2020 will be remembered. Although the Covid-19 pandemic had a huge impact, there have been many obstacles to overcome. These include the forest fires in Australia and the Taal volcano eruption in Philippines. This was followed by a series of hurricanes that whipped the US and widespread social unrest in the US. These events have all highlighted the fact of persistent, disruptive volatility.
There is no reason for volatility to decrease. In fact, it is likely to rise. Matthew Bishop, an editor at the Economist, stated in 2015 that “In the remainder of our lives the pace of change will not again be as slow as today.” In the past 20 years we have witnessed the dot-com crash and the attacks on 9/11. We also saw the global financial crisis, and now the pandemic. Extraordinary events are becoming the norm.
Individuals and organizations cannot predict the exact risks. However, organizations can and must prepare for an uncertain future. This includes technological disruption, climate change, geopolitical risks, threats to global supply chains, cyber-crime, privacy and data protection. We saw this during the pandemic. Modern business practices, such as globalization and just in-time inventory management, can create their own risks. Regulators around the globe continue to expand and evolve their reach, including data protection and privacy, as well as money laundering, financial crimes, and bribery.
In order to maintain business operations in a volatile and complex environment, proactive and integrated solutions that include people, data, and infrastructure are required. So that organizations can be clear about how they will respond to challenges, it is important to establish clear direction at the top.
* Connecting risks more closely with business operations. Risk management cannot be done if it is kept in the back office.
* Gaining greater technology leverage. New technologies like machine learning and artificial Intelligence have great potential to help risk managers identify specific risks and provide faster responses. However, many risk teams have not yet taken advantage of advanced technologies in areas such as data, modeling, and analytics. These technologies have many benefits. They can help reduce efforts in lower-risk areas, and allow managers to focus their energies towards real threats that threaten critical parts of the company.
* Aligning business strategy and risk policies. Many failures in risk management are due to the wrong policy supporting the wrong strategy. Collaboration is key to achieving consensus among business lines and across the enterprise on risk management. Collaboration helps to reduce duplication.
* Be proactive, not reactive or passive. Managers of risk need to do more than just identify and mitigate possible risks. For example, they can tap into other data sources to find digital signals that could indicate future problems. These data can be turned into insights using new technologies that uncover previously unseen business opportunities or threats.
Another consideration is that risk leaders spend a lot time analyzing how the function is organized and where it fits within an organization. Although there is no one-size fits all solution, the fact that risk managers were able to work effectively in a highly decentralized environment during the pandemic shows how this issue has become a bit of a distraction. While enterprises need central controls, they also require what we refer to as “sensors at edges”, which provide objective input from the front lines.
While organizations are still dealing with the consequences of the pandemic’s effects, many are starting to plan for what “business as usual” will look in the future. While better risk management won’t always spot the next disruptive event, it can help to accelerate and shape an organizational response to what lies ahead.