A new generation of risk managers will proactively seek out risk roles and careers; become the pioneers of new risk techniques through the use of AI; and become the c-suite’s go-to person. That’s the #ChangingRisk hopes for the future, according to Ferma’s Typhaine Beaupérin, and Gilbert Canaméras
How is the practice of risk management changing?
Typhaine Beauperin: FERMA runs a benchmarking survey every two years, which looks at the changing role and responsibilities of risk managers across Europe. We received the latest results at the end of 2018. They show that risk managers have become more collaborative and are working better together with different parts of a business.
For instance, we’ve seen that collaboration between risk managers and the IT department has really developed and risk managers are working together with the business units to better understand operational risks.
But one area where there is room for improvement is in the relationship between risk managers and the C-suite. This is starting to get better – two-thirds of risk managers surveyed said they had some sort of relationship with senior management. But it is critical that all risk managers develop this relationship and have access to the most senior people in an organisation, so that they can really explain to management what the operational risks are and the options for mitigating them.
Another trend is that risk managers are beginning to use more and more technology. For example, 9% of those surveyed said they use artificial intelligence (AI) – that’s a small number but it’s growing.
And what is interesting is that risk professionals are also supporting their companies in the use and development of this particular technology. They are assessing the risks and the opportunities before the company introduces new technology, which I think is a good sign of how the role has evolved.
Gilbert Canaméras: I agree that this is what the survey has shown, but at the same time, I wonder, to what extent this reflects the reality of the risk management profession when we look at the profile of our risk managers?
At the moment, there is still a lot of insurance risk managers. While of course they are using more AI and working with IT – particularly because cyber risk is growing – I am not sure that this population can easily talk to the c-suite. We are starting to move in this direction, but [developments] are not so big.
So, what can risk managers do today to get much closer to the c-suite and influence the management of risks?
Gilbert Canaméras: The first point is communication. We need to get much better at explaining the benefits of risk management to the c-suite and showing how it can support the development of the company.
At the moment not all senior management and board members are clear on what risk management can do. For instance, there is some confusion between internal audit and risk management. So, we need to find a way to explain the benefits of risk management at a strategic level.
To achieve this, we need to elevate the profile of the risk manager. This is why we at FERMA have developed the professional certification programme, rimap. Enabling risk managers to get this formal recognition of their skills can help them build their profile within a business.
Typhaine Beauperin: Risk managers need to be able to talk about their roles in a way that looks at the future of the company and assesses what is already there. There needs to be clarification of ‘what risk management is’ to the c-suite and we need to communicate more with them.
There may also need to be a shift in the way that risk managers present themselves. They need to clearly demonstrate that they are professionals who can help to support the strategy of the company.
Buying insurance is one way to manage risk, but risk managers can also empower themselves to play a wider role and certification is a way to show that they are professionals.
When managing risk, it’s crucial to have professionals in charge, especially when we live in such a complex and volatile environment. It’s very important that risk managers take this opportunity to show that they have the skills to support the business.
What are your hopes for risk management in 10 years’ time?
Typhaine Beauperin: My dream is for risk management to become a profession of choice. That students can work towards becoming a risk manager.
At the moment, people still tend to move into the role from elsewhere within an organisation, or transition from another profession, such as insurance or engineering. While there are lots of experienced risk managers, we need to encourage more of the new generation to join the industry for the very reason that risk management is what they want to do as a career from the outset.
Gilbert Canaméras: The techniques that risk managers use will change, especially because of the growth of AI. Skills such as risk mapping will become automatic and the risk manager will need to be a professional who can be more strategic. They will have to analyse and explain what AI is showing and give a holistic view to high level management of the risks that an organisation faces.
Risk management is at a crossroads. Some will update and improve their skills, especially in terms of technology and communication. They will be enterprise risk managers or even chief risk officers. Others will continue with a more technical role, where they will use their expertise on the transfer of risk through insurance and perhaps other types of financial instruments.