WILSON's View on Risk Management

ERM is powerful when designed as a performance-focused activity. It's not an audit, nor a compliance process. ERM manages the barriers that prevent organizations from achieving their objectives.

Author:
Richard Wilson develops Performance Risk Management capabilities for complex organizations. He has helped the largest companies in North America manage the barriers to their desired performance.

richard.m.wilson@ca.pwc.com | (416) 941-8374

Sunday, April 25, 2010

Risk Appetite - more than just a concept

I recently met with a senior management team to establish a risk appetite statement.  It was the first time they had been through this type of exercise.  I drafted a proposed statement in advance that in 2 sentences described how much risk the company should typically take on in any transaction.  Once confirmed by management, this simple statement could be communicated to everyone in the company as another way of to heighten consistency of risk taking.

For example your a risk appetite statement for a bank could state that every transaction in the bank must follow standard procedures governed by internal controls to ensure the risk is minimized and to protect shareholder value.  Whereas a more risk-oriented company might state that to ensure aggressive growth in new markets risk-informed decisions will guide decision making to maximize return to shareholders.

At the beginning of our meeting the exercise was met with some skepticism - it felt too academic for some.  But when I asked each participant to state what the company's risk appetite on a scale of 1-5 (1 being highly risk adverse and 5 being risk accepting), their answers ranged from 1 to 4.  A 2 hour discussion followed where a great deal of consensus was created around how the company considers and manages risk.  in the end the skeptics became the greatest supporters of the process as it aligned a myriad of opposing opinions about the company's approach to risk.

In short, if management isn't aligned on how much risk to adopt and how to manage it, then the same will follow for front line management as well.  As one participant stated, "If we aren't in agreement about managing risk can you imagine how confused our employees will be?"

The simple act of drafting a risk appetite statement can be very effective in aligning everyone in the company to manage risk in a consistent manner.  Later it can tactically translate into specific risk tolerances for each area of risk.  It's simple and very effective.

[Rich]
richard.m.wilson@ca.pwc.com




Posted by
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

About The Author

My photo
Richard is a Director in PwC's Risk Advisory practice with clients in both Canada and the United States.

He is an experienced senior executive with 15 years in a CEO or COO role (publically traded and private firms). Richard has been leading risk management implementations for more than a decade incl. 60 C-level risk assessments, and has led online risk assessments for 30,000 people in 25 countries.

He has advised the largest company in the US on risk management, and he has facilitated a risk assessment for the United Nations. Richard has been published in Compliance Week, Canadian Business, and the Globe & Mail and has been a keynote speaker on the topic of risk at many conferences in both Canada and the US since 2004.