Strategic Innovation and ERM
“Risk is a function of how poorly a strategy will perform if the ‘wrong’ scenario occurs. Thus, strategic risk management begins by identifying and evaluating how a wide range of possible events and scenarios will impact a business’s strategy execution, including the ultimate impact on the valuation of the company.”
- Michael Porter’s definition in his book, Competitive Strategy
ERM, or enterprise risk management, is not just about maintaining the status quo; strategic planning, within the holistic top-down framework, highlights whether a company is not balancing its risk appetite with its mission statement or value proposition.
There are three key areas that need to be addressed upfront:
- Define the goal of ERM for the company
- Define and integrate strategic goals with ERM goals
- Evaluate the current risk management framework and re-align it to be holistic in vision and execution
Goal of ERM
Defining the key goals for ERM is important. There are many companies that have extensive ERM frameworks without, unfortunately, a defined objective. The objective needs to be based on the mission statement of the company and how best to achieve the core mission through risk management. For example, the goal of ERM can be as simple as “Achieving the primary business objective within tolerable risk parameters.” As always, the goal of ERM has to be aligned with the mission statement of the specific business.
Strategic Goal Alignment
Once the goal of your ERM program is defined, one needs to identify and integrate the strategic goals of an organization to the ERM goals. It is critical to do so, since risk management and strategy have to work hand-in-hand to maximize utility and efficiency of the organizational resources such as data, analytics, market monitoring and deployment of resources. The key advantage over a disaggregated approach is that one can strategically consider the impact of various risk events and the strategic response to each. Further, strategic goal alignment also ensures that the risk appetite and expected returns are in sync with each other. It also promotes a return driven strategy, where risk management and strategic planning are both looking to maximize value for the stakeholder, while minimizing risk.
The realignment of current structures and risk management framework to the defined ERM and strategic goals become paramount at this point. Companies need to evaluate their structures and resources to ensure that they are integrated throughout the organization. One key task at this point is the education of staff and personnel at all levels to embrace risk management, and to create awareness of strategic goals. Since ERM takes a top down approach, companies often do not consider the importance of creating a risk culture throughout the company. In today’s interconnected world, a company needs to work as one organism to ensure that consideration of risk (risk appetite), from top to bottom, is in sync.
For example, something as simple as an incorrect rate sheet being used in the underwriting department of an insurance company can create a high-risk scenario; such a simple error can lead to regulatory fines, create discord with customers and clients, and hamper the company’s growth strategy. Therefore, it is critical to holistically realign and embed ERM throughout the organization.