Unfortunately, risk management has a stigma of being mainly a cost center and a way to meet legal and regulatory requirements in order to do business.
According to Mark Beasley, CPA, the director of N.C. State’s ERM Initiative, “Enterprise risk management continues to be viewed more as a compliance exercise than one that produces strategic value.” A precise statement showing a lack of value and respect for ERM across all organisations.
Risk practitioners are facing an immense challenge to change the narrative on how proper risk management can add value to the organisation over the long term.
Enterprise Risk Management, if implemented correctly, can add tremendous value to strategic decision-making occurring at all levels of the organisation.
Establishing a risk aware culture within an organisation adds value that goes beyond the enterprise, going as far as having a positive impact on the entire economy, and it all starts at the top.
NC State’s report showed that only 76% of financial institutions surveyed report top risks to the board on an annual basis, compared to 82% of large organisations and 89% of publicly traded companies respectively.
This shows roughly 33 financial service organisations that were surveyed do not discuss top risks with executives on an annual basis.
This is quite startling considering this industry was where the sub-prime crisis played a key role. We would expect more adherence to risk averse practices, starting with communicating present risks that could hurt the organisation.