Corporate risk management

Corporate risk management

Introduction

Risk is the possibility of something harmful or damaging occurring resulting in physical injury, loss or damage to possessions, a legal liability or financial loss.  Risks are higher when situations make it more likely that an adverse event will occur. They are often associated with chances where the outcome could be either favorable or adverse.  Risks exist for businesses as well as for people.  It can be argued that when companies collapse, it is because they fail to manage their risks properly.

  Some risks are unavoidable and profits earned by such a business can be seen as a reward for the risks that it takes while others may be unnecessary and avoidable and they might be reduced but at a given cost. Two major types of risks exist, the pure and speculative risks; Pure risk or downside risk is the possibility either that the outcome will be what we expect or that something bad will happen and a loss will occur, it is the risk of something going wrong.

Get quality help now

Doctor Jennifer

Verified writer

Proficient in: Business

5 (893)

“ Thank you so much for accepting my assignment the night before it was due. I look forward to working with you moving forward ”

+84 relevant experts are online

Hire writer

Management of pure risk is often associated with taking out insurance policies which is normally claimed when the event occurs whole speculative or two-way risk arises when the actual outcome could be either better or worse than expected and its management is more concerned with putting the organization into a position where it can respond to unexpected developments and in order to minimize the losses from adverse situation or to exploit favorable opportunities that arise (Coyle 13).

Risk is normally or often associated with uncertainty and whenever risks or uncertainty exists, the future cannot be predicted with certainty, but both they are different.

Risk management is concerned with identifying assessing and controlling the risks facing a business and to incorporate risk issues into decision making processes.  Risks arise because what actually happens could differ from what is intended or expected to happen. A management organization might know all the possible results or outcomes that might occur and their associated probabilities.  It is possible to predict about the future but it will be based on accurate past observations.  In such circumstances, unless different conditions, it should be possible to make an objective assessment about the future.  The risk in this situation can be defined as pure risk.

The two main management risks that face major enterprises today are financial and operational risks.  Financial risks are risks that gives rise to unexpected reduction for any firm in terms of cash flow, value and earnings; this amount is determined by the movement in one or more of the firm’s financial asset prices, namely: funding and liquidity risks, Credit risks and other variations in interest, any foreign exchange rate, whole operational risks consist of peril, accident and other hazardous risks of operating, which even include quality of service delivery for service economic to the firm’s clients and customers which will cover its professionals as well. All the same, risk management continues to develop and grow in importance.  Directors of large companies, for example, BP now see regular reports and assessments of risks performance.  Normally risk managers focus on ‘Operational Risk’ and contingency planning; effective risk management is all about getting business in assuming ownership of the management of risks within their own areas (Lam  42).

The BP Company gives an excellent assessment in its impressive corporate risks management.  It gives an insight on how risks are assessed and determined at board level.

Country risks

Risk assessment should be carried out in order to come with a strategic decision to invest in any new country.  It should be carried out and be reviewed during political changes or social environments or any significant change in the size of investment which may occur such that there is a change in the risk profile. It is necessary for the assessment to be carried out by an intensive discussion with active participation from outside exerts and BP personnel.  Risks can be identified using many different techniques but the process calls for a combination of judgment, experience and analysis.  Management process requires the process of qualification or measurement of risks to establish their significance using statistical techniques.

The task for the board is to decide how best to establish and operate a risk management system.  The management team would apply risk-based approach;  first, to  identify the main internal and external changes that have occurred and reconsider them, in order to come to an agreement of clear objectives to be undertaken for the company, to come up with critical success factors for the company, which are crucial to the achievement of those objectives and unless performance in respect of each critical success factors is satisfactory the objectives of the company will not be attained, and lastly, all risks facing the company should be identified and given priority, considering that prioritization of risks is part of the risk analysis process.

