The rise of risk management in Asia

Asia continues to attract growing numbers of investors striving to capitalise on the many opportunities being created in the region. In fact, the global professional services company Towers Watson says it is such fertile ground for growth-oriented organisations that the Asia Pacific will represent 40%of the world’s GDP within the next two decades. That’s more than the US and EU combined.

Such growth inevitably brings challenges, threats and risks, which is why calls for stronger and more efficient risk-management systems in the region are growing louder. At present, the standard of risk management varies greatly from country to country, a situation that the Institute of Risk Management (IRM) has indicated it is interested in improving.

The IRM’s head of thought leadership, Carolyn Williams, says it all starts with the family of standards relating to risk management known as ISO31000. “[This] is viewed as the world standard in risk management,” she says. “It has started to be written into corporate governance codes and has influenced a lot of the training on offer, bringing terminology, approaches and processes in line across the world.”

Williams says that many countries in Asia have adopted ISO3100, but as in Europe, there’s still “a lot of variability”. “Some organisations, particularly if they’re committed to standards in other sectors, will be used to working to systems and processes – it is integrated into their culture,” Williams says. “But other businesses don’t think in those terms so they will be slower to adapt.”

Improved practices

Mohamad Mohamad Zain, the vice president of group business assurance at Telekom Malaysia and chairman of the Malaysian Risk Management Association (Marim), says that since Standards Malaysia adopted ISO31000, risk-management practices and benchmarking have improved. “With MS ISO31000, it really helps to accelerate the institutionalisation of enterprise risk management since all companies are using a single standard and framework where benchmarking among peers can be done actively,” he explains. “Having been involved in finalising the ISO31000 standards, I truly believe that other countries in Asia Pacific should actively convert their risk-management framework to ISO31000.”

The IRM has also expressed its interest in helping to develop a certification framework for risk management in the region. Certification programmes are currently offered by associations such as the Asia Risk Management Institute in Singapore and Marim, but there is much scope for expansion and improvement in this area.

Local interest

There is also a great deal of local interest in such programmes. The chairman of the newly launched Pan-Asia Risk & Insurance Management Association (Parima) Franck Baron believes that there is a stronger demand for professional certification in Asia than in Europe or the US. “There is definitely a need for official recognition for the risk-management community,” he says. “So this certification project is for me a must-do.”

Baron, who is also the general manager for risk management and insurance at leading international healthcare, medical assistance and security services company, International SOS, believes that professional certification is a way for risk managers to have a better platform to convince their management to develop risk-management frameworks. “It’s also for people who are a little less comfortable to champion this to get a better facility to convince people that they deserve to get a larger scope of responsibilities,” he says.

Baron says that Parima is currently looking at developing local and regional conferences with technical workshops, webinars and white papers for risk managers in the region. “[Parima] can help them to develop skills through an education program and we can help the position of risk managers to be appropriately recognised in organisations through professional certification,” he says.