Risk management is not the responsibility of a single department
it is the responsibility of everyone, from the chief executive down. Past corporate failings have been attributed to lack of accountability, strategy and transparency.
Tougher expectations by regulators and other stakeholders now mean that corporates and financial institutions should demonstrate better discipline, control and responsibility. Failure to keep on top of and comply with existing and emerging regulation could jeopardize reputations and livelihoods. How robust is your governance, risk and compliance program?
Financial risks have probably never been more acute. Capital reserves, credit portfolios, investment policies and capital and debt profiles all demand constant scrutiny to adequately manage and mitigate risk.
Companies should also be vigilant about risks presented by suppliers. A counterparty who defaults on a contract, or whose business collapses, can have serious financial and reputational ramifications for connected parties.
Fraud risks can also increase when cash is tight. Some employees become more opportunistic — and external hackers more resourceful. They find security lax in areas of the business that used to be better resourced … and they strike. Are your systems and policies sufficiently robust to ward off the risk of fraud?
At the same time, many companies are more likely to pursue litigation for losses that they would otherwise endure in more prosperous times. Disputes arise as they seek to apportion blame to other parties for inappropriate or negligent behavior that results in financial or business loss. Could you end up as instigator or defendant in a litigation case?
With all these demands, internal audit is in many companies often elevated from pure compliance to a function that regularly reviews the risk profile for emerging risks and identifies trends as it keep its finger on the pulse of business performance. The chief risk officer, meanwhile, becomes increasingly involved in strategic decision-making where the emphasis is as much on risk as it is on growth.