Establishing clear oversight arrangements over ESG matters is not purely a matter of good governance and corporate hygiene, according to Alex Hindson. Rather, he explains that it is an enabler of better decision making by ensuring ESG is integrated into an organisation’s existing decision-making frameworks. A key question, therefore, is whether to establish a new, stand-alone committee at board-level to oversee ESG matters, or to work through the existing committee structures.
Read More
Is risk management redundant?
To what extent does conventional risk management really help line and project managers to make better decisions? Marinus de Pooter questions whether risk management, as we know it today, really is a tool for achieving your goals under uncertainty, and he challenges conventional wisdom that decision makers always need to undertake ‘risk management’ as a separate activity.
Read More
Enterprising your risk management
A rounded, holistic view of enterprise risk is necessary to help you compare and contrast different risk responses, as well as often making it easier to address complexities, argues Lebogang Mothopi. He says that ERM does this by prioritising and evaluating risks as part of an interdependent portfolio, rather than considering risk in an individual silo. Accordingly, he advocates the use of ISO31000 standard as reference to give the organisation a shared risk vocabulary and common processes.
Read More
Striking the right balance for aspiring FinTech and PayTech firms
These are interesting times from a risk management perspective for regulated FinTech and PayTech firms. Kevin Still argues that the conduct risk frameworks and compliance programmes that are required may seem disproportionate for a small entity but says that the downstream rewards are likely to warrant the necessary investment in building financial and operational resilience.
Read More
Risk in Focus - what's on the risk radar?
Organisations and their internal audit functions face a dizzying pace of change and unprecedented uncertainty. The pandemic has destabilised operations and labour, disrupted supply and demand, and undermined previously sound business models to an extent few would have thought possible. Sophie Malleson outlines some key findings of the Chartered Institute of Internal Auditors’ latest research. These are set out in detail in Risk in Focus 2022 which demonstrates how the risk landscape has been affected by the coronavirus pandemic.
Read More
Vulnerable customers receive poor outcomes
The recent guidance from the Financial Conduct Authority on the fair treatment of vulnerable customers is wide ranging in its scope and, therefore, in the resulting additional risks financial services firms may face. Frank Brown explains the important role that a second line risk function should play in relation to vulnerable customers, particularly given the possible impact on a wide range of risk categories resulting from the breadth of expectation from the regulators.
Read More
Climate change: are you ready for the inevitable regulation?
In the face of increasing regulatory focus and attention, climate-related issues now dominate board agendas. This regulation comes from different sources, creating challenges for boards, companies and their advisers simply to keep abreast of latest developments. Richard Cooper looks at this change from a different perspective and considers what we might expect in terms of oncoming climate change-related regulation and how advisers should prepare for it.
Emerging sustainability regulation, the neglected risk?
The Risk Officer Sustainability Forum (ROSF) roundtable recently debated the risks and challenges posed by emerging sustainability regulation and how to manage these. These challenges emerge from the increasing complexity of complying with the volume of regulation which comes from both international and domestic sources, not all of which is currently aligned. Alex Duncan sets out the key themes and messages arising from the discussion.
Read More
Gas debacle – a failure of prudential risk management?
Just as UK regulators consider new financial resilience rules, further corporate failures, this time in the critical energy sector, offer some early lessons in how patchy governance, and insufficient focus on geopolitical risk with its complex links to ESG, can undermine financial viability. Geopolitics, and the ways in which it can make ESG decisions more complicated, will bear on different firms in different ways. Derek Leatherdale explains that regardless of firm or industry sector, applying key organisational principles can help boards and risk functions approach what is undoubtedly a complex area.
Read More
Judgment and risk
Drawing on his work on the analysis of judgment, Sir Andrew Likierman explains that risk awareness is especially important in understanding the personal biases that are involved in choices. He adds that it also features in the preliminaries to a choice, in assessing the trust that can be placed in people and information and how far past experience will be relevant to the current choice. Accordingly, he contends that good judgment is underpinned by the ability to manage risk.
