Tag Archives: strategic risk management

Immediate Vault Immediate Access

4 Steps to Help Organizations Embrace Risk from Emerging Technology

Posted on by

As companies continue to navigate the changing work environment brought on by the pandemic, it has become clear that business leaders will need to get comfortable revising and adapting their strategies to deal with disruption brought on from new technologies and new regulation. As risk management professionals, these rapid changes have made our job more important than ever to our organizations.

online pharmacy sildalis with best prices today in the USA

Yet the majority of our organizations—particularly in C-suites—remain far from giving risk management experts the seat at the table they need to effectively safeguard against enterprise threats, digital or otherwise.

Data from PwC’s Global Risk Survey 2022 shows that executives are starting to recognize these risks: 79% of executives report that they view the breakneck speed of digital transformation as a significant risk management challenge. Moreover, this renewed focus is translating into increased funding, as 65% of organizations are increasing their spending on risk management technology and 56% said they planned to invest in risk culture and behavioral risk in 2022.

online pharmacy mobic with best prices today in the USA

Unfortunately, the survey also found that too many organizations are treating the risk function as an add-on or incorporating risk leaders into strategic conversations too late. Only 39% of business leaders reported adding risk professionals to decision-making processes early, which should be an essential step for executives seeking to minimize risk from the outset. On a broader scale, executives seemed to lack confidence in risk managers, with only 47% of respondents saying they feel “very confident” in their risk function’s ability to build a more risk-aware culture, a key element of any successful risk-focused company.

Particularly as companies invest in emerging technologies, business leaders need to listen more to their risk and compliance functions and integrate them into conversations about how those technologies will be implemented. Artificial intelligence is a great example: when companies rush to implement systems to accelerate efficiency and analyze trends, they risk creating disproportionate bias and violating personal privacy through data sourcing. Risk professionals need to be at the table from beginning to end to make sure that an evolving regulatory environment and other pitfalls are fully accounted for in the organization’s implementation process.

While investment in risk management technology is helpful, it is insufficient without making structural changes to the organization to prioritize the risk function company-wide. Particularly as companies consider adopting emerging technologies, the following steps should be considered not just by risk management professionals, but across the C-suite:

  1. Identify, categorize, and prioritize technology risks across the company. This should be done on a regular basis by a dedicated risk management team, married with the best tools available, with findings routinely reported back to senior leaders. Companies are on the right track here: 65% plan to increase their technology spend this year across data analytics and process automation to support detection and monitoring of risks. This initial step will lay the framework for the establishment of cyber threat intelligence, systems monitoring, and incident response protocols.
  2. Adapt IT governance to the emerging technologies being adopted. Risk professionals should work with IT teams and company leadership to create governance structures that integrate seamlessly with corporate strategy, allowing for alignment of day-to-day operations, effective decision-making, a framework for best practices, and promotion of investments that enhance business objectives.
  3. Update leadership often on the emerging tech regulatory landscape. Whether across data privacy rules, cyber reporting requirements, or other complex technology challenges, a robust compliance program should keep leaders across the company updated as new technologies are implemented. Otherwise, companies risk run-ins with legal authorities and the erosion of trust from their clients and customers.
    online pharmacy cymbalta with best prices today in the USA

  4. Set expectations with leadership that not all risks are one and the same. Understanding the context around each piece of technology will become imperative to understanding its specific risks and the appropriate response strategy, including the maturity and complexity of the business processes to determine true risk to the company. Inherent in this case-by-case evaluation is an understanding of the company’s risk appetite and criteria for acceptable level of risk.

When adopted purposefully, emerging technologies can make companies more efficient, more profitable, and better stewards for their employees, clients and communities. Risk is often unavoidable for early adopters of emerging technologies, but it can be mitigated if C-suites equip their risk functions with a holistic strategy and a voice in key business decisions. As C-suites and organizations seek to adapt to a changing world, their success will hinge on the extent to which risk management is incorporated into their strategies.

Automating Risk Functions for Greater Value Creation

Posted on by

Despite recent volatility, more than 60% of risk executives surveyed in a recent PwC US Pulse Survey were optimistic about the global economy, as well as the state of the pandemic recovery. This optimism could stem from a greater alignment between risk functions and the business. Fifty percent of risk management executives reported interacting more with the C-suite, and 42% said they interact more with the board level. Nearly half of respondents said that risk functions and capabilities are now embedded in the business operations that are driving transformations.

Risk functions were once considered tactical and reactive, and often seen as a roadblock to business decisions. Infusing risk management into corporate planning allows an organization to think about compliance responsibilities in a proactive and strategic manner—moving risk and regulatory functions from a back-office cost to a competitive advantage. Staying ahead of uncertainties while also bolstering planning with data helps make companies stronger and more resilient.

