There's so much rich insight coming out of the academic sector that HR professionals need to know. At Academics' Corner we feature the best HR researchers that tell you what they’ve found and what you need to do differently on the back of the research. Get connected to the academic sector through Academics’ Corner and make sure you never miss another piece of key research again. If you’re an academic with a relevant story, please get in touch on [email protected].
Risk management has been climbing back up corporate agendas ever since the global financial crisis. The events of 2007 and 2008 provided businesses of every kind with a world-shaking illustration of what can happen when this crucial consideration is somehow allowed to slip off the radar.
As with so many other facets of company life, boards have a vital role to play here. It falls to them to provide their organisations with the kind of strong and informed direction needed to navigate the challenges of doing business in the early 21st Century.
Amid ever-intensifying complexity and dazzlingly rapid change, it’s in boardrooms that the risk-management tone has to be set.
So how do boards view risk in an age characterised by unprecedented interconnectedness, ceaseless churn and technology-driven transformation?
This is what we set out to discover when we interviewed dozens of members of UK boards for a major report for the Association of Certified Chartered Accountants.
One of our key findings was that many boards habitually see risk only in terms of threats. In other words, they very seldom – if at all – see it in terms of opportunities. Their default option is to play safe.
Of course, it could be argued that such an approach makes perfect sense, particularly in light of the chaos of a decade ago.
Yet the fact is that today, in an era of unparalleled innovation and entrepreneurship, taking no risk whatsoever often represents the biggest risk of all.
Just as the global financial crisis highlighted the dangers of ignoring threats, so Kodak’s downfall highlighted the dangers of ignoring opportunities.
Risk aversion and a snapshot of corporate calamity
The corporate environment has become so fast-moving and so intricate that companies routinely find themselves enveloped by uncertainty. A desire to create the very opposite – certainty – is therefore in many ways understandable.
This is why some boards treat risk management almost exclusively as a matter of risk aversion.
Yet the history of business has been punctuated with harsh lessons about the perils of such a philosophy. One of the most infamous is the story of Kodak, the company that engineered its own demise.
A long-established giant of analogue photography, Kodak invented the digital camera in 1975. It patented numerous technologies, many of which are still used today. Despite its breakthrough, it decided that the products on which it had built its name would continue to carry the firm forward.
What might be used as a business enabler is instead treated as just another tedious manifestation of bureaucratic red tape.
It wasn’t until 1995 that Kodak officially entered the digital market, and even then its effort was half-hearted. Ten years later it launched a camera with a wi-fi facility and then withdrew it in the face of disappointing initial sales – spectacularly failing to presage the craze for photo-sharing.
In 2012, having never recovered from its earlier disinclination to take risk, Kodak finally went bankrupt – killed off by an innovation it had pioneered. The company’s yearning for what it saw as ‘certainty’ proved its ultimate undoing.
Although it’s right to concede that not every determinedly risk-averse business will meet the same catastrophic fate, the Kodak saga underlines the importance of striking a balance. Just as the global financial crisis highlighted the dangers of ignoring threats, so Kodak’s downfall highlighted the dangers of ignoring opportunities.
Overcoming the barriers to opportunity
So what are the principal barriers to adopting a more strategic approach to risk management? According to our research, the main hurdles include insufficient time, organisational difficulties, a ‘backward-looking’ focus and a belief that criticism and dissent aren’t welcome.
In tandem, it’s apparent that many boards regard risk management merely as a box that needs to be ticked for regulatory and compliance reasons. This means that what might be used as a business enabler is instead treated as just another tedious manifestation of bureaucratic red tape.
Such a mindset is unworthy of a board that hopes to bring about long-term sustainability. Guarding against potential loss is one thing, but guaranteeing that risk management can never serve as a means of enhancing performance is something else altogether.
Our report makes a number of recommendations that we think may help promote a more positive and proactive attitude. They include greater board diversity, more emphasis on the future and less on the past, a richer array of perspectives and the incorporation of ‘critical friends’.
There are already many boards that make good use of these and other ideas. What’s essential now, as the business landscape continues to be reshaped at pace, is that best practice is recognised, shared and built upon as widely as possible.
Dr Cormac Bryce is a member of the Centre for Risk, Banking and Financial Services and the Centre for Research in Behavioural Sciences at Nottingham University Business School. The report discussed here, ‘Risk and Performance: Future-Proofing the Board’, was co-authored with Dr Simon Ashby, of the University of Plymouth, and Dr Patrick Ring, of Glasgow Caledonian University, and is available for download from the ACCA website.
About Cormac Bryce
Dr Cormac Bryce is a member of the Centre for Risk, Banking and Financial Services and the Centre for Research in Behavioural Sciences at Nottingham University Business School. His multi-method research spans from human behaviour in financial organisations to the effect of regulation on organisational behaviour within the healthcare industry.
Current research interests include: demutualisation and the efficiency of large UK banks, risk in financial institutions, benchmarking of operational risk management functions, psychological predispositions within call centre staff to risk reporting and risk focussed corporate governance decision making.