Chicago risk reimagined

Click here to load reader

  • date post

    10-Feb-2017
  • Category

    Business

  • view

    12
  • download

    0

Embed Size (px)

Transcript of Chicago risk reimagined

Slide 1

A Conversation about the Effective Management of Risk

Risk Reimagined!

Risk Reimagined!Welcome and introductions

Risk Reimagined!Introductions from:Brian Link ResolverHussain Hasan RSM USPrincipal speakers:Richard AndersonNorman Marks

Risk Reimagined!What are risk and risk management?

Risk Reimagined!Achieving objectives depends on...Avoiding unnecessary problemsCreating the right performance cultureSetting appropriate corporate ethics and behavioursTaking more managed risk

Risk Reimagined!

Corporate Governance - Stretched to Breaking Point?17 April, 2016Strictly Private and Confidential5

Achieving objectives depends on... risk of taking on too much risk which becomes unmanageableAvoiding unnecessary problems risk of avoiding everything, resulting in total inaction risk of over-stretch resulting in burn-outCreating the right performance cultureSetting appropriate corporate ethics and behaviours risk of sclerosis as every stakeholder of every decision is consultedTaking more managed risk

Risk Reimagined!

Corporate Governance - Stretched to Breaking Point?17 April, 2016Strictly Private and Confidential6

Long Term PerformanceLowHighLowHigh(i) Managed Risk Taking or (ii) Avoiding Pitfalls or (iii) Performance Culture or (iv) Corporate Ethics and BehavioursAttribute:

And doing the right amount of each

Risk Reimagined!

Corporate Governance - Stretched to Breaking Point?17 April, 2016Strictly Private and Confidential7

Zone 3Dead Zone

Zone 1Dead Zone

Zone 2PerformanceZone

Long Term PerformanceLowHighLowHigh(i) Managed Risk Taking or (ii) Avoiding Pitfalls or (iii) Performance Culture or (iv) Corporate Ethics and BehavioursAttribute:

And doing the right amount of each

Risk Reimagined!

Corporate Governance - Stretched to Breaking Point?17 April, 2016Strictly Private and Confidential8

Balanced Risk

PerformanceCultureCorporateEthics

AvoidingPitfalls

More ManagedRisk

PerformanceZone

DeadZones

Risk Reimagined!Enron? Or the Big Banks?

PerformanceCultureCorporateEthics

AvoidingPitfalls

More ManagedRisk

PerformanceZone

DeadZones

Risk Reimagined!UK plc?

PerformanceCultureCorporateEthics

AvoidingPitfalls

More ManagedRisk

PerformanceZone

DeadZones

Risk Reimagined!The objective

PerformanceCultureCorporateEthics

AvoidingPitfalls

More ManagedRisk

PerformanceZone

DeadZones

Risk Reimagined!Relating this back to the balanced risk model

Risk Reimagined!The bottom line

Risk Management should be the disruptive intelligence that pierces perfect-place arrogance

Risk Reimagined!Why do risk programs fail?

Risk Reimagined!The importance of people

Risk Reimagined!Regulators are getting excited by cultureRegulatorYearNo of PagesCultureRisk CultureNAO2011184NilDepartment of Justice2011436NilFRC20142820NilFSB201414100+73

Risk Reimagined!Its all about peopleAny organization is an assembly of people: people who take risk as they manage and direct the enterprise; decide how much risk is acceptable or even desirable; and provide oversight of the management of risk across the extended enterprise.

Risk Reimagined!Its all about peopleCulture is how organizations do things Robbie Katanga

Organizational culture is the sum of values and rituals which serve as glue to integrate the members of the organization Richard Perrin

Risk Reimagined!Culture eats strategy for breakfast Peter Drucker

Risk Reimagined!Polling Question 1Has the risk culture in your organisation been reviewed internally or by consultants?Yes, it is reviewed on a regular basisYes, onceWe are thinking about itIt would never flyIt is not possible

Risk Reimagined!

Is there a single culture?

Risk Reimagined!

Is there such a thing as a single risk level?

Risk Reimagined!Compliance areaLevel of riskBribery and corruption 50Environmental regulations 20Financial reporting 30Export/import regulations 20Product safety 30TOTAL150???

Is there such a thing as a single risk level?

Risk Reimagined!

Why do so many of us take different views of exactly the same risks? How does an organization decide which view is right?

Risk Reimagined!Why do people matter?Human nature is Individualist or collectivistWhat do you believe ?I or C? Which do you think?

