Recent research revealed that 87% of board members believe market disruptions are becoming increasingly frequent, and 83% say they are increasingly impactful. At the same time, 79% believe risk management will be critical in enabling their organisations to protect and create value in the next five years.
In this podcast, Dr Sabine Dembkowski, Founder and Managing Partner of Better Boards, discusses the risk environment with Zahra Cassim, CEO of Corporate Secretaries International Association (CSIA) and David Samy, Consulting Partner at EY Hong Kong.
"There's often not enough time on the agenda to deal with what might happen in the future"
Zahra explains that there has previously been a general lack of board focus on risk oversight. Risk has tended to be driven and managed in functional silos, resulting in a lack of a structured approach to collecting and analysing risk information. This has been compounded by the underutilisation of technology and the right tools to analyse those risks. Finally, there can often be poor communication of risk from business units through senior management to theboard level.
"What the boards need to do is to prepare for a GREATER range of disruption and risk"
David believes that risk fatigue may occur in a lot of organisations. The risks are very clear, but where the board is inexperienced and there is a lack of guidance or stewardship, the board can lose focus, and be unable to give long-term risks the attention they deserve.
"Risk management programmes have not caught up and have remained a very high to be static"
David cites a 2020 survey of boards' confidence in their organisations' ability to counter cybersecurity threats was at around 20%, but by 2021 this had dropped to 9%. He explains that this is an alarming decline and has a lot to do with how risk and risk management programmes are being run at present. Digital modernisation has accelerated within most organisations in the recent past, but risk management programs have not really caught up.
"Risks are managed in silence, and so very often not communicated to the board"
Zahra explains that one of the critical tasks of the Corporate Secretary is to consolidate information, ensuring that the board is fully aware of all risks when making decisions. But they also need to ensure they integrate risks into their strategy.
"There's always a solution for every situation"
David offers some practical tips. First, start with driving awareness at the board level, by identifying a risk steward, a role the governance professional or Corporate Secretary can play. His second tip is unlocking the value of ongoing digital transformation by tapping into Governance Risk and Compliance (GRC) technology to create a single view of risk across all functions, leverage available data sources, and simplify the process, while enabling a common risk ecosystem and shared focus across the organisation.
The three top takeaways from our conversation are:
1. As trusted strategic advisors to the board, governance professionals are uniquely positioned to help the board align strategy to the regulatory landscape, technological advances, and ESG-related concerns.
2. Corporate Secretaries are increasingly approached to facilitate enterprise risk management. Their understanding of business concerns and organisational culture and their ability to be the bridge between the board and management is valuable in risk assessment and management.
3. To unlock the value of technology while minimizing its risks, governance professionals must successfully build a digitally savvy and technologically advanced foundation for corporate governance.