By Derek Smith Jr
The general topic of risk management has increasingly made headlines around the globe, especially due to the COVID-19 pandemic. Locally, after the release of my first article of this two-part series earlier this month on why businesses fail, I have had numerous conversations with colleagues regarding risk management. What was evident is that there are split views about whether proactive risk management or reactive risk management should be deployed by organizations. For the avoidance of doubt, identifying a business’ situation or processes to determine potential threats is proactive risk management, which aims at reducing the chances of an accident or malicious attack occurring in the future. Conversely, a reactive risk strategy is based on past incident evaluations and audit-based findings and is based exclusively on responses to past incidents. Moreover, investigation of the incident occurs and measures are implemented to prevent similar incidents from happening in the future.
Sherwen.com wrote: “There are many valid cases for utilizing one or the other, but if the two are successfully merged together, not only does it minimize risk, but it can identify inconsistencies in an organization that will advance the business once they’re patched.”
Therefore, I present the second of two parts in this series. In this brief article, I wish to discuss the last two of five areas executive leaders must keep an eye on. Organizations are at risk of zero and negative growth, decreasing competitive advantage and human capital flight, if management refuses or are unaware of key risks.
Unchecked risk taking
Having confidence and relying on talented people for risk management is crucial, however, without checks and balances, limits, independent monitoring or reporting, opportunities and pitfalls would be missed. The lack of a robust enterprise risk management and third line function providing independent review and assurance or a fusion of both, a company is making a huge mistake.
Despite the constantly changing market conditions and operating environments, an organization’s management continues to use the same strategy and business model. C-suite and senior leaders often make the strategic mistake of copying key competitors’ actions or redeploying aged approaches when presented with a crisis. Additionally, some of their decisions are based on emotional reactions and instincts rather than on thoughtful analyses.
Social media and digital marketing have also subtly fueled herd mentality and this has seeped into business decisions. For example, when completing a market analysis, leaders may consider when making a decision on engaging a particular vendor may predominantly rely on positive online review sites or “likes”. However, the reviews seen or likes on a social media page may be fake or generated by a bot, and the organization could be misled. Research has proven the above true especially within small and medium-sized enterprises (SMEs).
Success in business today requires agility and the drive to constantly rethink, reinvigorate, react and reinvent. Boards of directors and executives are responsible for setting the tone at the top, evaluating its culture, managing identified risks and preventing herd immunity.
Derek Smith Jr is a Top 40 Under 40 leader; the compliance officer at Higgs & Johnson, a leading law firm in The Bahamas; and the former assistant vice president, Compliance & Money Laundering Reporting Officer (MLRO), at an international private bank. He is also a CAMS member of the Association of Certified Anti-Money Laundering Specialists (ACAMS) and an executive member of the Bahamas Association of Compliance Officers.