Risk Management Reports

February, 2001
Volume 28, No. 2

Feedback

To paraphrase Water Rat's admonition to Mole in Wind in the Willows, "believe me, my young friend, there is nothing - absolutely nothing. . ." as rewarding for a writer than feedback from readers. In the last two issues of Risk Management Reports I addressed some challenging issues, from risk management myths to the critical problem of governance. I've received numerous responses from France, UK, Canada, Australia, New Zealand and the US and I share some of them with you.

January, 2001 First, comments on my suggestions for structure, leadership, and communication of risk and risk management within organizations. The Aussies dominate this section. Barry Leithhead, a Glenorie friend and consultant, writes ". . . I find that organizations are so different in how they approach risk and (that) the risk and audit (and quality, safety, environment, etc.) professions are so entrenched in their stances that a prescriptive remake is almost impossible. So for me, it depends on where the organization is situated, how good the specialist risk and audits functions are - who has the power, the momentum, the client base, the corporate 'respect' - and how to put together the strategic alliance and risk management program. The methodology part is easy. I take a good slice of the AS/NZ Risk Management Standard, all of the Competency Framework for Internal Auditing, one or the other of the COSO and CoCo Control models, the Methodware (NZ) Risk and Control Assessment software, and then mix, stir, shake and serve. What I am still learning is not to aim for the stars. The Risk Assurance program has to be styled to suit the current abilities of the organization and placed on a development pathway for continuing improvement." Here is a thorough pragmatist at work!

Carolyn Crompton, who works for Chevron and is the immediate Past president of ARIMA (the Australian Risk & Insurance Management Association) and the current Chairman of FAPARMO (the East Asian RM group), supports my stress on communication and inter-disciplinary cooperation: ". . . we need to communicate rather than see efforts and progress made in one part of the world being totally ignored and scarce resources wasted in re-inventing the wheel. I honestly see Communication (or the lack of it) as one of the major obstacles facing the future of risk management. I also personally feel that sometimes we - the various industry bodies around the world - have too much the spirit of competitiveness rather than cooperation, notwithstanding the wonderful personal relationships that have been forged amongst many people over many years. I think if we could seriously not worry about who was first past the post with a particular initiative and instead leverage off that initiative, then our various members and the profession generally would be much better served."

Sydney's Barry Richardson also believes in embedding risk management within the organization: "You identify a systemic situation that needs to be managed proactively. In my opinion, a situation that must be avoided in 2001 is the proposal to institutionalize risk management in a way similar to the quality systems movement. . . . Risk management, as in the Australian Standard, needs to be relevant in the widest community context . . . and not become the exclusive domain of consultants or become a trading barrier. . . . I argue that, for efficiency and effectiveness, the risk management process should be embedded in the organization's 'core competency.'"

These three comments on risk management and governance were echoed in an article in the December 2000 issue of Internal Auditor, by Richard Steinberg and Deborah Pojunis. They report on a study from PricewaterhouseCoopers commissioned by the Research Foundation of the Institute of Internal Auditors that lists eight key responsibilities of corporate boards. "With the possible exception of strategy," they write, "the topic most discussed at the board level is risk. Directors have seen how some of the world's best-known companies have endured great pain associated with unanticipated risk, ranging from product failure to blunders with legal or regulatory compliance to technology or physical disasters. . . . Successful companies view risk not just as a hazard, but also as a continuum, moving along the spectrum from uncertainty to opportunity. Effective boards recognize that every company is in business to take risk, and taking too little can be as dangerous as too much."

December 2000 Here the comments come from Europe. Schlumberger's Chris Lajtha (Paris) has appeared in these pages before (see RMR October 1998). On my first Icon that "risk is bad," he notes his admiration for the distinction of David McNamee and Georges Selim (see RMR November 1999) that "risk management is a misleading phrase. Risk is never managed, since it is a conceptual property. It is the organization that is managed in anticipation of uncertainty." Chris adds that "it is more useful/realistic to speak of deviation in terms of 'ranges of expected outcomes' than the 'expected.'" Chris agrees with my demolition of Icons 3 and 4 ("Risk Management

