Risk Management Insights

I want to join the BLOG

04/06/2018 / ERM, Risk Manager, KRIs, Press/Media

What we can all learn from the APRA prudential inquiry report into the CBA

Taking Risk Management to the next level 

The APRA report of the prudential inquiry in the Commonwealth Bank of Australia (CBA) was issued on 1 May 2018 https://www.apra.gov.au/media-centre/media-releases/apra-releases-cba-prudential-inquiry-final-report-accepts-eu. On the following day, I was flying from Sydney to Perth and downloaded the report to "skim" read the key points on the flight.

I began reading on take-off and on landing 4 hours later, had completed the full 111 pages. I could not put it down.

Rather than a negative feeling of what we are doing wrong, I saw instead a rich source of information that we can use to take risk management to the next level.

On page 5, the report states:

"The Report that follows may read as a long catalogue of shortcomings. That would be too narrow a read. The Panel acknowledges the undoubted financial strength and acumen of the CBA, its global standing, and the avowed commitment of staff to servicing customers. CBA needs to translate this financial strength and good intent into better meeting the community’s needs and the standards expected of a systemically important bank in Australia. The Report is a roadmap for this journey."

It is also clear that many other financial institutions accept that they could change the name "CBA" on this report to their own and it would be equally as valid. At Protecht, we see this as a must-read for anyone serious about taking their risk management to the next level. It is, as APRA states, "a valuable roadmap".

The following is a summary of the main lessons we can learn from the report, and also the main themes that run through the report. 

Read More

01/06/2018 / ERM, Risk and Reward, KRIs

Balancing the Voices of Reward and Risk

The financial services industry is under the microscope in Australia with the Royal Commission in full swing, and the recent APRA (Australian Prudential Regulatory Authority) report into the CBA (Commonwealth Bank of Australia).

Many sobering findings have been aired, but looking at this positively, the findings provide an excellent blueprint for the development of stronger risk management and business practices going forward. The APRA report is really a roadmap for any organisation wishing to raise its risk management to the next level.

Read More

18/05/2018 / Enterprise Risk Management, Risk Analytics, Risk Intelligence

Improving your insights into Risk with Historical Models

Enterprise Risk Management (ERM) software manages the processes and the risk related data that drive risk behaviour, including Risks, Controls, Issues and Actions, Incidents, Key Risk Indicators (KRIs), Audit Findings, Compliance Obligations, Risk Control Self-Assessment (RCSA), Compliance Questions, and Compliance Attestations to name a few.

Read More

03/05/2018 / Compliance Management, Enterprise Risk Management

Understanding Compliance Risk

Today, corporations and government agencies are facing an unprecedented wave of regulatory obligations and increased penalties for non-compliance. The financial services sector, as an example, needs to comply with a myriad of prudential regulations, federal privacy, AML/CTF, consumer credit and protection laws to name a few. Obligation registers now contain over 1,000 entries for compliance teams to deal with. In smaller organisations, these teams are often under-resourced due to compliance being a cost centre.

In this blog, we will discuss issues around some of the complexities of effective compliance risk management.

Read More

18/04/2018 / Risk Culture, Risk Management, Risk and Reward

Risk Management to Management? Is “Decision Support” the future?

Three key treasures of good risk management

The future of “Risk Management” would look brighter if we removed the word “Risk”. It is just “Management”. If “Risk” is “the effect of uncertainty on objectives”, Risk Management must be “managing the effect of uncertainty on objectives”. This is “Outcome Management”.  

Business Management involves making decisions aimed at achieving business objectives. Outcome management is therefore just management.

The future success of risk management relies on making it an integral part of management. This will only happen if risk management provides the right incentives. Humans and hence organisations run by humans, respond to incentives. Read related article: '10 keys to Risk Management Success'.

Psychologists have discovered that when a person is handed an unexpectedly hot cup of coffee, they typically drop the cup if they perceive it to be inexpensive but manage to hang on if they believe the cup is valuable.

Read More

27/03/2018 / Enterprise Risk Management, Risk Management, Risk Management Training

Enterprise Risk Management made Personal

PRM and ERM – use it in your Personal life

PRM? As we haven’t got enough acronyms in risk management already, I thought another one was required– right?  So, what is PRM? I just made it up – Personal Risk Management! 

They say charity starts at home – so why don’t we look at ERM, sorry PRM, in our personal lives? We can learn a lot from what we do well in our own lives and apply the same principles to our work lives and, bingo, we have good ERM working in our business!

One of the objectives of most people in their personal lives, I hope, is: To live a long and healthy life.

Read More

02/03/2018 / Enterprise Risk Management, Risk Culture, ERM

How to promote Risk Culture in your team

In a recent discussion with a colleague on preparing for 'black swan' events, we concluded that regardless of the size, type and structure of an organisation, it was having the right risk culture that was the key success factor in preparing for and surviving an improbable event.

Our view is that getting the right culture to support risk management across the business is the most important ingredient for success. But what actually is this thing called 'risk culture' and where can you get it? We believe that risk culture is the system of values and behaviours that are present in an organisation and guides all the decisions related to risk, made by management and employees. 

Read More

23/02/2018 / Bow Tie Analysis, Risk Management, ERM, KRIs

Effective Risk Management Tool: Bow Tie Analysis

Protecht loves Bow Ties, both formal and informal!  Bow Tie analysis has been around for longer than you might think. 

While some industries including oil, gas and mining have been using the bow tie consistently for years, at a broader level it appears that other industries, such as financial services, are also now realising the value of this simple yet effective risk management technique.

What does the bow tie do? 

Bow tie analysis provides a tool to identify and map out the different components of risk including root cause, risk events, risk impacts and controls. 

Read More

15/02/2018 / Enterprise Risk Management, Risk Management, Risk Analytics

Seven ways to improve your Risk Management Process using Protecht.ERM's latest features

This article is written with all the Risk and Compliance professionals like you in mind. Are you a junior, an analyst or a Chief Risk Officer? Your title really doesn't matter - we are sure you will relate to at least one of the challenges, questions, frustrations, and solutions we are sharing here - at least that is our goal!

My colleague, Stéphane Seguin, Head of Development at Protecht, and I are part of a team that develops technology responses to the problems and frustrations our clients face every day. We are constantly working to make their life easier by improving Protecht.ERM to make the risk management process smoother and simpler.

How do we do this?  By making the interface more user-friendly and improving the design every day.

This article explains the latest features we have added to Protecht.ERM and real scenarios that show how these changes can impact your job in a positive way. 

We have created seven features that respond to specific challenges you might be facing. Can you relate to some of the situations below? Have you ever experienced these issues? 

Read More

16/01/2018 / Compliance Management, Protecht News & Events, Risk Management

Compliance Management in the Aged care industry and more topics...

Interview with Robert James - A Personal story

As one of the leaders of Protecht, I am very fortunate for the opportunity to meet new people all the time. Those friendly conversations that happen at any major event or at any small meeting, are the interactions that shape my role and give me new perspectives on risk and compliance management. 

One of those entities that encourage valuable interactions is the Governance Institute of Australia. Twice a year I am invited by the New South Wales Chapter to present their Dux Awards for Risk and Compliance, a recognition that Protecht  has been sponsoring for the past 5 years, and has become a tradition for us to support. Coming to this event gives me the opportunity to talk to professionals from a wide number of industries and discuss the present and future of risk, compliance and governance.

Read More