Many companies spent the last decade overspending on risk management as they attempted to keep up with compliance and regulatory shifts, frequently lagging behind changes in policy. They often invested heavily in new technologies and data collection, but failed to create efficiencies by integrating those systems across largely siloed business functions. The swift onset of the pandemic made many organizations come to terms with the reality that an entire organization didn’t need to be reimagined in order to implement technological transformations, and that there was still a disconnect between many of the piecemeal systems that had been previously put in place.

Now, executives are increasingly seeing the value of risk management as a strategic advantage. It allows companies to grow in areas with less mature risk management functions, like taking on higher risk clients or entering new geographies. More intelligent monitoring also allows for increased efficiencies and reduced compliance costs.

Integrating AI and automation into the investments that have already been made can help streamline the risk management and compliance processes. Many companies still have room for improvement; only 25% of risk professionals said they were implementing new risk management technologies in 2021 and only 19% said it was a priority to integrate risk management tools onto a single platform.

By automating and enhancing risk management functions, organizations can:

  • Strategize for entering new markets. Make more informed decisions about entering a new market by taking into consideration a shifting regulatory environment and increasingly complex supply chains. Taking on high risk customers relies on analytics and transaction monitoring systems in order to identify potential suspicious activity.
  • Increase speed to respond. Automation and technology-led monitoring of policy and negative news helps position companies to respond more quickly to regulatory bodies and head off negative events before they go viral.
  • Allocate costs efficiently. No longer duplicate costs by operating the departments of your business in a siloed fashion. Leverage case management and workflow systems to aggregate control failures or suspicious activity by customer or focal entity, allowing you to evaluate the root cause and apply analysis across multiple control failures.
  • Enter new business partnerships more confidently. Know the risks of a potential business partnership and get deeper insights into the impact a business partner or vendor’s supply chain could have on your business. Vendor risk management and contract analytics technologies can monitor whether business partners are adhering to their terms and conditions.
  • Reduce the impact of new requirements.  Identify the blind spots and shed light on the potential risks within your enterprise system so you can quickly take action early in the process, allowing your organization to avoid fines when implementing new regulatory requirements.

Regulators and other stakeholders are increasingly calling for the organization of risk management functions under one cohesive point of view. By fixing the disconnects and setting a collaborative tone, you give senior executives more cohesive insights and allow them to adopt more extensive views on the organization’s risk profile.

The Case for Strategic Risk Management

Posted on by

At last week’s RIMS 2019 in Boston, a group of risk professionals got together for the panel session “NextGen ERM: Strategic Risk Management” to discuss the advantages of strategic risk management (SRM) and the challenges to successfully integrating it into organizations.

buy reglan online medilaw.com/wp-content/uploads/2015/03/jpg/reglan.html no prescription pharmacy

The panel examined several major organizations that have taken shortcuts with training or even rushed to out-duel a competitor, failing to consider the long-term impact on strategy, reputation and market-share. Blockbuster, Kodak and Sears failed to innovate, and these once-thriving name brands are now prime examples of SRM’s benefits.

“Blackberry is one such company, but there are countless examples of organizations that have overlooked the long-term strategic impact of their actions,” said Marian Cope, owner of CopeRisk LLC.

Despite recent corporate missteps tied to failures in long-term strategic analysis, as recently discussed in Risk Management, risk professionals still face resistance to their SRM initiatives. “Demonstrating the value of SRM has to be a priority for risk professionals if they hope to gain buy-in from leadership,” said Rick Roberts, director of risk management and employee benefits at Ensign-Bickford Industries and a former RIMS president.

One of the value propositions of SRM—and an easy one for leadership to support—is the focus on taking advantage of risks that can accelerate the achievement of strategic objectives. “Artificial intelligence is an example of a disruptive technology that is impacting many industries. But, if your organization is aware of it, understands its usefulness and has developed a plan for it, it can give you a competitive edge,” said Marian Cope, owner of CopeRisk LLC.

But the case for an SRM initiative should not just be made with cautionary tales of organizations that did not use SRM. “Don’t just share failures, it’s also important to share SRM successes,” said Ellen Dunkin, senior vice president, general counsel and chief risk officer at Amalgamated Life Insurance Co. “Even Amazon and their business model that gives consumers almost instant access to their purchases has adjusted its strategy and started to open brick-and-mortar shops.”

According to the panel, the risk professional should ideally be involved in strategic planning from the get-go. “Some organizations have a chief risk officer that participates in the preparation as well as the strategic planning and decision-making discussions. Unfortunately, that’s not the norm,” Cope said.

The panel identified the next-best option for risk professionals, which is to work from the strategic objectives established by the organization. From there, they need to analyze the business model, identify, assess, and prioritize the risks that can derail or accelerate achieving the strategic objectives, facilitate the development of appropriate risk responses, and then align such objectives, risks, and risk responses with operations.

An effective SRM program will incorporate plans for a risk strategy, communications strategy, implementation, and training with the goal of integrating strategic risk management into decision-making processes. “The risk professional is going to require support from others in the organization too.

buy cymbalta online medilaw.com/wp-content/uploads/2015/03/jpg/cymbalta.html no prescription pharmacy

They’re going to need risk champions to vouch for them, as well as a final presentation that includes achievable and measurable deliverables that demonstrate the value of the process,” Roberts said.

