When thinking about risk, we often ask: “What keeps you up at night?”. This question focuses on immediate issues and risks that we may be concerned about. But, thinking further ahead and considering the prospect of emerging risks, perhaps we should ask ourselves a different question: ”What will keep you up tomorrow night?”.
The onset of the Covid-19 pandemic forced businesses to deal with a raft of issues, ranging from rethinking business models and new ways of working in a new environment, to redesigning day-to-day operating controls to address the new working methods. It should have also given rise to the opportunity – if not the pressing need – to reconsider a business’s approach to overseeing and managing risk and to determining what the principal risks are to the achievement of the business’s goals and strategy.
We find ourselves at a time when a board should not just be asking what new risks it needs to address; it should be reconsidering and rethinking many of their business’s existing risks because of the changing external landscape. This changing environment has meant that many risks themes still remain relevant, but the organisation’s exposure to these risks is very likely to have changed. Existing risks may well now have a very different impact to that previously envisaged. And, additionally, the speed of a risk crystallising is now likely to have accelerated so the impact may well be felt much sooner. A board not keeping up with key risks may well find themselves caught by surprise. So, boards should spend sufficient time revisiting existing risks, whether internal to the organisation or external.
From an organisational perspective, for example, many organisations operate with under a matrix structure. Issues of transfer pricing will have been on audit committees’ radars for some time, but this now should now be getting elevated focus. The question of inter-group transactions – where business originates and where a transaction is booked – has the increasing attention of national tax authorities, and the impacts on revenues, profits, remuneration and capital (to name a few key areas) are now all increasingly pronounced. Time for a rethink, particularly as purpose, culture, conduct and ‘social licence’ to trade take on greater importance?
From a macro-economic perspective, we are yet to discover how strong or prolonged the recovery will be. The impact of the pandemic may have masked the impact of other issues such as the separation of the UK from the EU. Extensive work will have been undertaken by boards on business viability in the early stages of the pandemic, and many businesses judged to be viable will have benefited from financial support and loans. As support is withdrawn and loans need to be repaid, ongoing viability will come back under the spotlight. And where banks may have made loans under less strict underwriting criteria, they will need to consider the recoverability of the loans they have made. So, this uncertain macro-economic environment will be another reason for a fresh look at existing risk and resulting vulnerabilities.
The often-technical nature of risk today can lead to a lack of board understanding and engagement with certain principal risks faced. All the more important that the board has the right experience, effective support and a fresh perspective to enable a rethink of existing risks, as a matter of priority, focusing on changing vulnerabilities and exposures – as well as new opportunities that may present themselves.
Hanif Barma is a co-founder of the Risk Coalition and a partner at governance consultancy, Board Alchemy. His blog draws on the discussion at the webinar held on 14 July 2021 to mark the launch of the partnership between the Risk Coalition and the Centre for Governance, Risk and Regulation at the London Institute of Banking and Finance. Marcia Cantor-Grable, Olivier Beroud and Bryan Foss participated in the panel discussion which was chaired by Natalie Schoon. Recordings of the webinar and the post-webinar podcast are available here.