Although the Global Financial Crisis boosted awareness of risk management, few companies are putting these principles into practice, a global report shows.
The KPMG Global’s survey, "Expectations of Risk Management Outpacing Capabilities - It’s Time For Action", revealed executives were more risk-aware, but few made a consistent, company-wide effort to assess it.
KPMG Australia head of risk consulting, Sally Freeman said risk management was often assigned to a particular department, and Australian companies were failing to see it as a strategic, on-going challenge.
This meant executives might take the wrong risks and fail to identify the right.
“By being in business you’re taking on a certain amount of risk; it’s failing to optimise this and having a common understanding” which let companies down.
“By relying on an ad hoc approach or only one or two people doing this, you’re not taking on the risks you should be,” Freeman said.
Companies that managed risk well used a common, risk management language; they made this a company-wide effort, and had developed the confidence and resilience to take risks through strategic risk profiles and scenarios.
Top risks identified by Australian companies included growing regulatory and compliance pressures, a particularly complex challenge for businesses in the financial sector.
Other top risks included conduct risk – tax – reputational risk, ethical risk including damage to the supply chain’s transparency.
Freeman said political risks, included Australia’s interdependency with global trading partners and commodity prices changing.
Environmental risks, including climate change and natural disasters, were also at the forefront of risk management focus.
Develop a clear risk appetite. This can be as simple as having a risk rating system.
Have a common company-wide language to discuss risk management.
Have a strategic risk profile.
Employ a full-time, experienced risk manager whom can create this language, and organise and run risk workshops and scenarios.