This Tuesday, May 14, marks the second annual World Risk Day—a global forum for those in the industry to discuss trends, challenges and best practices in risk management. One of the many speakers lined up for the event is Michael Lopez, senior associate at Booz Allen Hamilton. To get his take on the role of the modern risk manager, we asked him a few questions.
Risk Management Monitor: Has the idea of the role of risk manager been lost? How so?
Michael Lopez: I don’t think so at all. If anything, I think we’re seeing a new appreciation for the profession. Historically focused in insurance and finance, risk is taking on a broader definition, from homeland security to business operations to social issues. If anything, we might be seeing the scope increase too broadly and thus we’ve got some confusion about what a risk manager is and what they do.
In a general sense, we’re all risk managers. We are all constantly evaluating risk and making decisions as a result. Most of us don’t even know we’re doing it. Because of that, some business or organizational leaders don’t think they need a risk manager because they do it themselves. Alternatively, some leaders outsource the role all together. Reality, of course, is always somewhere in between. With enough training and confidence, risk managers can exploit this ambiguity by creating their own role and demonstrating value in ways that are unique to, and appreciated by, the organization. Personally, I’ve never wanted a job that is too strictly defined. I believe the expansion of risk-related roles is opening up new opportunities in a very positive way.
RMM: Why is the role of a risk manager unique?
ML: What I personally like about risk is the intersection between the quantitative and the qualitative. Risk is an art and a science and I believe the truly great risk managers have both. I’ve seen many solid, quantitatively-oriented risk managers that are critical to a business or an organization. I’ve also seen risk managers that are charming and able to tailor communication in very influential ways. But I would say that those risk managers that rise to even greater levels of influence and impact in an organization are the ones that combine a quantitative orientation with an appreciation for the soft skill required to proliferate risk in an organization. Monte Carlo simulations, for example, can be a valuable decision making tool, but if senior management doesn’t know how to use it, it’s meaningless. Likewise, a persuasive communication style is valuable, but if you’re not able to interpret risk data, you’re little more than an interesting conversation partner. There’s a balance between these skills that I believe makes a risk manager truly unique.
RMM: What is the one key attribute of a great risk manager?
ML: Without question—perseverance. Risk management can be a challenging profession. It’s not for those that take failure personally or get discouraged easily. It requires a thick skin. It requires courage to sometimes tell a senior leader what they don’t want to hear. At some point, this role will require you to make a call; to get out from behind the data, from underneath the analysis, and make a decision. A great risk manager has the ability to overcome resistance and not let failure reduce their enthusiasm for continuing to push the program or project forward.
RMM: Have you seen the risk manager’s role move from strictly analytics to a more strategic thinking role?
ML: I think the expansion of the role presents both opportunities for future risk managers but also presents some challenges. With the expansion and variety of opinion on the value of risk, I believe we’re witnessing a challenge with the risk managers themselves. I’ve noticed many strong, junior risk managers question the overall direction of the profession. They often ask, “Can I ever be more than just a risk manager?” The answer of course should be yes. Unfortunately, we’ve either stereotyped the risk manager one level up the back office, green-eye shade role, or communicated an artificial ceiling between risk managers and more senior level roles.
I do believe that the chief risk officer position has helped with this to some degree, but I think we as leaders in the profession, need to do better at helping younger risk managers see the potential and the future possibilities. We need to let them know that being analytical is the price of entry of the profession, but leadership positions require that they bring this blend of art and science to the organization. I’ve often said that risk is the ultimate back stage pass in an organization. As the risk manager, I should be able to peek into any aspect of an organization or business. But the narrow focus of the historical role doesn’t really empower the modern risk manager to strive for greater.
RMM: Are the traits that make a successful risk manager and successful leader vastly different?
ML: They are, in fact, quite similar. As noted in a paper I authored two years ago, there are several characteristics of successful risk managers that are also traits of strong leaders: Flexibility, influence, communication and perseverance. These are all required of leaders and required in spades of risk managers. There are several outstanding studies on leadership, and while it’s easy to find any number of perspectives that support or refute the overlap of risk manager and leader qualities, I like to think of it as the most basic level.
Leadership, in my opinion, can be defined by answering the following question: Do people follow you? People follow you because they comprehend and believe in shared ideals, goals, values or purposes that you communicate. In order to be a successful risk manager, you must get people to follow you. Plain and simple. They must believe risk has value. They must see that value. And they must proliferate that view throughout the organization.
(To register for Michael Lopez’s session during World Risk Day, click here)