<iframe src="//www.googletagmanager.com/ns.html?id=GTM-52FKDF" height="0" width="0" style="display:none;visibility:hidden">

Risk Management Insights

I want to join the BLOG

24/08/2016 / Compliance Management

Definition of Compliance. Essential Components.

Compliance-protecht.png

Compliance Framework – Other components: 
Attestations, Breach Registers, Culture

In a previous article we wrote about the Key Components of a Compliance Framework and the importance of the Obligations Register and the relevant rules. We mentioned as well, that once the rules are understood, other processes must be put in place to ensure the rules are met and that assurance is provided to senior management and the board. 

How can we achieve this assurance?

By implementing the following components in your compliance process:

  • Attestations - Compliance questions can be created from key obligations and distributed to staff and executives for regular and periodic attestations that they are compliant with the relevant obligations or their underlying controls. (Refer Fig 1).

    The objective of these questions is twofold; firstly, to remind staff of their obligations and secondly to give comfort to Executive Management and Board that staff are being (or at least trying to be) compliant with their obligations. Attestation reporting should aggregate responses by key risks and obligations and present the trend of compliance/non-compliance over time.

    Taking this process one step further may involve providing evidence of compliance to support the attestation. This may be achieved by attaching a document or equivalent to the attestation response. 

Read More

10/08/2016 / Risk Management Training, Risk Controls

Risk Controls! Going through the motions or providing real value?

Controls_blog_White.png
Controls to assist us managing risk have been around for thousands of years. Why – because risk has been around since the beginning of time. Our human instinct for survival has by necessity meant that we have had to try and control our environment and the risk contained therein.

Then the industrial revolution took the need for control to a new level as we placed large groups of workers together and added in a good dose of dangerous machinery and processes. As a result, we have grown to accept controls as an everyday part of our business lives. See an example of controls being implemented in our article Risk Management Controls in Tough Mudder.

Read More

15/07/2016 / Compliance Management

What is the definition of Compliance?

Key Components of a Compliance Framework – The Obligations Register

Compliance is an outcome of conforming to a rule. That rule may arise from an external source such as a law or regulation, or an internal source such as a policy, code or control. Compliance with these two main sources gives rise to external and internal compliance.

The issue for an organisation is how to conform to these rules? This is the key objective of a compliance function. This blog provides an overview of one of the elements that need to be considered when building an optimal compliance function.

Understanding what the relevant rules are – plain English Obligation Registers

Before we can consider conforming to a rule, we need to comprehend what the rules are and what they mean. For external compliance, this necessitates having an understanding of relevant laws and regulations and how they apply to our organisation. This is typically achieved through an Obligations Register that contains information such as:

  • Act or regulation
  • Sections of relevant legislation
  • Penalties for non-compliance
  • Frequency that obligation occurs
  • Obligation owners and interested parties
  • Risk rating
  • Compliance status
Read More

24/06/2016 / Risk Management Training

Why is Risk Training important?



Their perception, attitude, risk culture, engagement, behaviour and actions, with respect to risk management, will make or break the success of your risk management framework. It is the number one ingredient for success.

Developing and maintaining the right culture requires knowledge, understanding and skills. This can be acquired in a number of ways including: life experience; work experience; informal learning and structured training. Given the maturity of risk management in most organisations is at the early stages, structured risk training is the most critical. 

Getting a consistent view through specific risk management training gets everyone on the same page.

Read More

03/06/2016 / Operational Risk, Key Risk Indicators, Risk Manager, KRIs

How do Key Risk Indicators work?

stockmen.png
In February this year, I ran a blog highlighting the power of the human brain and its senses in acting as a personal key risk indicator (KRI) system for personal early warning risk awareness as we journey through this inherently risky world.

This blog looks at the potentially awesome power that a well-designed and well applied
KRI system can have in the business world.

KRIs have multiple purposes. The main one is to act as an early warning system to prompt initial investigation and response so as to deal with a risk early in its life. It helps a firefighting risk manager to become a proactive risk preventer. At a wider level, KRIs allow us to “measure” risk and incorporate risk into risk-based performance measurement, risk-based decision making and risk-based incentive schemes.

So how do KRIs work?

