Drives financial results and enhance business performance
Events over the last decade have fundamentally shifted the way organisations think about risk. As a result, companies around the world have made substantial investments in personnel, processes and technology to help mitigate and control business risk. The question does remain as to whether these investments will be able to prevent the next catastrophic event and whether companies are getting a return on their investments and are focusing on the risks that matter according to research conducted by Ernst & Young.
Yusuf Dukander, Project Director: Financial Services at the South African Institute of Chartered Accountants (SAICA) believes that the risk management and governance landscape will see an evolution towards better quality oversight by management and supervisory practices embedded in many organisations across diverse industries – worldwide calls for businesses to have more supervisory authority.
Lance Tomlinson, Ernst & Young’s Assurance Leader for Africa, says effectively managing risk can enhance a companies’ performance, stating that companies with more mature risk management practices outperform their peers financially. “We found that companies with the most mature or sophisticated risk management practices generated the highest growth in a number of financial ratio’s including revenue, Earnings Before Interest, Taxes, Depreciation and Amortization (EBITDA), EBITDA to economic value and return on invested capital. The study revealed that sophisticated risk management creates value, mitigates risk and optimises cost.
ERM might be viewed by many business owners as a stand-alone governance compliance, however; it should be seen as an integral part of an organisation’s strategy. Companies that effectively embed risk management practices into planning and performance management are more likely to achieve strategic and operational objectives.
Tomlinson advises that organisations need to effectively assess risks across the business and drive accountability and ownership. “It is critical for management to demonstrate the organisation’s strength of risk management to investors, business analysts and regulators.”
Dukander adds, the concept of risk governance can also be viewed as balancing the needs of all stakeholders with the risks associated inherent in the business. It also prompts management to adopt a culture of more risk reporting in an effort to drive profitability and the sustainability of an organisation well into the future.
The Ernst & Young survey, which assessed 137 global institutional investors reveals that 82% respondents were willing to pay a premium for companies that demonstrate successful risk management. Meanwhile, 61% will not invest where there is evidence of poor risk management and 41% would withdraw investment where there is a perceived lack of appropriate risk management.
Tomlinson says that for companies to derive financial value from ERM, they need to identify and understand the risks that matter. It is also important for organisations to differentially invest in risks that are mission critical to the company.
Dukander proclaims that fear is possibly one of the major driving forces behind the accelerated investment in Governance, Risk Management and Compliance (GRC). “Today, companies operate in a more volatile risk environment than ever before. They face increased demands for more timely and insightful information from stakeholders who will not tolerate risk management failure.”
In a survey among companies across Europe, the Middle East, India and Africa, Ernst & Young found that nearly 70% of organizations are highly reliant on their GRC activities as a safeguard against failure. Interestingly, however, this spending and dependency is not matched by the value that business leaders think they currently get from GRC. Over two-thirds of all respondents indicated that more work was needed to enhance their GRC functions.
External stakeholders are more dissatisfied with the quality of GRC than companies’ own operational management and business leaders, with 79% or respondents stating that they believe companies’ GRC functions need to be enhanced.
Dukander confirms that the principles of GRC and ERM are critical to any business whether it operates locally or internationally. “The practice of ERM is developing locally with the Financial Services Board and the Reserve Bank moving towards this direction. The Financial Services sector has seen ERM form part of regulations such as Basel III and Solvency Assessment Management.”
