Many risk-management activities at the enterprise level are influenced by various types of pressure. Some are external, such as compliance or regulatory changes, for example. Sometimes, unfortunate events in one’s own organisationor in the industry prompt internal soul searching regarding whether existing risk-management approaches are adequate.
In more and more cases, however, organisational leaders take a more proactive stance, as their goal is to further develop risk-management capabilities (proactively based on their strategic and economic priorities and growing aspiration levels) into a true competitive advantage—ultimately improving business decisions and increasing the value of the organisation in a risk-conscious way.
We help clients design and implement integrated risk-management solutions and bring a risk-reward perspective to strategic decision making and day-to-day operations.
- Risk ownership and strategy
Companies should choose consciously what types and levels of risk to take and what to avoid and mitigate (“risk ownership”). We help clients gauge their unique strategic, financial, and operational circumstances (“risk bearing capacity”) in order to ensure that their risk choices are aligned with their strategy and with their financial and operational risk-taking capabilities (“risk strategy and risk appetite”), so that they can optimize the risk-return trade-off.
- Risk-enabled decisions and processes
When making important strategic, financial, and operational decisions, decision makers must consider risks related to information and associated trade-offs. We support our clients in integrating risk-return-related considerations into important decisions in various processes. We pay particular attention to ensuring sound risk reporting, monitoring, and control processes.
- Risk governance and organization
Everyone in an organization has some responsibility in managing risk across the organization, not just the chief risk officer. Shareholders, and regulators and policy makers request that companies involve their top management and even their boards. However, the right structural and organizational choices, the description of roles and responsibilities, as well as the appropriate definitions of organizational units and reporting lines, are critical to ensuring robust and effective enterprise-risk management. We help clients define overall governance as well as the organization of the relevant risk, finance, and other control functions, and determine how they should interact with one another and other parts of the organization. Furthermore, we provide granular benchmarks on the appropriate size of and cost for different risk and control units.
- Risk culture
Mind-sets and behaviours of individuals and groups inside the organization—and not only the risk organization—play a crucial role in the execution of a organisation’s enterprise-risk-management strategy. We have developed a proprietary approach to risk culture that, for the first time ever, allows for the creation of a specific and detailed description of the core elements of a organisation’s ´s risk culture, an analytical approach toward measuring and profiling that culture, overarching industry-specific benchmarking, and the identification of specific levers for actively influencing and developing risk culture.