With advanced connected technologies revolutionising the manner in which products and services are being designed, developed, implemented, and maintained, organisations are likely to face different challenges pertaining to risk management.
Exploring the risk stance of corporations in India
In today’s vulnerable, uncertain, complex and ambiguous business ecosystem, an environment we generally refer to as the ‘VUCA’ world, it has become imperative for enterprises to become increasingly cognizant of opportunities and threats that lie ahead of their businesses from known and unknown sources.
With advanced, connected technologies revolutionising the manner in which products and services are being designed, developed, implemented, and maintained, organisations are likely to face different challenges pertaining to risk management. Identifying the emerging breeds of risk is becoming the leading priority for the risk teams. However, risk professionals have before them a challenge to not only keep pace, but also think one step ahead in an attempt to foresee new forms risks, and collaborate with the business functions to build mitigation strategies.
Organisations in India demonstrate a contrasting trend with regard to their approach towards risk management. According to the Deloitte ‘Risk Survey 2018’, 44 per cent of the businesses harness risks to find future opportunities and drive returns (a value-focused approach) while others (36 per cent) use risk management with an aim to drive compliance and prevent losses. This insight further gets validated with the fact that Regulatory Risk (44 per cent) still leads amongst the top 3 risk areas in India followed by cybersecurity (31 per cent) and technology disruptions (25 per cent). The core reason for this trend is the fact that CXOs are considering regulatory compliance as a critical value protector exercise. Interestingly, 3 years from now, there is an expected shift in the trend and cybersecurity (36 per cent) takes the lead amongst the top 3 risks for businesses, followed by technology disruptions (33 per cent) and regulatory risks (31 per cent).
Thirty nine per cent of the organizations mentioned that risk management is the responsibility of each business function, and there is no separate CRO role. We also probed corporate India on the extent of adoption of key enablers in their risk management programs in the last 3 years and the findings suggest that while there is high level of collaboration with the business units, the investment in tools and the right skills sets leaves a lot to be desired:
• 32 per cent of the organizations have low investment in automation;
• 34 per cent of the organizations have low adoption of analytics;
• 34 per cent of the organizations have not reskilled or staffed their risk management teams adequately.
The findings of the survey allude to the fact that there is a need to channelize risk for accelerating performance, and organisations can adopt several leading practices that are driven by strategy, culture, and measurement.
• Strategy: There is a need to break down the wall between risk management and strategic planning. Risk professionals and business leaders must share ideas on the threats and opportunities facing the organisation.
• Culture: Creating a culture, in which, risk management is everybody’s business will get the board and leadership involved in risk conversations and educate professionals to understand their role in risk management. Individuals must be trained to identify risks, to calibrate their response, and to act on the knowledge that for every threat, there is a business opportunity.
• Measurement: Data analytics is a major enabler of a value-focused risk strategy. Business has reached a level of complexity that demands a more scientific approach to the information generated inside and outside the organisation. Technology is only as good as the people who use it. Data analytics requires skilled people to ask the right questions to uncover the most useful answers.
We believe that the organisations that shift their mind-set from risk averse to risk aware will be able to lead in their industry, navigate risks and opportunities more effectively, and disrupt the traditional and obsolete systems and processes through innovation.
About the author:
Rohit Mahajan is President – Risk Advisory at Deloitte India.