Risk Management
There is no Enterprise without Risk
There is no Enterprise without Risk
Pasquale Merella, FRM
This article is published in collaboration with LinkedIn. Publication does not imply endorsement of views by Appetite for Risk. It is quite common to think about risk keeping separated market risk, credit risk and operational risk.
The question is: can a business manage its risks separately, one at time or better in a whole framework? The main goal is represented by RAF Risk Appetite Framework which defines the levef of risk desired by a firm. In my opinion a crucial aspect concerns how the Enterprise Risk Management ERM could create value for the stakeholders. Let’s try to scrutinize an implementation process both at a macro and micro level. At a macro level, we need to focus on the risk/return tradeoff of the firm. Managers try to excecute the firm’s strategic plan optimizing that tradeoff. At a micro level instead, managers have to evaluate new projects not only in relation to the inherent risk profile but also considering the overall level of risk of the firm. Accordingly, a decentralization process could be the best way to evaluate the risk/return tradeoff. The idea is to consider the context in which a firm operates and how a new project can affect the firm’s total level of risk. Hence, the Board of Directors must be able to evaluate how each business unit contributes to the total risk of the firm. As part of ERM Programme, managers have an incentive to monitor the impact of the project’s risk profile on the level of risk of the firm. There are three main reasons to involve managers in the risk-return tradeoff strategy:
- Enhance the risk management culture. A consistent process to consider the impact of all important risks can improve the managers involvement in the optimization of the tradeoff previously mentioned.
- Every risk has an owner. An important aspect of performance evaluation is to provide a strong incentive to managers in order to control risk taking process.
- Risk Assessment fits better closest to the business unit. A key rule is to take advantage of the knowledge and expertise of the managers on their business unit.
Effective oversight of risk taking is a key responsability of the Board. A well integrated risk management framework could provide directors with tools to enhance risk oversight structures and competence. Any enterprise knows that uncertainty is an intrinsic factor in conducting operations. The concept of risk is often viewed as a negative value in the traditional understanding. We say it’s a sort of “exposure to danger or hazard”. But let’s consider this from another point of view. A new investment project can bring dangers but also opportunities. Hence, a better definition of risk uses a mix of both concepts. We can not seize an opportunity without the will to deal with some danger or suffer a loss. Any offer that looks “too good to be true” usually turns out to be a scam or maybe a spam in your mailbox. It follows that risk management is not just about minimizing exposure to wrong risk but it is an effort to increase exposure to good risks. Therefore, with respect to ERM, we can see how risk management could be viewed as a value-creating activity, and not just as a mitigation activity!