KRIs operate on the fact that as risk develops through its life, from root cause(s), through event(s) to final impact(s), red flags, symptoms and other evidence may be given off.  KRIs tap into this information and turn it into intelligence to then be investigated and acted upon to deal with the risk most appropriately.

Read More

20/05/2016 / enterprise risk management, Risk Management, risk appetite

When to Invite 'Good' Risk

 BLOG_Interview_pic_NBC_2-534307-edited.jpg

During this month we have been talking about Risk Management and Risk Appetite. NSW Business Chamber also interviewed Our CEO Alf Esteban on the value of risk management to organisations - regardless of size. We wanted to share this article with you; we hope you find it useful:

Don't just tick the box of risk management - think outside it.
It's where real value lies.

As kids we’re taught to avoid risk but embracing it may be the best thing you can do for your business.

Risk management is a day-to-day part of running a business, but many organisations are failing to manage their risk effectively, resulting in reduced productivity and even profitability. 

Look through negative perceptions

“There is a perception that all risk is bad in business and that ‘managing’ it is just about compliance,” says Alf Esteban, Chief Executive Officer of risk management company Protecht. “Consequently many businesses look at it as something they have to do, a box they have to tick, without seeing the value of it.”

In fact, placing a higher value on risk management is one of the best things you can do to ensure your business flourishes. 
Read More

06/05/2016 / Risk Management Training, risk appetite

Risk Appetite – The starting point of great risk management

Risk_Appetite_Blog_Banner-1.jpg

The concept of risk appetite has been around for a number of years now and many organisations have developed a form of risk appetite as part of their overall risk management framework.

The process is not easy, from deciding on how the appetite should be articulated and the exact content of the statement to how the risk appetite can be cascaded through the organization to be practically used in decision making and risk evaluation. These are all difficult challenges.

Read More

Bow Tie Analysis

Bow_Tie_Analysis_Banner.jpg

Bow Ties usually conjure up a vision of a formal event, to be used infrequently for special occasions.  For risk bow ties, nothing could be further from the truth.  Risk bow ties are ideally used by the business as everyday wear. So what are risk bow ties and what is the value of making them part of your everyday?

The Bow Tie principal to analyse and document risk has been attributed back to Royal Dutch Shell in the 70’s / 80’s.  Since then, oil and gas, mining and pharmaceutical companies amongst others have used the Bow Tie principle to explore and communicate risk. More recently, financial institutions have warmed to the idea, seeing the benefit of this simple, yet comprehensive method to understand and communicate risk.

The Bow Tie technique is a logical way to explore and communicate risk.  Its principles are simple, but the execution and presentation need care.

Read More

14/04/2016 / Bow Tie Analysis, risk appetite, Risk Manager

Are you a risk manager?

risk.png

I am often asked “what are the key requirements that make a good risk manager?”  My first response is “to be able to walk on water”.  Such is the required varied skill set of a good risk manager.

The roles and responsibilities of the risk manager are many and varied depending on the organization they belong to. I will use the example of an organization that has an independent risk management function where risk, and the day to day management thereof, is owned by the business. Let’s look at the key characteristics of the CRO and the staff of the independent function.

The main function of the independent risk manager is to review and challenge what the front line business is doing to manage risk. In addition, they should be seen as subject matter experts and assisters in developing and maintaining the risk management frameworks. They should be seen as value-adding and adopted by, and engaged with, front line staff.

What are the key skills and characteristics needed to be a success in this role? Here is my list:

  1. Risk management is to a large degree an art form. This requires a strong right hand (artistic) brain, able to cope with qualitative and inexact concepts and able to “see” into the future.
Read More

01/04/2016 / Commercial Credit Risk Management

Useful Tips to Improve Commercial Credit Risk Management

Operational_Risk_Management_4.jpgMaintenance and improvement of credit risk management practices by banks and lenders have become a top priority. Let us share with you some tips to improve lender's insights into credit risk and take appropriate measures to maximise the risk/return profile.

How efficient is your collection and monitoring of covenants?

1. Review and monitor covenants

Covenants are conditions agreed to by the borrower as part of a loan term in commercial loans.  If they are effectively monitored, it can provide lenders with an early warning of loan deterioration. 

Read More