Enterprise Risk Management continues to evolve and become ever-more complex. Realities like increasing government regulation, looming cyber-risk, and the new unknowns of digital and marketplace disruption demand that boards and C-suites take a more proactive role in risk management.
But as the need for better, more informed risk management skyrockets, technology solutions struggle to keep up. To deliver risk management and oversight well in today’s business environment, what we need is smarter technology.
1. Growing Oversight Complexity
After decades of evolving regulatory reforms that started in the ’80s and new levels of risk awareness growing out of the 2008 financial crisis — not to mention the unknowns of cyber-risk — the risk management oversight imperative is more complex than ever, requiring ever more time and insight to do well.
As Nitish Idnani of Deloitte points out in WSJ, technology is both a cause of disruption and one of the remedies. He says,
“…it's important that leadership formally examine the effects of technology changes on operational risk profiles and manage those impacts…” Monitoring this interaction often demonstrates both internally and externally—to regulators and shareholders—that the C-suite and board have engaged in providing sufficient oversight.”
Smarter technology is the only way for leadership to effectively manage this enterprise-wide risk oversight, with the C-suite managing day-to-day strategy and the board providing supportive oversight, ensuring that all necessary information and communication both organized and tracked.
2. The Emerging Collaboration Imperative
First, boards added risk committees. Then, boards spread the risk conversation across every committee. Now, it’s clear that risk management needs to be on everyone’s plate. It’s also clear that there is no single expert.
As Derick Hughes of Ethical Boardroom points out in his examination of risk oversight trends, today’s risk management requires collaboration between CEOs and board members.
“CEOs will be working more with boards not only to create and generate value for investors but also to protect value by implementing effective risk management procedures and setting up risk committees and processes as required. Investors in particular are looking for risk management with regards to managing volatility of earnings of companies.”
We need the board and executives to collaborate around identifying and assessing risks while working alongside subject-matter experts who can examine challenges with an eye toward prevention. This means coordination between the board and anyone in the company responsible for risk oversight or management, as well as internal coordination between board committees and their departmental counterparts in the company.
How can a complex and layered conversation like this happen best? On a smart technology platform that is highly secure, easily documented, and custom-designed for success. It is far too important to be left to a patchwork solution or public channels that will never be secure enough.
3. The Measurement Mandate
In a rapidly changing business environment, keeping risk front and center in an easy-to-understand format is critical. At the same time, regulators want more detailed data and investors are are including risk management in ESG metrics they use to make investment decisions.
Daniel Moore, Chief Risk Officer at Scotiabank, points out in a recent interview with McKinsey about effective anti-money laundering in banking, that part of the solution is better technology that has the capability to facilitate the communication and measurement, which then helps with understanding, implementation, or potential litigation.
“Every form of risk, including [Anti-Money Laundering], should have KRIs (Key Risk Indicators) to assess the inherent risk, the mitigators, and the residual risk…
Communication and relationships are important in whatever jurisdiction you’re operating in—relationships with the regulator, bringing them along on the journey. In many jurisdictions, including the US, we’ve seen a shift in regulatory expectations where they are more open to a focus on the use of analytics to produce better outcomes.”
The interconnected needs of a range of stakeholders that includes the board, executive teams, regulators and investors demands an integrated solution. The answer is smart software with real-time documentation and communication that translates seamlessly to metrics, and all of that information needs to be both comprehensive and easy to splice for a wide variety of uses.
Today’s risk management requires more engagement and oversight from the top, deeper collaboration between staff, management and boards, and meaningful measurement. The only way to get this is with smarter technology that goes far beyond the board portal, and even beyond most GRC or ERM softwares on the market.
Cloud Concinnity® is designed to meet just such challenges. And the subject matter experts who designed it built it to be custom configurable to the specifics of each enterprise. It is the most secure way forward for every business ready to do what it takes. That’s what smart technology can do. Demand it for your enterprise and rest easier.