How technology is reshaping risk managers' roles

As the tools and technology for reporting risk become ever more sophisticated, is it possible that the role of a risk manager could become redundant?

Seven West Media risk and audit manager Mark Wilson hopes not. But he agrees that technology is changing the scope of the profession.

Wilson is introducing a system that he estimates will cut the time spent on administrative tasks from 30% of his team’s workload to 5%, allowing its members to be more strategic.

“That’s where I see massive change. I hope it doesn’t make us redundant,” he says. “It actually can help create more relevance for risk management as a

profession, where we can go out there, do more value-added work and kick more goals.”

He adds that the automation of emails, reports and reminders is helping to drive a cultural change within the organisation: “It actually works in driving ownership of risks. If people get notifications and we stop hand-holding them, then the effect on the business is that they’re more accountable.”

Zurich Hong Kong head of proposition Hassan Karim agrees that technology should be viewed as an enabler. “I don’t see technology ever making the role of the risk manager redundant, especially given the need to interpret, prioritise and mitigate (where appropriate) the risks facing the business,” he says.

But audit personnel are at greater risk. “With the developments in both machine learning, robotics and the analysis of unstructured data, this could have more of an impact,” Karim says. “[But] there will always be the need to interpret the data and choose the best and most appropriate course of action.”

The case for Excel

In StrategicRISK’s Reporting Risk survey, respondents were asked to choose which tools they used for reporting risk. Some 85% chose desktop applications such as Microsoft Office and Excel, with only 20% choosing specialist risk software.

“[We] don’t need complex tools. It is the risk management culture and approach that matter most,” said one. Another remarked: “The amount of data [we collect] is still manageable using Microsoft Office.”

While singing the praises of his new technology platform, Seven’s Wilson is quick to defend the 30-year-old Excel program. “Even with the proliferation of data analytics, business intelligence, cloud computing, collaboration tools and what have you, Excel continues to sit alongside and even complement these other 

tools… and even if something better came along tomorrow, what would we all use to access the thousands of spreadsheets we have built over the years?

“Excel is still an essential tool that everyone has and everyone knows how to use,” he says.

Others lamented the use of outdated systems for reporting. “To consolidate over 100 risk registers using Excel could cause data manipulation,” said a respondent.

Another noted: “We are using MS Office to produce the reports, which takes a few days, but which could have been done with just a click through a risk management software system.”

Zurich’s Karim agrees that while desktop tools are “versatile and cost-effective”, they “are not purpose-built [for] risk management”.

He says: “The other drawback of such tools is that they can be quite hard to use for things like trend analysis and often they don’t support quick identification of key or emerging issues due to the way the data is presented and stored.

“I have seen more of a move towards the adoption of business intelligence tools and data analytic software to address precisely this issue as it allows for the creation of information/ risk dashboards around key indicators, allowing for quick ad hoc monitoring and analysis.”

But many risk managers in the StrategicRISK survey said budget restraints had prevented them purchasing specific risk management tools.

Wilson sympathises. He says: “We’re always thinking about how we can be more strategic and spend less time doing administration, but at the same time, not having big budgets for technology makes you think about it very carefully.”

A dollar value

Various reporting tools are available from brokers, insurers and software providers. But the latest risk tool to hit the market puts a dollar value on every risk a company faces and measures a return on investment for implementing different mitigation controls.

Developed by the Australian arm of Control Risks, a consultancy best known for its work in political risk, Risk Insights allows risks to be compared “as apples and apples” in terms of potential impact.

“You could never normally compare a cyber risk with bribery and corruption risk, for example, because they are completely different ball games,” says Control Risks associate director Allanna Skeels. “But now, because we’ve added a dollar value, you can compare all of your risks relative to one another and see the total cost of risks if they were to occur.

“Most companies have a certain amount of money to spend on risk management, and normally how it works is the person who’s the loudest in the room gets that money, or something happens and it’s in the media so that [risk] gets the most money.”

Skeels says that as a data and intelligence-based tool, Risk Insights helps a company make fact-based decisions on “attributing scarce resources to the worst problems in the most effective way”.