A new definition for emerging risks

The identification and management of emerging risks has become ever more important to businesses, not least because of increasing pressure from the regulator.

Despite this, understanding the new threats that a business might face can be extremely difficult, says Oliver Carpenter, a research assistant at the Cambridge Centre for Risk Studies.

Speaking at a Lloyd’s of London event, Understanding the next 10 Years of corporate risk, he used the example of consumer-facing businesses to show just how important it is that risk managers and executives understand what risks could derail their organisations.

He said: “Business success comes with risk - we all know that. And we know that we’re in a fast-evolving business environment.

“The consumer sector is just one example of a sector facing really rapid change in the risk landscape, and it comes from all sorts of sources.

“For instance, you’ve got internal risks facing organisations from within and exogenous risks from all corners and particularly for the consumer sector you’ve got consumer driven change.

“My point is that risk comes from all angles and it has the potential and ability to take down an individual company or even an entire sector.”

“In light of that, there’s much more pressure from shareholders, from society and from regulators to disclose, understand and manage risk.”

One problem with dealing with emerging risks and meeting the increased regulatory requirements, says Carpenter, is that it can be extremely hard to even know what constitutes an ‘emerging risk’.

He pointed to the various definitions used by different organisations to show how complicated it can be to pin down what makes a risk ‘emergent’.

He explained: “The UK corporate governance code requires that all companies disclose a robust assessment of both emerging and principal risk.

“The issue is that they don’t actually define emerging risk, so it’s not well understood. There are differing definitions depending on where you work.

“We can pick a few key themes out of each of these [company] definitions. Lloyd’s says ‘emerging risks may not be fully understood’, Swiss Re says ‘difficult to quantify’, EY says ‘scenarios that could derail the company’s plan’ and Axa says ‘emerging risks are long term trends, hot topics and weak signals’.

He argued that although the International Organisation for Standardisation (ISO) is currently developing standard for guidance on managing emerging risks to enhance resilience – this is still several years from completion.

In order to try and help better understand what constitutes an emerging risk, the Cambridge Centre for Risk Studies has come up with its own definition.

The group says an emerging risk can be defined as: “a new risk, a changing risk or a novel combination of risks for which the broad impacts, likelihoods and costs are not yet well understood.”