How effective is your organization’s risk culture? It appears that some firms need to take a closer look at training, technology and the role of compensation packages.
Yet even with these obstacles, some 47% of respondents say that their programs are either moderately or very good at delivering shareholder value.
Just how much more value could these programs show if they were resourced correctly?
Tone at the top
The global survey, which received more than 500 responses, delivered some fairly sobering news for the Enterprise Risk Management discipline.
For example, nearly 80% of respondents admitted that their organization does not understand and act on their ERM objectives very well beneath senior management level.
Having a strong “tone at the top” is an essential part of a robust ERM program, but if these messages fail to filter down nothing is achieved.
Organizations need active training programs that help make employees more conscious of the compliance risks they face and ensure they are able to take business decisions in a more risk aware way.
An ERM program that just sits at board level and does not cascade down further is never going to deliver the shareholder value organizations need.
Another way to more firmly embed an Enterprise Risk Management culture is to link compensation packages for employees to the organization’s risk appetite.
This linkage was imposed by regulators on banks and other organizations as a result of the financial crisis.
Although the industry initially balked at this, many organizations now say informally that it’s proved to be a very effective way to change the way employees make decisions.
However, almost two-thirds of our respondents reported that their organizations do not link compensation to risk. In terms of getting the culture of Enterprise Risk Management to cascade down, this is surely an opportunity missed.
A third way to support Enterprise Risk Management frameworks in organizations is with a good technology platform.
ERM technology solutions enable organizations to aggregate risk information much more quickly and easily, whereas manual manipulation of spreadsheets wastes time and resources that could be better spent on the kind of analysis that delivers strategic insights.
Yet 58% of respondents reported that their ERM programs are not supported by a technology platform.
These organizations are fundamentally hindered in any quest to drive increased shareholder value from their ERM program by this lack of support.
The bedrock of any good ERM program is the feedback loop from the organization about the way in which risk is being managed — and getting an accurate, timely picture of this by using manual methods for reporting is very difficult.
Enterprise Risk Manager can help your organization drive more shareholder value from its ERM program.
Enterprise Risk Manager enables organizations to establish a framework for risk based on their risk appetite. The solution captures information such as incidents, indicators, assessment responses and scenario analysis data.
It provides risk managers with the insight to analyze risk through the lenses of their organization’s various structures and reporting lines — using a powerful search capability — so that both the cause and effect of “a risk” can be fully understood.
Enterprise Risk Manager, with its dynamic user interface, also empowers executives to actively manage risks across the business, track the tasks others are expected to perform and report their status to key stakeholders.
The information contained in the solution can be linked to key deliverables in an organization’s risk appetite framework, enabling a holistic approach to measuring and managing risk.