Need to optimize your risk management program? Strategic risk management is crucial because of increased regulatory pressures, stakeholder pressures, the impact on capital costs, the personal effect of corporate risk, and the effect of the Internet of quickening the pace of dealing with risk factors.
3344 Letter from the Publishers
The
Two
Faces
of
Risk
Cultivating Risk Intelligence for Competitive Advantage
Deloitte Review deloittereview.comTHE TWO FACES OF RISK 3355
You needn't be a seer or sage to perceive risk. It's as predictable and as devastating as a Florida hurricane and as far-reaching as a corporate scandal. But you do need to be a visionary to see the opposite side of the risk coin, the one that lands face down after you flip. The underside represents opportunity, competitiveness and growth.
What do these things have to do with risk? Quite a bit, in fact.
BY STEVE WAGNER > MARK LAYTONILLUSTRATION BY ANTHONY FREDA
Rewards, and Lack Thereof raditional approaches to risk management emphasize mitigation, focusing on Tthe readily apparent risks facing a company in the areas of security, privacy, credit, regulatory, technology, fraud and more. These threats are, of course, im-portant and must be addressed. But enlightened risk managers (and we are talking about the entire C-suite here, not just the chief risk officer) don't worry just about the bad things that could happen, such as the theft of sensitive customer data. They also consider the good things that might occur, like introducing a hit product to the marketplace. While it's important to evaluate potential crises, it's equally critical to consider risks that are linked to success so you can capitalize on opportunities. What if, for example, your factory doesn't have the production capacity to meet the demand for your new blockbuster product? You've just squandered an opportunity. We call these two faces of risk "rewarded risk" and "unrewarded risk." Unrewarded risk represents what poker players call "table stakes": you've got to ante up just to get into the game. The ante, of course, doesn't guarantee success; it only ensures that a hand of cards will be dealt to you. Numerous examples of unrewarded risk appear in business. For instance, every public company in the United States must comply with payroll tax withholding laws, observe OSHA health and safety requirements, and pay bills when they come due. Yet companies that perform all of these tasks in a timely and competent manner don't see their share prices surge as a result. These kinds of activities simply meet expectations of shareholders, regulators, suppliers, analysts and other stakeholders. The attendant risks can't be ignored, but the primary incentive for addressing them is value protection, not value creation.
ddeellooiitttteerreevviieeww..ccoomm DDeellooiittttee RReevviieeww36 THE TWO FACES OF RISK
Conversely, rewarded risks represent the strategic bets that you place during your poker game. You've assessed your hand, sussed out the competition and wagered a stack of chips with the expectation of raking in many more than you've laid out. In business, rewarded risks are those bets you make as you develop new products, enter new markets or acquire new companies. The primary motivation for taking rewarded risks is to spur value creation. Fixate on just one side of the coin and you'll get a one-sided result. Focus on value creation (rewarded risk) to the exclusion of value protection (unrewarded risk) and you'll quickly find yourself on the slippery slope of noncompliance, litigation, reputational risk and other nastiness. Similarly, address only unrewarded risk and ignore rewarded risk, and your company may survive but will never thrive. In acknowledgement of these two faces of risk, we have coined the following business maxim: "Organizations that are most effective and efficient in managing risks to both exist-ing assets and to future growth will, in the long run, outperform those that are less so. Simply put, companies make money by taking intelligent risks and lose money by failing to manage risk intelligently."
Why You Should Caref risk is not on your radar screen, it's time to upgrade your detection equipment. A Iconvergence of factors has converted risk management programs from a "nice to have" option to a "can't live without" imperative. These factors include the following.Regulatory pressures have increased: The New York Stock Exchange now re-quires the audit committees of all listed companies to evaluate the risk management practices of the company.Stakeholders are flexing their muscles: Institutional investors now routinely in-clude risk management considera... [download for more]