SRM can be a stand-alone program or a component of ERM. Regardless, the panel noted that SRM is vital to the long-term success of organizations as alignment of strategy and operations results in the identification of opportunities to accelerate achievement of strategic objectives and prevents operational blunders that will trigger strategic risks (e.g., substantial reputational harm). Accordingly, SRM as a stand-alone program allows risk professionals to add more value while streamlining the process.

“SRM is the next generation of ERM and identifies external and strategic risks as opposed to the more granular view for ERM. It allows the team to bring the top 10 key risks to leadership, with a focus on the top two to three as opposed to overwhelming them with the full risk register that could include 100,” said Ellen Shew Holland, higher education practice leader for Hanover Stone Partners LLC and president of Strategic Risk Frameworks LLC.

Ultimately, the group agreed, SRM will help fully integrate risk management programs into an organization’s business model and the value should be evident in each positive step the business takes toward achieving its strategic objectives.

buy xifaxan online medilaw.com/wp-content/uploads/2015/03/jpg/xifaxan.html no prescription pharmacy

How a Strong(er) SRM Program Could Have Helped Boeing

Posted on by

A strategic risk management (SRM) program is designed to assist organizations in identifying, prioritizing, and planning for the strategic risks that could impair or destroy businesses and reduces the chances of these kinds of crises. And while hindsight is 20-20, an SRM program – or a more effective one – could have helped Boeing avoid some of its recent high-profile crises.

Between October 2018 and March 2019, two crashes involving the Boeing 300 737 MAX 8 models resulted in the loss of 346 lives. Since then, Boeing has:

  • had a possible criminal investigation commenced against it,
  • lost $22 billion in market value in the week following the Ethiopian Airlines’ crash in October,
  • had more than 300 737 MAX 8s grounded worldwide,
  • sustained significant reputational harm,
  • received demands from airlines seeking compensation for lost revenue,
  • been sued by crash victims’ families, and
  • had sales orders cancelled or suspended.

This is a crisis from which it may be difficult to recover.

One could trace back some of the risks to its decades-long rivalry with Airbus and an effort to remain viable.

buy zetia online www.tvaxbiomedical.com/scripts/css/zetia.html no prescription pharmacy

When American Airlines indicated it was close to finalizing an exclusive deal with Airbus for hundreds of new jets, Boeing sprung to action. The New York Times reported that Boeing employees then had to move at “roughly double the normal pace” to avoid losing “billions in lost sales and potentially thousands of jobs.”

An SRM program would have required an assessment of the business model and the associated risks, including competitors, long before the call from the CEO of American Airlines. The risks would have been prioritized and this information would have been factored into strategic plans that would have included responses to material risks.

During the scramble, Boeing mirrored Airbus’ operations and mounted larger engines in existing models.

buy arava online www.tvaxbiomedical.com/scripts/css/arava.html no prescription pharmacy

 The objective seemed straightforward: Make minimum changes to avoid the need for training in a simulator, decrease costs, and build the redesigned model quickly. But a risk was that mounting larger engines changed the aerodynamics in the aircraft, requiring a consequential need for new software, a Maneuvering Characteristics Augmentation System (MCAS) which was supposed to prevent stalling. Boeing’s view was that pilots did not need to be trained on the software and federal regulators agreed.

However, in an effective SRM program the C-Suite would have been advised that the strategic and life safety risks were material and that training for pilots was indeed necessary.  In addition, all such risks would have been assessed to determine whether they could be used to obtain a competitive advantage.

For example, including vital safety features in the base cost of aircraft (as opposed to charging extra for them) and requiring a focus group of pilots with no financial relationship with Boeing to test the newly designed 737 MAX 8s and the MCAS system would have been a way to solidify Boeing’s reputation for safety first.

An SRM program, which monitors progress in achieving strategic objectives with a focus on continuous improvement, would have looked at the Indonesian Lion Air and the Ethiopian Airlines crashes as an opportunity to confirm that Boeing puts safety first by grounding the aircraft. Instead, Boeing urged the U.S. to keep flying its jets until after 42 regulators in other countries had grounded them and appeared to care more about economics than life safety. Only seven months ago, Boeing was synonymous with efficient jet planes and commercial aviation – it was a reputation that took decades to build. Now, the company has a long, uphill climb to resolve its many challenges and rebuild its brand.

buy zantac online www.tvaxbiomedical.com/scripts/css/zantac.html no prescription pharmacy

An SRM program cannot succeed without full support from the C-Suite as it has to be integrated into the business model and decision-making processes in order to be effective, and in time we will learn more about what risk management protocols were followed across Boeing’s organization.

At RIMS 2019, Marian Cope will lead a panel of industry experts in discussing reasons to transform an ERM program into a SRM program or develop a SRM program in NextGen ERM:  Strategic Risk Management. The session will take place April 29th at 1:30 pm.