The challenge facing companies today is to not only manage the ever expanding array of risks they face, but to navigate them in a way that turns them into an advantage. After all, finding a competitive edge is particularly hard in the current environment of low growth and increasing regulation.

While risk management can still be viewed somewhat defensively by some, taking risk is actually inherent in creating profit, and taking risk successfully is the key to differentiating a business from its peers. To get ahead, businesses therefore need a deep appreciation of the link between risk and reward and how this relates to strategy.

This message was reinforced by recent guidance from the Financial Reporting Council which called on boards to take greater responsibility for risk management. Indeed, companies must now be able to explain their business model with reference to all principal risks to it.

Unfortunately, many companies are still not managing risk in such a way that allows them to successfully navigate and exploit risk. All too often, the management of risk remains a ‘siloed’ operation, detached from strategy. Sometimes risk management is only seen as a compliance exercise, or at best to manage the company’s ‘known risks’.

Part of the problem is that risk functions, as they exist today, do not always enable a corporate-wide view on risk. Or if they do have such visibility, they may not have the authority or channels of communication to feed this through into the company’s strategic vision. While the risk function may be highly skilled in addressing the core risks on the risk register, company structure precludes the risk team from having an overarching perspective of risk across the business.

Apr-Jun 2015 Issue