A report from Accenture, "The Changing Face of Risk Management," talks about how risk management within financial services firms (with a focus on insurance) is changing -- and in my opinion, in a very positive way.

Will other industries follow this lead?

Key Quotes:

  • Risk management continues to advance into the mainstream of business life. Until recently it was often positioned largely as a compliance necessity and viewed as a cost of doing business. Increasingly we see financial institutions (FIs) associating risk management much more with innovation and striving to enable sources of competitive differentiation.
  • 98 percent of respondents said that risk management is a higher priority today than it was two years ago. More than 80 percent of companies surveyed also consider their risk area to be a key management function that helps them deal with marketplace volatility and organizational complexity.
  • ... as businesses innovate and compete, by default they must take on more risk. So the only way for them to succeed in that high innovation environment is by having better risk management capabilities to enable the new ventures and extensions to be successful over the long term.

    Consequently, across industries there is a movement of Risk Management activities and focus from the back office to the front office, from compliance and cost control to differentiation. That creates a much more tangible, and ultimately healthy, connectivity between risk management, as a function, and the strategic growth drivers or business plans for the organization.
  • Historically, risk management has been a defensive discipline, but its movement into the mainstream means that it is helping the organization play offense more frequently as part of its role. In other words, businesses are beginning to do things with risk that add value rather than simply limiting it or protecting the business from “risk.” ... Taking risks are part of everyday business, taking unmanaged risks is where troubles arise.
  • Both CROs and Chief Human Resource Officers (CHROs) are becoming much more aware of the need to put measures in place around individual understanding and engagement and the overall level of risk awareness in organizations. As a result, there is often a need for training to be put in place to ensure that all employees understand their specific roles in managing risk in the organization.
  • It would be hard to find an industry or large-scale organization that does not see its business model today as more volatile and more complex than it was only three years ago. All firms are trying to discover where profitability and growth will come from in the future.
    To manage the business going forward they need the risk management capabilities to support scenario planning and risk mitigation and information based on more than just a finance or a process perspective. They need to be able to look at different markets, customers and product lines in a more sophisticated manner and ultimately to be able to adjust the dials as they try to take business forward in a more complex environment.
  • … businesses are starting to demand better information and insight in new dimensions, faster, and in a more predictive manner, and they need risk analytics to meet the complexities that they face.
  • … more than 90 percent of Latin American firms have existing ERM programs in place, compared to only 52 percent of European companies and 60 percent of North American ones.
  • There is a trend in risk management to use specific tools which are placed directly in the hands of business lines (e.g. front office decision makers). This falls in with the trend of moving the risk management responsibility and ownership to the front line and embedding it into day-to-day activities
  • In the wake of the recent financial crisis, organizations are looking to transform the way that they manage risks. Pressures on margins, the high cost of technology and burgeoning regulation mean that firms are searching for competitive differentiation by moving from compliance to performance and adopting more effective and efficient risk management practices.
    Technology is playing a key role as an enabler for this transformation driving demand for new architectures and high performance computing. However, technology alone is not going to deliver the desired outcomes. Culture and collaboration are also critical success factors.
  • Ultimately, successful organizations will look beyond regulation and cost-reduction and view risk management as a strategic element of their value chain, delivering sustainable growth and innovation.

Risk Management in Ten Years

What do you think? Will organizations in all sectors and industries realize, sometime in the next decade, that risk management is about sustained, optimized performance? It’s not just about "playing defense."

Editor's Note: To read more by Norman Marks: