Every business is subject to risk, some are internal while some are external.
Transformation is a constant process these days. Whether it is technology, consumer preferences or even our economy, the rapidly evolving and increasing digitized economy, the fast paced transformational trends has the potential of being the potential for organizations and businesses to be disrupted and perhaps even be displaced.
Risk is inherent in every business and the truth is that most companies are not too good when it comes to setting up structures internally to manage their operating and business risks.
ICICI Lombard Life General Insurance Company, the largest private sector non-life insurance company and one of the leading general insurance companies in the country, recently commissioned an all India research to identify the risk practices adopted by Indian organizations titled as “Readiness of India Inc. with respect to Risk Management”.
The research conducted through online interviews with 130 C-suite risk officers from businesses across the country revealed a startling reality that 35% organizations in the country still rely on archaic platforms like spreadsheets for risk management while 11% do not use any technological platforms at all.
The research elucidated the importance of Enterprise Risk Management as a holistic framework to manage the potential downside of disruptive risk by combining culture, capabilities and practices with strategy setting and its execution to manage risks in order to create, persevere and realize value and thus achieve faster growth preparing organizations better to capitalize on the resulting opportunities.
Highlighting a combination of control and compliance with strategic business decisions which would result in an efficient risk management system, the report revealed that 73% of organizations had adopted risk governance mechanism for more than three years, while 20% got themselves equipped in the last three years and 7% introduced the same in the last year.
Regulatory compliance topped the key risk areas perceived by India Inc. with 53% organizations voting for it, geopolitical uncertainty was perceived as the next for 27%. Uncertain economic growth and information insecurity was perceived as key risks by 23% each but only 11% respondents considered technological disruption as a risk area.
The research further revealed that organizations need to rethink their risk analysis strategies and imbibe a renewed approach to risk management considering the surge of emerging disruptions caused by artificial intelligence, augmented reality biometrics, Internet of Things (IoT) and predictive analytics. 94% organizations have embraced well defined roles for managing risks, 91% possess designed and documented risk governance structure while 81% have appointed BoD level sub-committee for managing risks, the study exposed.
Accepting the fact that risk appetite is one of the parameters for driving a successful ERM module, the report suggests that 81% organizations have shown greater maturity in adopting risk appetite statement as part of the risk strategy management, whereas 53% businesses were equipped with well-defined risk strategy approved by their Board.
Talking about multiple levels of maturity in achieving a strategy-driven ERM program, the research states that 88% organizations claimed that supporting strategic business decisions as one of the key drivers for ERM implementation, 76% respondents believe that an efficient ERM framework is necessary to boost investor confidence.
The report further reveals that even with well-defined Key Risk Indicators (KRI), it is imperative to establish business linkage, with 72% respondents having well-defined KRIs, while 41% organizations claimed to have KRIs linked, prioritized and fully integrated business.
The latest trend towards risk management is both old and new hat for these Companies. With many risk management techniques being unconsciously performed by them, the trick is to wear the new hat by applying new techniques to address strategic risks that are disruptive to their value proposition and which are generally difficult to foresee, measure and minimize.
As rightly said by Bhargav Dasgupta, MD and CEO of ICICI Lombard General Insurance Company, risk management is a crucial organization responsibility not just limited to identifying the risk elements or risk indicators, but aligning them strategically with business decisions to maximize the security of the organizations. It is absolutely true since the level of initial comfort that organizations can provide stakeholders on their risk management capabilities has a distinct impact on the scope, depth and timing of risk-focused analysis and examination procedures.
Some key points highlighted in the report are surely worth mentioning in a nutshell:
Board level sub-committees for risk management have been appointed by 81% of Companies.
Risk governance mechanism is in place for more than three years in 3 out of 4 organizations.
Advanced analytical tool for impact management has been deployed by 29% companies.
Risk culture diagnosis is not performed by 36% respondents.
Spreadsheets are continued to be used for risk management by 35% organizations.
Technical platforms for risk management are still not used by 11% of the Companies.
The fact that ERM helps protect corporate reputation is believed by 81% organizations.
Almost every part of businesses is impacted by innovative technologies and new competitive paradigms with rapid space. A strategic Enterprise Risk Management is the only way forward for organizations to proactively navigate the rough waters as the tide changes.