Read More
Post Covid-19, what does a robust employee risk assessment encompass?
Covid-19 has heightened the need for a far more holistic and strategic view of employee risk management. Jenny Simnett points out the importance of now including hybrid working and remote management arrangements. She adds that, as a result, many nomination committees now encompass aspects of people and culture such as talent management, succession and diversity in their workplans.
Read More
What’s going to keep you up tomorrow night?
When thinking about risk, we often focus on immediate issues rather than longer-term, emerging risks. Drawing on the discussion at the recent webinar held to mark the partnership between the Centre for Governance, Risk and Regulation at the London Institute of Banking and Finance and the Risk Coalition, Hanif Barma explains that it is worth revisiting and reviewing existing risks as today’s uncertain environment means that these may now crystallise at more rapidly, or the impact and exposures of these risks may no longer be what we originally thought them to be.
Read More
Why do so many risk events come as a complete surprise?
There are many different reasons risks get missed. Some are simply misunderstood and under-estimated, and some are totally unexpected. Some are the result of deferred decisions and procrastination, and others are the result of board distraction and inattentiveness. Ultimately, according to Garry Honey, predicting the future is a fool’s game as there are only two possible outcomes: lucky or wrong.
Read More
How to sustainably risk manage the sustainability agenda within financial services
The Risk Officer Sustainability Forum (ROSF) has been established to bring together risk and sustainability leaders from across small and medium-sized financial institutions and discuss how they are managing the challenges of managing rapidly developing sustainability risks. At the first roundtable held on 9 June 2021, a group of 15 leaders debated the pros and cons of the different approaches to tackling the question of what a suitable the target operating model could be. In this blog Alex Hindson summarises the discussion, setting out the pros and cons of each model.
Read More
What makes a successful 'regulated leader'?
Drawing on his extensive research, Gary Storer considers the key differentiating behaviours, thinking and drivers of successful leaders in regulated organisations. He identifies three key areas - personal, relational and organisational - in which successful leaders particularly stand out.
Read More
Internal audit - a view from the board
Tim Le Mare argues that the ‘three lines model’ provides a good basis to frame the discussion regarding the board’s assurance needs. He explains that the recent revisions to the model, with an increased focus on collaboration, speaks to the importance of ensuring assurance providers have clear lines of sight and effective working relationships - and he adds that Internal Audit should have a strong voice in shaping the assurance agenda and closing the gap between board level expectations and current practice.
Read More
Operational resilience and the need for effective governance
John Allan explains that the benefits of having clear organisational direction, transparency over roles and responsibilities and better co-ordination across teams are evident, as these lead to better resilience outcomes. This is also reinforced by the regulators who have clear expectations of the board and senior management. He draws on the Investment Association’s recent report, Effective Governance of Operational Resilience, and considers some of the key governance arrangements that should be applied.
Read More
Mind the Gap: cyber security risk in the new normal
In its recent research, the Chartered IIA sought to understand what organisations are doing to manage and mitigate cyber security risk, and what they are doing to promote a cyber security aware culture. Kristina Grinkina explains that the research findings highlight a concerning gap. She explains that, with organisations considering a hybrid way of working beyond the pandemic, a combination of technology and awareness to mitigate human error will be the most effective defence in the new normal.
Read More
Resilience and the impact of leadership
In Control Risks’ recently published ‘2020 Global Resilience Survey’, they highlight some important trends in relation to how global business has been practically implementing their resilience programmes. Their survey highlights that effective leadership is one of the most important resilience principles and, particularly, having a dedicated crisis or continuity leadership really seems to have made a positive outcome when faced with the impact of Covid-19. Andy Cox outlines the survey’s key findings.
Read More
The case for standalone risk committees
Bryan Foss says that evidence suggests that boards rarely put in place a separate risk committee where this is not required by the regulators - but argues that this is starting to change. Issues such as ESG concerns, digital technology transformations, cyber risks and other non-financial drivers are coming to the fore. These and other factors, he concludes, mean standalone board risk committees are likely to become commonplace.
Read More