Creating value is about managing risk to maximize reward. The most successful companies seize opportunities without stumbling on the risks around them. But when risks are always changing, and you don’t connect risk management with business performance, this gets tougher. How can you best manage risks that are unknown or unpredictable?
Enter the risk-aware CFO. CFOs, with their holistic view of enterprise operations and business data, are in a unique position to help their companies detect and protect against risks and coordinate response. As a strategic advisor to the organization, you can play a critical role in aligning your enterprise risk management efforts with your corporate mission and line-of-business strategies.
But, as CFO, you are busy, and risk management can be daunting. With the explosion of data, digitization, and globalization, risks (both good and bad) are happening faster than ever. You need to identify and react to them faster—and prevent them, if possible. The ability for a company to move quickly, in a coordinated fashion, is now a critical core competency that depends on the right people and processes. You need the right leader – and solution – to quickly act.
With the proper enterprise risk management (ERM) solution, CFOs can connect business risk with results—helping teams to effectively detect and prevent risk, and creating a risk-intelligent culture. The result is transformative: the organization moves to “proactive risk management” and can connect business performance to risk management.
By definition, ERM is about managing any risk that impacts an organization. When you create a strong ERM framework, you unify, organize, and mobilize your company around strategies to address your most critical risks. But for many companies, their ERM framework is hindered by disconnected risk functions and processes, manual analysis, or siloed risk groups or teams. If ERM lives outside of your core business and financial operations, it prevents you from connecting business performance to risks. This approach to ERM is inefficient: it costs far more than it should and delivers far less than it should. It also compromises your ability to detect and prevent risks, and is frustrating for all stakeholders.
Even when the rest of an enterprise has modernized with cloud applications, ERM often remains the outlier; companies continue to use and sometimes even choose outdated technology to suit their outdated approach to ERM. This leads to audit misses, time lags in identifying and mitigating risks, and gaps in insight.
Some companies may have deployed integrated risk management (IRM) solutions, which is a step up from the legacy focus on compliance, but falls short delivering on its promise. IRM solutions try to provide an integrated view of how well an organization manages risk, but they’re typically bolt-on solutions that are not integrated with an organization’s most critical business applications. This gives a false sense of security and keeps risk standalone.
The key to avoiding this trap, is to make sure that collaboration is efficient and adds value, and that your people have the relevant insights and the ability to act on them. In the absence of this, you are forced to 1) accept the siloed approach either within or outside of the finance organization, or 2) struggle with inefficient collaboration that saps the organization of energy and does little to reduce risk.
With the right tools, you can engage the entire organization around ERM and manage business risk to maximize business results. What’s the best way to achieve this? And who should take the initiative?
ERM can be managed from a variety of places in the org chart. However, as CFO, you are at the intersection of business operations and the ability to execute on strategic initiatives. You are in a unique position to drive ERM.
If you’re looking to incorporate ERM into your list of responsibilities, you’re in good company. In a Deloitte CFO Signals Survey, over half of the CFOs surveyed said they are responsible for enterprise risk management, with 35 percent saying the function reports directly to them. The surveyed CFOs also said risk-related responsibilities are among the most likely to be added to their scope over the next three years, behind IT, and strategy and planning.
ERM takes a lot of effort—but with the right solution it can become a competitive advantage.
When you’re ready to adopt new technology for your ERM efforts, consider the following:
So, take on the responsibility of ERM, if you haven’t already. With the right solution, you’ll be happy you did.