The numbers of risks on the list are likely to be very large, and there will be insufficient management time to deal with all of them; therefore the list should be reduced to just those risks that are significant.  The policy of the board towards risks would then be communicated to the executive management, it is the work of management to formulate strategies for controlling and containing the risks and the board of directors should then agree the risk control strategies and the risk management policy.

All responsibilities and accountabilities for risk management at an operational level should be agreed with the individuals concerned, and there should be broad and regular consultation with employees about risks, as this creates greater risk awareness.  However, changes in culture and behaviour should be encouraged, managers  and employees should acquire the habit of focusing on the fundamentals of good risk management and internal control; this means that early warning mechanisms are put in place, both to identify potential ‘trouble’ as soon as it is detectable, and to identify new opportunities to exploit.  All significant elements of internal control should be monitored and the board of directors can seek sources of assurance that the system of risk management and internal control is functioning as intended and it is effective.  The system should first of all to be put in place by the board and operate effectively and secondly, it should achieve the purposes for which it is designed.  Regular reporting by the management team to the board on risk issues would be made available and an assessment of risk should feature in decision making, and the board of directors should then review risk and internal control regularly, prior to end of year, reporting to shareholders and last but not least appropriate steps should be taken to improve the system, since, the risk management system evolves and changes continuously, in response to changes in circumstances (Dallas 79).

Managing Financial Risks

Businesses buy insurance against a variety of hazards, for instance the risk that the firm will be held liable for environment pollution or  vehicles will be involved in an accident,  The firm therefore can transfer the risks to the insurer; the insurance company, however the insurance companies have some advantages considering that they may have considerable experience in insuring  similar risks and so they may be well place to estimate the probability of loss and price the risk accurately or give advice at lower premium rates for a company that take this advice. Like any other oil company, BP is exposed to a variety of potential losses but it should challenge this conventional wisdom, considering that some risks arise from routine events like vehicle accidents and industrial injuries and on the other hand, they may result from catastrophes such as major oil spill or loss of an -off-shore oil rig.  In the past, BP used to purchase considerable external insurance but it recently took a hard look at its insurance strategy when it decided to allow local managers to insure against routine risks, for in those cases insurance companies have an advantage in assessing and pricing risks and in this they therefore compete vigorously against each other.  However, the company took a wise decision not to insure against most losses for example any loss above $10million, since huge losses insurance companies have less ability to assess risks and were less well placed to advice on safety measures and as a result insurance against large risks is not competitively priced. But when considering the much extra risk the company assumed by the decision to, the company estimated that large losses of $500 million and above could be expected to occur in 30 years time considering that it is a large company with equity worth approximately $85 billion and a $500 million loss, would translate after tax into a full of less than 1 million and therefore for large low- probability risks, the stock market was more efficient risk absorber than the insurance industry (Brealy & Myers  48).

Managing Operational Risks

Operational risk has been a challenge to contain for financial service firms for years because of the infrequency of losses; it has not been recognized for its full potential until recently.  Large loss events had occurred before and even the events had caused both mass embarrassment and collapse.  These threats that faced BP, gave a new focus on operational risk as the series of loss events coupled with a changing risk landscape; at one point the company defined operational risk as an area characterized by frequent small and predictable events such as processing errors, reconciliation breaks, or system glitches, sometimes accompanied by the one in-five-or-ten years large system failure and loss, defalcation or customer dispute. Couple this with the advent of increased management and directorship accountability forced by legal actions against officers and directors and a chain reaction has to be set in motion.  However, the opportunity is to propel the new strategic tools and techniques forward to transform not just a part of risk management, but to fill an important gap in the management of business strategy and day-to day business operations for an upside: enhanced shareholder value. The company would take formulation as the key to business operational risk management and operational risk information is critical for both business line management and at corporate levels at a financial firm (Hoffman 74).