is the Responsibility of Specialists" and "Risk Can Be Transferred") but takes issue with my assertion that we should serve stakeholders, not just shareholders. " I understand the wider stakeholder constituency recognition, but I do not agree with the way in which you have dismissed the idea of risk management contribution in terms of shareholder value. There is no question that the opportunities created by global connectivity and the development of a global market place are accompanied by new imperatives and, even, constraints. Management of the wider stakeholder interest in any high-profile organization is a requirement, and such management manifests itself. . . in a new style and nature of communication - not least about risk and reward over various time frames. Your attack, however, on shareholder value creation as a significant management objective for publicly-held companies, and supported by effective risk management, is not convincing."

He goes on, "You make a similar mistake in equating shareholder value solely to current share price. Share price describes a market valuation of a stock company at a moment in time only - in a global market place driven by perceptions & misconceptions; truths and half-truths; computer-programmed trades; insiders and outsiders; short-term punters & long-term pension fund administrators; and arbitrage traders who are equally interested in movement in either direction so long as there is movement. I suggest that very few risk management professionals [other than those who trade in, and attempt to drive, the stock markets] would consider that their contribution to their organization is measured directly by increase in share price."

"Share price is a spot indicator of transaction value. It is subject to market sentiments/swings that can be unrelated to the underlying business activities; and can be manipulated by short-term earnings inflation and/or asset depletion. The sustained creation of shareholder wealth addresses a completely different time frame and introduces important additional metrics. Shareholder value/wealth creation potential can be perhaps most usefully measured in terms of the present value [preferably risk-adjusted] of future cash flows generated by all the various activities of the company. Shareholder value can also be described in terms of economic value added - the difference between the weighted average cost of capital and the return that the subject capital generates. Neither EVAs nor discounted cash flows are exclusive metrics of shareholder value, but they are possibly the most useful pairing that I have found."

I raised the question that shareholder value had little application to nonprofits, mutual, and governmental organizations. Chris responds: "The point may be valid but of limited utility because you are not applying the appropriate metric. Efficiency is the common thread for both profit and nonprofit organizations - efficiency in access and use of capital to (a) grow shareholder wealth [capital appreciation + retained earnings + dividends], and/or (b) maintain uninterrupted and cost-effective public services. Efficiency in the context of a publicly held company means optimal use of capital in such a way as to create sustained growth of shareholder wealth. Effective capital management - which is another way of stating effective risk management - contributes to the ever-changing dynamic between short, medium and long-term objectives by providing tools and techniques for facilitating decision-making about uncertainty over all three time frames."

I do like his idea of "efficiency," but how do we measure it?

Chris concludes: "There is no question in my mind that such sustained growth cannot be achieved at the medium / long-term expense of the non-share-owning stakeholders. The importance of linking economic value to social values has been eloquently described and demonstrated in recent KPMG, E&Y and McKinsey studies. Risk management has a role to play in facilitating the linkage when addressing management of, and communication about, uncertainties. I don't disagree with your thesis. I just don't think that your treatment of the concept of shareholder value was balanced or realistic for practicing risk management professionals."

Finally a note of humor and fallibility! In December, the combined forces of your editor, copy editor (my wife Ann), and the printing house failed to correct the misspelling of the month atop all six pages. This error had its bright side, however, as it spawned a delicious limerick from the poet laureate of Captive Insurance Company Reports, Hugh Rosenbaum, in London:

While breaking up icons, the sage
Makes minor mistakes in his rage.
Like the one in December
We'll always remember,
Repeated on (Ann?) every page!

Marriage has many virtues and one not often remarked upon by bachelors is that it helps to persuade a man that he is neither omniscient nor even infallible. A husband has but to utter a wish for it to be denied, countered, crossed, contradicted; or to hear the word BUT, followed by a pause, a very short pause in general, while the reasons that this wish should not be observed are marshaled - it is misconceived, contrary to his best interests, contrary to his real desires.

Patrick O'Brian, The Nutmeg of Consolation
W. W. Norton & Co., New York 1991

Copyright H. Felix Kloman and Seawrack Press, Inc.

Return to RMR Table of Contents
RiskINFO Home Page
Additional Topics This Month and Archives
s