Last time we looked at the various aspects of risk and put forward a series of definitions to focus the mind on the facets that can be termed risk.  Is risk good or bad and how as managers we need to answer that question on a case by case and event by event basis.

 

Risk Management Defined.

 

The introduction of risk management as a professional discipline means that a more concise definition of the process is required.

 

Risk management is a discipline that enables people and organisations to cope with the possibility that future events may cause some harm.

It is the identification, analysis and economic control of those risks that threaten the balance sheet (assets and liabilities) or earning capacity of the organisation.

 

Identification of risk is the most important process.  All risks that threaten the organisation must be identified.

 

Managing risk must have a significant impact on maximising profitability by protecting and enhancing an organisation's bottom line!

  

Methods of Managing Risk

 

Five methods are used to manage risk: -

 

1. Avoidance. This method can result in opportunity loss.2. Retention. Risk retention can be both active and passive.

 

Active risk retention is a conscious decision to retain risk, such as self insurance.  Managed appropriately it can save money for the organisation.

  

Active risk retention may also be the result of inadequate availability of commercial insurance or the high prohibitive cost of insurance premiums.

 

Passive risk retention is the retention of risk due to ignorance, indifference or laziness.

  

It often has the potential for destroying the organisation.

Retention can be a useful technique for handling risk in a modern corporate risk management program.  It is generally used for high frequency, low severity risks where potential losses are relatively small.

 

3. Non insurance Transfers. This technique results in risk being transferred to a party other than an insurance company. It includes transfer of risk by contracts, hedging price risks and incorporation of a business firm.

  

4. Loss Control. Loss control consists of activities undertaken by the organisation to control the frequency and severity of losses. It has the objective of loss prevention and loss reduction.

 

5. Insurance. This has traditionally been seen as the most practical method of handling risk. It includes risk transference, the pooling technique and the law of large numbers in its application. Cost of insurance can be excessive and many multinational corporations are continually seeking new methods of cost reduction in the risk financing process.

 

Who Should Manage Risk?

 

When we consider the management and control of organisations, especially multinational corporations, the first reaction tends to be one of centralisation, i.e. the corporation will be able to manage more effectively from a centralised head office, especially in terms of costs.  This may be true from some perspectives, especially in some aspects of treasury such as cash management, but it cannot be true from a corporation's total risk position.

 

The optimum place for risk (not risk financing) to be managed is at the point that the exposure to risk occurs.  Most risks faced by a corporation are best managed in a decentralised way within a centralised policy coordinated by a professional risk manager.

 

The risk manager should be a coordinator of the various tasks associated with the identification, analysis and economic control of those risks which threaten the assets or earning capacity of the organisation.

 

The risk manager should provide loss prevention methods, techniques and resources to the line manager to enable the associated risk to be controlled and managed.

 

We cannot all be experts in every area of the technical and financial aspects of a business.

 

Risk should be managed as a whole using a number of managers as a team.

  

Risk Financing

 

Risk Financing is concerned with the most efficient way of covering the financial cost of managing risk.  It tends to be result of previous decisions made in the risk management process including: -

 

1.         Risk Assessment       What can go wrong?

2.         Risk Control               What can we do about it?

3.         Risk Financing            How do we pay for it?

 

Although line managers are able to control and manage risks at the "coal face", risk financing is best managed in a centralised manner by the risk manager.

 

Line managers do not necessarily have the information to know if:

 

The exposure to risk will actually lead to loss rather than benefit. Not having a loss should also be considered a benefit.When the exposure to risk result in loss.How large the loss will be.

 

The organisation's interest can best be protected by centralising the risk financing process so that cost efficient risk financing can be undertaken.

 

The risk manager should have the primary role in establishing  loss financing techniques by smoothing out the cost of loss financing over a period of time.  This will no doubt exceed the normal (annual) pollening horizons of line managers and will produce efficiency through the financial strength of the organisation.

 

Traditional participants in risk financing include the insured, the insurer, the reinsurer and intermediaries.

 

Risk financing must take into account a number of forms: -

 

1. Insurance; covering hazard risk funding such as property, crime, liability, life, etc. The limitation of this approach is that it is too focussed on insurance products.2. Public Policy; covering macro risk assessment such as environmental issues. This process tends to be too concerned with assessments and there is a lack of progmatics financing solutions.3. Financial; covering financial risks such as interest rates and foreign exchange rates. Its limitation is that it is too narrowly focussed on specific risks and funding tools.4. Safety and Security; covering risk control such as safety and quality control. The limitation with this is that it is often too moralistic and unrealistic with regard to cost.

 

The risk financing approach must consider: -

 

general management theory,insurance management and risk funding,macro risk assessment and decision risk theory,quality assurance methodology for products and services,loss prevention, safety and security engineering,crisis or contingency planning andfinancial engineering using derivative products.

 

Components of Risk Management

 

The risk management process must integrate, impact, inform, interpret and influence practices within the organisation.

 

A proactive approach to risk management is not just a reliance on good practice, or the creation of systems.  It is a process of managing risk.

 

The traditional approach placed great emphasis on insurance.

 

Insurance does nothing for risk!

 

Insurance only provides money to offset loss, the result of risk.  It is, however, an important risk (loss) financing tool.  In some instances, it is the only way an organisation can handle the consequences of being exposed to certain types of risks.

 

A common sense approach must be adopted.  The first approach is for the organisation, especially the Board of Directors, to be provided with an understanding of all (major) risks faced by the organisation.  They must fully understand the risks that need to be managed, their impact and the need to implement the various risk financing measures.

 

The basic components include:

 

1. Risk Management Policy.

 

The policy should be approved by the Board of Directors and should outline the broad objectives to be adopted in the risk management process.

 

It should consider the role of risk manager, its level of seniority and the level to whom the risk manager reports.

 

Risk management should be a negative compromise.

 

2. Risk Management Process.

 

This must define the basic steps to be followed is risk is to be managed.  Risk identification such as physical inspection, check lists, flow charts, hazard indices and hazard operability studies to name a few.

 

This is not a static concept.  As discussed earlier, risk is a dynamic concept that operates in a circular fashion.  It is an ongoing process.

 

3. Administrative Support for the Risk Management Process.

 

The risk management process cannot operate with inadequate resources.

 

Organisations providing inadequate resources are considered to be providing only "lip service"to the concept of risk management!

 

Risk Measurement.

 

Risk Measurement provides information to enable management to make more informed decisions about actions to be taken, especially in the areas of: -

 

risk financing,value of insurance,retention levels,premium allocations.

 

It should measure the total impact of risk on the organisation including the number of events, their cost, their frequency (historical and potential) and their severity (historical and potential).

 

The traditional measure of risk is in terms of frequency and probability.

 

The analysis must be understandable.

 

Risk measurement can best be highlighted in pictoral form rather than in the written word.  Graphs, frequency curves and loss layers are useful methods of conveying the impact to risk management to personnel within the organisation, especially the Board of Directors.