Corporate Culture

Corporate culture is a clear reflection of senior management commitment, BP can foster.  Culture of Integrity and routine management awareness is whereby the management is focused on revenue or earnings growth only in order to make sure there is growth through quality strategy, in this way they can formulate a firm wide strategy, based on initial meetings, and the firm’s perspective on operational risk, the firm would craft a definition that will be useful internally and will remain mindful of developing regulatory discussions and the evolution of definitional consideration industry wide. The structure and size of the operational risk management team can be designed to commensurate with the company not forgetting of issues like the mandate for the corporate function and the level of centralization versus decentralization, at the same time the company can designate an organization risk management unit which serves as a facilitator (Theil & William 51).

Recruiting Top talents

The company should recruit top talented individuals to run the management team that comprises of a senior manager with leadership abilities, who understands the vision and strategies for the business overall, have a broad working knowledge of operational risks, understand key mitigation strategies and is capable of building and leading a diverse team of professionals and the team membership should comprises of a diverse group who commensurate its overall vision.  In the case of risk assessments the group should include individuals with audit and self assessment background, with some product and operations background more probably legal and compliance background or strategic planning experience and quantitative expertise and if risk finance and insurance should be included, then specific expertise in these areas will be required as well.

Establishing relationships with key control groups:

Concurrent with the process of meeting with key business managers the team can forge relationships with all corporate risk control related groups as well as seek to promote and leverage organisational risk management effects already under way for mutual benefit.  This is the company’s key step for establishing the basis for both formal and informal operational risk task force and committee membership (Warne 101).

Program Framework and Business Strategy

The company should form operational risks management links to a firm wide strategy initiative for maximum impact, whether that linkage is to six stigma or other quality initiatives, it should form a wide value programs such as EVA, Enterprise- Wide Risk Management, VAR, RAROC, or other performance initiatives and there should be a higher context and mandate than an operational risk management mission alone.

Investing in appropriate technology:

            The BP’s mission and mandate should drive it technology needs, by identifying primary needs and determining the appropriate course of action, it can leverage risk management efforts through its state-of-the art technology.

Communications and management information

As a large company, it should be able to identify and assesses the most beneficial communication media, with content and formants early on in the process and during the course of meetings with executive management and business line management. Then it should disseminate useful management information and reporting one of the main agenda items during the course of Key meetings with line managers and the staff should to discuss useful report content and format. Considerations beyond the obvious inclusion would be made available to determine what information would be most useful to line managers in managing the day-to-day business like key risk drivers, bench making data, industry loss information, causative factors and studies.  It should include all information that a manager can interpret and use not only for operational risk management but for business enhancement and improvement (Earl 62).

            The company should then determine the most effective forums for reporting on firm wide and business specific risk assessment, mitigation, loss cost, risk capital, and other progress.  The company can then fix a frequency of reporting, determining meetings beyond the operational risk committee; leverage senior for maximum visibility for issues initiative and progress.

Work cited

Brealy & Myers (2003). Financing and Risk Management.  McGraw Hill Professional Publishers:  New York pages 48-59.

Coyle, B. (2004). Risk Awareness and Corporate governance.  Lessons Professional: Canterbury, Kent, United Kingdom (2005) page 13-39.

Dallas, S. G. (2004). Governance and Risk.  McGraw Hill publishers; New York; pages 79.

Earl, M. J., Ed (1998) Information Management: The Organizational Dimension.             Oxford:           Oxford University Press. Questia, 25 Nov. 2007.www.questia.com, pages            66-71.

Hoffman, G. D. (2002). Managing Operational Risk.  John Wiley and sons publishers.  New York: Chichester: Wiley (2001). Pages 74-91.

Lam, J. (2003). Enterprise risk Management.  Hoboken Publishers: New Jersey Wiley (2003) Pages 42-77.

Theil, M. and William L. F. (2003). Risk Management as a Process: An International      Perspective. Review of Business: Questia. 25 Nov. 2007;www.questia.com,      pages 51-199.

Warner, M. ed. (2001).Comparative Management: Critical Perspectives on Business and Management.Vol.3.London:Routledge,.Questia. 25 Nov.2007 www.questia.com, pages 101-132.