5 reasons to re-consider your enterprise risk management (ERM)
As we’ve seen this year businesses need to be ready for the unexpected. COVID-19 has shown how organisations can be vulnerable to external threats, and, perhaps more importantly, how an organisation’s ability to respond to changed circumstances can mean survival. The businesses that have been able to swiftly shift operational models, ‘pivot’, or even reinvent their business strategy have been better placed to withstand the impacts of the pandemic.
While a tactical reinvention or pivot might be the best response, it’s not always easy to implement. The ability to be agile requires planning and preparation. Enterprise risk management (ERM) is a process that can help businesses make plans for a range of future events and risks.
ERM takes a holistic look at risks and allows organisations to identify, assess and prepare for events that can impact a range of business operations and strategies.
ERM looks at all types of potential threats and dangers, from the internal through to external and physical factors. Once a risk is assessed businesses can then look at what they need to do to prepare for those future risks and threats.
Prepare for the unexpected
If there’s one thing that 2020’s shown us, it’s that businesses need to be prepared for the unexpected. This year we’ve seen the impacts of external factors like enforced lockdowns and changes to consumer behaviour, and the ways businesses can be forced to quickly enact plans to mitigate, transfer or tolerate a wide range of risks. While the global pandemic meant that workforces quickly shifted to remote working, the impacts were felt across all areas of organisations:
• Financial – e.g. loss of revenue or a need to unexpectedly finance investment in new technology or operating models
• Strategic – e.g. the inability to progress growth, expansion and workforce plans
• Operational – e.g. reinvention of workforce, logistical and supply models that were impacted by lockdowns
• Environmental – e.g. changes to demand, customer expectations and competition
• Reputational – e.g. ability to meet customers’ changed circumstances and not be seen to capitalise on events
• Human resources – e.g. management of outputs, behaviours and performance objectives with a workforce at home
• Technological – e.g. while the ‘zoom-bombs’ by kids and pets were generally warmly received, hacks and security threats involved with a workforce at home needed to be taken seriously.
Be able to respond to regulatory requirements
Kenneth Hayne delivered his final report into the banking royal commission in 2019. The report listed 76 recommendations with an estimated $10 billion expected to be returned to customers in compensation. Businesses, especially those in highly regulated industries, are now addressing the need for increased governance and compliance.
While legal and regulatory requirements are changing constantly, businesses exposed to reputational and conduct risk need to be able to quickly respond. By being in a position to appropriately respond to conduct risks and conduct breaches, with monitoring systems in place to detect breaches, businesses in highly regulated industries will be better positioned to manage and mitigate risk. With legislation still being introduced, businesses that have set up risk monitoring systems and processes will be well positioned for future changes.
Improve your business’s strategic decision making
Businesses grow and thrive when strategic-decision making is holistic. ERM can also become a tool for strategic decision-making, because risk is being assessed through the lens of strategy. The process of looking at the internal and external elements of your business strategy with an eye for risk management means you’ll be able to develop plans that focus on current state, future state and potential threats.
Assess your business’s appetite for risk
21st century businesses are being defined by entrepreneurs who are disrupting traditional business models. Taking risks is inherent to some of these businesses, however not all organisations know how much risk they are able to tolerate. Strategic risks can improve growth outcomes, and an ERM process can help to work out where a business’s line is.
ERM can provide businesses with a competitive edge, by helping businesses:
• Improve decision making
• Prepare for external events outside of a business’s control – businesses with plans in place are more likely to be able to reinvent their operating models
• Manage risks that can impact reputation or draw the attention of regulators.
YakTrak’s software system provides modules for people development, quality assurance, and conduct risk, as well as provision for data leakage protection. Customised dashboards and reporting provides improved visibility across individual, team and company performance.
Developing an ongoing enterprise risk management (ERM) system and using YakTrak to provide support for your people management and conduct risk activities can provide robust insurance against the unexpected.
Read more about how we can support your enterprise risk management initiatives.