January 7, 2019
By: Stathis Gould and Stuart Chaplin
IFAC’s report, Enabling the Accountant’s Role in Effective Enterprise Risk Management, highlights both the importance of Enterprise Risk Management (ERM), and the contribution of accountants, CFOs and finance functions in leading ERM practice. We believe that professional accountants have an opportunity to enable more effective ERM within their organizations. To seize the opportunity, they must be seen as risk experts who are outward-looking and provide valuable insights to manage opportunity and risk in a way that supports their organizations create as well as preserve value.
Long term value creation and success ultimately depends on the quality of decisions made. ERM is about enabling informed decisions across the organization in the context of increasing uncertainty driven by a myriad of factors, including geopolitical events, volatile financial markets, technology developments, cybersecurity, data privacy concerns, and climate change. Better decisions are generally the result of superior insight into the drivers of opportunity and risk. For a bank, these sources of value creation might be quite different than for a consumer products company. That said, despite different business models, the ability to navigate uncertainty and manage issues will determine whether an organization thrives in the future.
A key challenge is that many organizations do not have an integrated risk management process in place.
A survey of mainly US-based organizations conducted by North Carolina State University and the American Institute of Certified Public Accountants (AICPA) reveals that there is pressure to increase management involvement in risk oversight. According to the survey, the volume and complexity of risks is increasing extensively, and most companies struggle to integrate risk management. The survey found, for example, that less than 20 percent of respondent organizations views their risk process as being integrated with strategy and objectives. This suggests risk management remains siloed in many organizations, and we believe that the story is the same in most countries.
ERM is critical for CFOs and finance teams to provide additional value to the business
The accountant’s contribution to ERM will help improve decision making by enhancing the insights and information available to boards and management as they respond to uncertainty. However, ERM can only help them to better deal with uncertainty if information is comprehensive, connected and insightful. Better “risk intelligence” ultimately means a better understanding of opportunity and risk in the context of what is happening externally to the organization, such as changing customer expectations and preferences, new competitors, and resource constraints.
CFOs and their finance teams will be trusted ERM leaders if they provide rich insights that draw on data and activities across different parts of an organization, and act as a “spider in the web” to bring together a holistic understanding of risk and opportunity. CFOs and accountants with clear risk management responsibilities are in a better position to make individually and functionally greater contributions to ERM.
Fortunately, there’s an increasing trend of CFOs being tasked with risk management as a functional responsibility according to McKinsey’s latest CFO survey. To effectively lead in ERM requires investment in the finance function, as well as in the finance professional skillset.
IFAC’s report provides three key recommendations for CFOs and finance functions to help enhance their contribution to ERM and to ensure that ERM sits at the heart of not only every organization, but also the professional accountant skillset.
These recommendations include:
1 – Relating risk management to value creation and preservation – The CFO and finance function needs to support boards and management to fully understand risk and the issues that really matter, helping to evolve and transform business models to ensure resilience. This involves capturing and measuring data on critical intangible assets and value drivers, including brand and reputation, people and culture, data, access to resources, intellectual capital, and innovation.
2 – Driving insights and enabling decisions – An effective contribution to ERM involves providing insights to decision makers. ERM activity can be overly focused on identifying risks in different areas and recommending defensive actions. This approach may serve to curb innovation and discourage the pursuit of opportunities, particularly related to key areas of transformation such as digital transformation and resource scarcity. Producing high-quality information about opportunities and risks and their implications requires scenario and risk modeling and analytics.
3 – Enabling integration and interconnectivity – Because risk management is often locked in siloes, it is difficult to see whether opportunities and risks are managed on an integrated “end to end” basis. The CFO and finance function have an important role in connecting the dots and in integrating risk across functions and processes within a holistic ERM framework. An enterprise-wide risk management approach structured around an ERM framework, such as the Committee of Sponsoring Organizations of the Treadway Committee (COSO) framework, ensures a holistic approach that develops the culture, capabilities and practices for organizations to effectively manage risk.
ERM must be a core competence of professional accountancy education and training moving forward. The report also provides recommendations on the skillset needed by professional accountants to be effective in risk management, and how IFAC members can better support accountants enhance their role.
As accountants in business provide ever-more strategic roles within their organizations, ensuring resilience and risk awareness in times of heightened uncertainty is a key area where our global profession can make significant progress.