmly in the past. 

Additionally, considering emerging risk throughout the value chain, taking a broader stakeholder perspective, can help boards better identify and address emerging risks.

Challenging the way things are done

In financial services, risk committees and their risk functions are generally well equipped to ensure their organisations are well prepared for regulatory and legislative changes that may be on the horizon.  Risk committee chairs say they find it more difficult identifying the much broader range of risks that might impact their business.

One firm represented at the roundtable has created a forum drawn from their business’s risk community, involving staff from different parts of the organisation and at different levels of seniority to enhance their horizon scanning capabilities.  Establishing a ‘next generation board’ can also be a productive way of introducing diverse and fresh perspectives from those less likely to be involved at the higher echelons of governance but with good insights into emerging trends and behavioural changes.  Another firm has, on occasion, undertaken ‘war games’ to simulate possible events on the basis that practice, if not always making perfect, certainly helps improve preparedness.  (Make sure your non-executives are involved though!)  

Looking across sectors can be important, and there can be good learning points for financial services risk committees by looking at corporates.  The involvement of external specialist expertise is also increasing, whether to support the risk committee in an advisory or assurance capacity, or by supporting director development and training to help risk committee members better provide effective challenge and oversight. 

Risk committee chairs point out that chief risk officers have a particularly important role (along with other heads of control functions such as chief internal auditors and chief actuaries) to review, challenge and comment on the business plan from a risk standpoint.  Separate sessions to do this, for example by holding emerging risk workshops that also involve non-executive directors, could be a good way of doing this. 

It is also evident to risk committee chairs that there needs to be better use of data and trend analysis in the oversight of risk – including in helping to identify emerging risks.

A former regulator and current  risk committee chair suggests that enhancing a firm’s research capability could usefully enhance horizon scanning – central banks do this thoroughly – but acknowledges that this may be difficult for firms, other than the largest ones, to have the resources to do.

Refreshing mindsets

A few participating risk committee chairs suggested their committee members and fellow non-executives might need to raise their game.  One suggested that their colleagues are not always inquisitive enough and that, at times, there may be an over-dependence on the committee chair to ensure there is effective engagement with the risk agenda.  They suggest that a reactive approach by risk committee members is no longer enough and they need to be involved in driving the risk agenda and the risk committee’s activities.

Risk committee members must also be prepared for an increased frequency of meetings – quarterly committee meetings are now unlikely to be enough for a risk committee of a sizable financial services firm, and ad hoc meetings may be needed at short notice.  Time will be needed for private sessions with the chief risk officer and occasional spotlight sessions (deep dives) are now looking essential.

It also makes sense for the risk committee to sit back and look at topics they have covered over the last year – specifically, how much time is spent on business-as-usual risk matters and how much is focused on emerging risks?  This will provide an opportunity to reflect on whether the risk committee gives sufficient focus to horizon scanning and emerging risks.

The roundtable concluded with a helpful reminder: that a board needs to maintain a balance and it needs to ensure that ‘risk’ does not overly dominate its agenda, and sufficient focus is given to areas such as strategy and value creation.

 

Hanif Barma is a co-founder of the Risk Coalition and partner at Board Alchemy.  The Risk Coalition’s Risk Committee Chairs Forum has been set up as a professional forum for risk committee chairs (and equivalent) to exchange views and share experiences, network and learn from each other and from outside experts.  To find out more, including about the dates of future events, see the Risk Coalition’s website.

This benchmark data referred to in this blog is based on anonymised responses collated from subscribers to the Risk Coalition’s Gap Analysis and Benchmarking Insights tool (GABI).   More information about GABI and how to subscribe is available at https://www.riskcoalition.org.uk/gabi.

Tags: Hanif Barma
Prev / Next

Blog

Featured
Sep 4, 2024
Polly Williams, Mia Harris
Three key threats of phishing to be aware of
Sep 4, 2024
Polly Williams, Mia Harris
Sep 4, 2024
Polly Williams, Mia Harris
Aug 25, 2024
Felix Ritchie
Principles versus rules in data and corporate governance
Aug 25, 2024
Felix Ritchie
Aug 25, 2024
Felix Ritchie
Jul 16, 2024
Jane Hunter, Mia Harris
How can you maintain high standards in your business without suffering burnout?
Jul 16, 2024
Jane Hunter, Mia Harris
Jul 16, 2024
Jane Hunter, Mia Harris
Jun 2, 2024
Afshan Moeed
Enforcement of individual accountability in UK banking: a new boardroom recipe for change or continuity?
Jun 2, 2024
Afshan Moeed
Jun 2, 2024
Afshan Moeed
May 28, 2024
Craig Morris, Mia Harris
Three exciting new developments for AI in 2024 that you need to know about
May 28, 2024
Craig Morris, Mia Harris
May 28, 2024
Craig Morris, Mia Harris
May 24, 2024
Stefan Hunziker
The stuff of nightmares: risk management is shut down, and nobody notices
May 24, 2024
Stefan Hunziker
May 24, 2024
Stefan Hunziker
Mar 20, 2024
Neil Tinegate
What should boards know about digital technology?
Mar 20, 2024
Neil Tinegate
Mar 20, 2024
Neil Tinegate
Mar 15, 2024
Francis Kean
The insolvency risk for company directors - are you swimming naked?
Mar 15, 2024
Francis Kean
Mar 15, 2024
Francis Kean
Feb 29, 2024
Andy Watkins-Child
Are you sitting comfortably?  Cyber risk, board attestations and the implications for NEDs
Feb 29, 2024
Andy Watkins-Child
Feb 29, 2024
Andy Watkins-Child
Oct 24, 2023
Mamun Madaser
Risk management and internal audit should collaborate to navigate the poly-crisis of risk
Oct 24, 2023
Mamun Madaser
Oct 24, 2023
Mamun Madaser
Oct 18, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 2
Oct 18, 2023
Jim Watson
Oct 18, 2023
Jim Watson
Oct 13, 2023
Nisha Sanghani
Risk management and internal controls: much (needed) work to do as a result of the proposed changes to the UK Corporate Governance Code
Oct 13, 2023
Nisha Sanghani
Oct 13, 2023
Nisha Sanghani
Oct 9, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 1
Oct 9, 2023
Jim Watson
Oct 9, 2023
Jim Watson
Sep 25, 2023
Chris Burt
The implications of the revised UK Corporate Governance Code
Sep 25, 2023
Chris Burt
Sep 25, 2023
Chris Burt
Sep 13, 2023
Andrew Cunningham
Financial regulators take aim at crypto-finance
Sep 13, 2023
Andrew Cunningham
Sep 13, 2023
Andrew Cunningham