Yesterday’s BRINK article on the outlook for global risks depicted a fractured and fractious world, characterized by the confluence of far-reaching technological disruptions and seismic shifts in political and geopolitical imperatives. The extraordinary velocity of change that is spurring many companies to question not just their basic resilience, but also their fitness for purpose in the new world order is also influencing expectations of risk management.
If robust finances were the major corporate concern during and after the financial crisis, the key issue these days is market positioning. If back then the risk management buzzwords were prudence and controls, now they are business case support and responsive agility. Staying out of—or exiting—certain markets for fear of an unwelcome shift in the political climate might prove expensive, not least if competitors are more bullish. Likewise, the pressure for adopting new technologies is intense, even where near-term performance benefits are uncertain and longer-term ecosystem effects unclear.
As our new report contends, risk leaders should devote more resources to grappling with emerging threats. While this doesn’t mean tasking teams with predicting the future, it does call for a stronger role in challenging prevailing assumptions and giving shape to key uncertainties in a way that illuminates the impact of plausible scenarios and informs senior management decisions. It involves recognizing not just that new risks are appearing on the horizon, but that operational risks may become strategic risks, known risks may become unknown, controllable risks may become uncontrollable, and risks assumed to be acceptable may acquire “fat tails.”From Identification to Action
Three things are essential if work on emerging risks is to remain true to the messiness of these issues and also be truly integrated into corporate decision processes. These are: creatively exploring the sources of risk; embedding a thorough risk characterization in impact analyses; and being able to justify potential responses.
The search for emerging threats requires looking beyond the issues that can immediately and easily be anchored to business performance. Unpack hot risk topics and trends to see how different—often non-market—forces might surge or collide in problematic ways. Tease out pockets of volatility or uncertainty in the firm’s commercial ecosystem. Apply a fresh lens to the firm’s strategic and institutional vulnerabilities.
It’s often unwise to dismiss possible risk topics too early—they may combine with other ideas and be useful later. And don’t worry at the outset whether something is a risk, a driver or a consequence—that can be resolved in due course. A preparedness to challenge “house truths” is vital, as is not constraining discussions by views on probability (“the chances of that happening are tiny”).
A thorough characterization of the top emerging risks involves assessing what’s shaping each risk, their likely trajectory and its potential consequences, with a view to determining where it might touch the firm, the types of impact and the time profile of the damage. This helps clarify the materiality of each risk, and provides an initial steer for response planning.
Quantified scenarios that give shape to plausible alternative futures are useful for exposing hidden tensions between commercial ambitions and corporate risk appetite. They can be used not just for stress-testing finances, but also for challenging strategic goals and rehearsing crisis management preparedness. Although scenario narratives and quantification exercises for emerging risks shouldn’t be constrained by historic data and risk relationships, acceptance of the results will depend on the degree to which key stakeholders have appreciated the validity of the inputs.
John Drzik on the Global Risks Report
Management levers that address a range of top-tier emerging risk concerns may present a more compelling business case than multiple action plans targeting individual issues. However, overly generic recommendations will encounter pushback from company leaders as they will be unable to articulate what they will deliver and the (opportunity) cost of doing so. The threshold for mandating action is that much higher than for familiar risks, given the high levels of uncertainty, especially with regard to preemptive responses.
Investment decisions regarding solutions for emerging risks should also take into account residual risk exposures (“are they acceptable?”), any significant knock-on consequences, the lead-in time required to implement the measures, and the speed with which precautionary measures can be unwound should they no longer be needed. Sometimes, aggressive market plays and investment in research and development are more appropriate than defensive mitigation measures. Contingency planning may strengthen resilience against fast-onset risks, where precautionary action has been deemed unviable.
The search for emerging threats requires looking beyond the issues that can immediately and easily be anchored to business performance.A New Boldness for Risk Teams
With new risks swinging into view, senior-level demands changing, and new technological capabilities emerging, this is an exciting time for risk leaders to reframe their function for the new era.
Taking advantage of the new opportunities requires a shift of emphasis in three areas:
- Better alignment with business priorities: Risk teams need to demonstrate strong business or commercial acumen and engage more intensely with the company’s strategic ambitions and major investments. This will sharpen their ability to develop valuable insights into emerging concerns and help scope innovative risk mitigation solutions.
- More flexible deployment of resources: Revised analytical methodologies, including the introduction of new data science and automation techniques, should free up capacity in risk teams for more project-based (as opposed to routine) risk work and the provision of advice to business and functional leaders.
- Greater dynamism in stakeholder engagement: A more creative lens with regard to emerging risks will enable risk teams to engage with institutional and individual biases and blind spots and help build an appreciation of threats for which evidence may be limited or conflicting.
To take this forward, some risk leaders may need to expand their comfort zone. But those who can mesh strategic vision, influencing skills, and technological fluency on top of their core risk-management expertise will be best positioned to help their firms negotiate dynamic risk environments laden with potential shocks and disruption.