In the past 15 years, risk management has undergone a period of significant adaptation, but the profession is still striving for more board engagement

Since StrategicRISK launched in 2000, the corporate risk landscape has transformed and expanded considerably, especially thanks to the advent of digital technology and globalisation.

The rapid and unrelenting pace of change during this time has subsequently raised the profile of risk as firms have become more global in their operations and, therefore, more exposed to risks.

The nature of risk has also diversified, with intangible risks, such as cyber and reputational damage, emerging as major threats to businesses. This period of change has had a significant effect on the risk management profession in terms of its shape and position within corporate strategy.

Moreover, a number of global events in the past 15 years have had major consequences for risk professionals, including: the Enron and WorldCom corporate accounting scandals in 2001-02, the 9/11 terrorist attacks, the 2008 financial crash and an unusually high number of high-impact natural disasters, including Hurricane Katrina in 2005 and the 2011 Tohoku earthquake and tsunami in Japan.

Heightened awareness

These events, among many others, and the advent of digital technology have led to a general heightened awareness of risk, according to International Federation of Risk and Insurance Management Associations (IFRIMA) chair and chief risk officer at Katoen Natie Carl Leeman. However, Leeman says the risk management community can do much more to improve its perceived value to corporate strategy.

“At most firms, an increased awareness of risk has not led to a sufficient improvement in the profile of risk management,” he says.

Leeman is concerned the profession lacks the appeal needed to attract young talent and believes the risk management community has missed opportunities to promote its value at board level. Perhaps part of the difficulty that risk professionals have encountered in communicating with the board is the lack of a universally accepted definition of risk management.

Airmic chief executive John Hurrell (pictured) says that, 20 years ago, the profession was amorphous and it was therefore difficult to promote its strategic value. Moreover, he believes the risk management function has undergone a significant transition at many firms in recent years.

“One of the biggest trends in the past 15 years has been to move from a centralised risk team to an integrated model,” he says, before adding that the most dynamic firms maintain a central risk team to scan the risk landscape for emerging threats in a consultancy-like operation.

Such central risk teams comprise a “tapestry of professions” under the risk management umbrella, says Airmic board member and InterContinental Hotels Group (IHG) senior vice-president risk management John Ludlow.

Ludlow says his team at IHG exemplify the diversity of skills and specialist roles in a modern risk management team, such as ERM, risk financing, business continuity, safety, security and project risk.

“My team finds working together incredibly valuable. Together, [it is easier to] have one voice and being a coherent force within the company gives more power,” Ludlow says.

Leaders required

Ludlow, Hurrell and Leeman agree that for the profession to increase its influence at board level and inform corporate strategy, future risk managers must have the leadership qualities needed to manage larger teams and handle the corporate politics that inevitably comes with seniority.

FERMA president Julia Graham is confident that risk management will adapt to the volatile global risk landscape and prove its value to business strategy.

“Managing risk will increasingly be embedded in the development and execution of strategy. As the world in which risk management is practised evolves, so too will the risk management profession and risk managers will become risk leaders, an integral part of organisational governance,” she says.

The professional development of risk management is building momentum. FERMA and the IRM are each expected to launch a certification programme for risk professionals this year; meanwhile IFRIMA is leading an initiative to align global standards for training and education in risk management.

Establishing standards of practice through certification is widely considered a move in the right direction for risk management. Although there have been similar initiatives before, Leeman says that they were not approached on such a co-ordinated level as the current ones.

Maybe the community has been spurred by the global consequences of several unexpected events in the past 15 years, which have increasingly put the profession under the spotlight. Perhaps when StrategicRISK celebrates its 30-year anniversary the initiatives of FERMA, IFRIMA and IRM will be viewed as the springboard that helped establish risk management as a key component of corporate strategy.