March 17, 2017 Understanding risk
What is risk? It’s an interesting question and one which is not always simple or straightforward to answer. In many ways risk can be coloured by perception, experience and planning. Is it risky to climb a tree, to invest thousands on the stock market, to set out on a new business venture?
What I perceive as risk may seem normal everyday life to you and vice versa. More importantly, how I react to a perceived risk will also vary according to outlook and experience. For example, a colleague’s son in his first few weeks at primary school was not interested in climbing trees in the playground, seeing it as too risky an activity. By the end of his time at school he had become the leader in tree climbing activity, passing on his experience of safe climbing techniques to others.
In this instance risk was initially seen as a barrier to activity; but through experience, through understanding and finding ways to mitigate the risk, the barrier was removed. It’s a lesson which we would do well to bring into our business lives. It can be all too easy to use risk as a get out clause, as an excuse for a lack of activity, rather than a challenge to be overcome.
That’s not to say that all risk can or should be circumvented through planning. There are times when the perceived outcome is simply not worth the risk to the business, its people or third parties. Knowing the difference between risk which can be planned for and risk which should not be taken is one of the key attributes of good leadership. It’s also why risk management and internal control form part of the twelve guiding principles of corporate governance.
It’s hardly surprising therefore that the FRC has turned its attention to the management of risk as part of its remit to enhance the dialogue between companies and investors. The FRC’s Financial Reporting Lab (the Lab) has called for listed companies, investors, and analysts to take part in a project looking at risk and viability reporting. The project is designed to examine how companies identify their principal risks, the controls they put in place to mitigate those risks as well as the way in which risk is communicated. Along the way the review will take in areas such as the link between risk and strategy, the approach to modelling and stress testing, and how investors use risk disclosures and viability reporting to inform investment decisions.
No two organisations will see risk alike. Nor should they, with the risk appetite arising out of the defined strategy and values of the business. Communicating the way in which risk is perceived and mitigated is therefore vital in order to have a robust and open dialogue with investors.