Why businesses must embrace new technology and take a less reactive approach to risk management

Companies with strong risk cultures have several key traits. Most importantly, genuine ownership and responsibility for risk culture rest with front-line employees, with executive-level accountability for cultural deficiencies.

To be fully lived, culture must be tied to an institution’s day-to-day business operations and outcomes.

At the same time, someone needs to be responsible for coordinating the definition, measurement, reporting, and reinforcement of risk culture, within a risk function.

True, coordinated transformation is impossible without an enterprise-wide perspective. Risk culture must be continuously monitored as a strong culture requires upkeep and reinforcement.

In this age of digital transformation, businesses need to evolve their risk management teams. Yet many risk managers go underappreciated for the gravity of their work, and can be slowed down by an over-reliance on manual risk management processes.

Technology has simplified operations in many areas of the business, but this has not yet been the same for risk and compliance teams.

Talent management in risk

To achieve long-term transformation, businesses must proactively rethink their people-management strategy in the risk function. There are numerous instant steps any business can take.

These include defining collective talent management target requirements for the risk function.

Risk departments must adopt five globally acknowledged and practical strategic talent-management approaches. The first four initiatives are mostly concerned with improving individual talent management capabilities, whereas the fifth is primarily concerned with collective talent management:

1. Attract and hire skilled risk management professionals with compelling stories.

2. Employees must be developed through implementing holistic learning and cross-company training.

3. By providing clearly defined career routes, you may groom individuals into well-rounded leaders.

4. Employees should be adequately rewarded based on risk-specific and diversified performance assessments and incentive schemes.

5. Promote company-wide connectedness through focused cross-functional efforts.

Shifting to a proactive stance

Traditionally, risk management programs were developed to assess, report, and mitigate risks during and after they happened, with an emphasis on reducing the fallout and minimising damage to the company.

Reactive risk management strategies are used to develop preventative measures against known risks, whereas proactive risk management strategies incorporate creative problem solving, predictive analysis, and a focus on root causes of risk, leveraging deep analysis of past, current, and future data sets to identify relevant risks before they occur. Then developing contingencies for both unforeseen and established risk drivers.

Proactive risk management starts by assessing prospective risks, identifying the drivers associated with their root cause, and then determining the likelihood of the risk occurrence as well as the probability of the negative impact of such an event.

It attempts to quantify the harm caused by a specific effect, the mechanisms driving the impact as a manifestation of mismanaged risk, and the total losses to the business, whether in terms of reputation, competitive advantage, or revenues.

It employs closed-loop feedback, which leverages tools such as artificial intelligence (AI), process automation, and data analytics, in conjunction with ‘the human component’ of creative thinking and problem-solving.

To successfully revolutionise risk culture, businesses must embrace new technology and take a less reactive, more proactive approach to risk management.

Ryan Swann is a founder at Risk Smart