Risk Reimagined!Why do people matter?Human nature is Individualist or collectivistWhat do you believe ?I or C? Which do you think?The way we live superiors tell inferiors or equals negotiate the rulesPrescribed/In-equal versus Prescribing/EqualTell or Negotiate? T or N? Which way does it work?

Risk Reimagined!And cultural theory...

FatalistIndividualistEgalitarianHierarchistICTellNegotiate

Risk Reimagined!What is the difference between the risk culture and the organisational culture? How can it be analysed?

Risk Reimagined!IRM Risk Culture FrameworkIRMs risk culture framework looks at component parts making up an organisations risk cultureHow will I react?How will I respond in recognition of other competing needs?What will I do?What will we do?Our overall risk cultureRisk CultureOrganisational CultureBehavioursPersonal EthicsPersonal Predisposition to Risk

Risk Reimagined!Risk culture aspects modelRisk CultureTone at the TopRisk LeadershipDealing with Bad NewsGovernanceAccountabilityTransparencyDecisionsRisk Informed DecisionsRewardCompetencyRisk ResourcesRisk Skills

Risk Reimagined!Thinking about risk is managedRisk informed decisionDeals with risk systemicallyThroughout the organisationWith partnersNimble with new issuesCan leverage risksTakes more, better-managed risksGets hit by few surprisesLives by established principlesExpects excellent performanceTop-level buy-in to risk managementLinks risk management to strategic and operational managementAims for simplicity and action, not bureaucracyConstantly conscious of risk management performance

Risk Reimagined!Holding a mirror up...

Risk Reimagined!Holding a mirror up...

Risk Reimagined!Holding a mirror up...Regular findingsNon-execs normally refuse to take part.Exec directors are ALWAYS more optimistic about their risk management maturity than the rest of the workforce.Risk managers, heads of internal audit etc ALWAYS know when they are using smoke and mirrors to report up the line.Few others even care...

Risk Reimagined!Assessing the Risk CultureDesk TopResearchSurveysInterviews

Risk Reimagined!Assessing the Risk CultureDesk TopResearchSurveysInterviewsConversations in Risk

Risk Reimagined!Conversations in risk managementMeCEOEE PartnersSuppliersClientsIP ownerBack Office

Risk Reimagined!Production and Projects

Risk Reimagined!Sustainability and HSE

Risk Reimagined!Risk v Organisational CultureCulture:The culture of the organisation is built from the behaviours, beliefs, attitudes, activities and ethical responses of the individuals in the organisation and determines how those individuals will respond to issues in the here-and-now. It is influenced by the tone from the top, incentives and the social & regulatory environment.

Risk Culture:The risk culture of the organisation is about how individuals tackle the complexity of the multiple futures that face them in dealing with issues today. It is about tomorrow rather than the here-and-now. It is what gives an organisation the resilience to tackle difficult decisions today while having an eye on the impact tomorrow.

Risk Reimagined!And where they clashIssues which any board should want to know about:Values: Significant deviations from the boards values.Silos: Especially where an organisation is facing complexity in its dealings internally or externally. Layering: Layered management reporting prevents new issues being spotted on a timely basis.Short-termism: Extrapolation from past behaviours is not necessarily good enough for dealing with new futures.Control v Risk: Control (or risk control) management instead of risk management.Obstruction: Individually obstructive nodes can be very dangerous.Black holes: Sometimes it is difficult to discern any volume of conversations about risks.

Risk Reimagined!Balanced Risk revisited

PerformanceCultureCorporateEthics

AvoidingPitfalls

More ManagedRisk

PerformanceZone

DeadZones

Risk Reimagined!Balanced Risk revisited

PerformanceCultureCorporateEthics

Here-and-Now

Tomorrow

PerformanceZone

DeadZones

Risk Reimagined!Leadership in complex systemsRelationships & behaviours

Draw on widely diverse perspectives

Adopt open enquiring mind set

Go out of your way to make connections

Tasks& ideasBe ClearBe CuriousBe Courageous

Invest in promoting values

Establish compelling vision

Embrace uncertainty

Distribute leadership & decisions

Risk Reimagined!Risk appetite and tolerance

Risk Reimagined!Risk appetite: the amount and type ofrisk that an organisation is willing to take in order to meet their strategic objectives.

Risk tolerance: the acceptable variation in outcomes related to specific performance measures linked to objectives the entity seeks to achieve.What is risk appetite? What is risk tolerance?

Risk Reimagined!

How can you help the board and top management set desired levels of risk and also help decision-makers take the right level of the right risks?

Risk Reimagined!

Does it make sense to be risk avers