Risk Management 2.0

In today’s VUCA world, Risk Management has been on the CFO’s radar since the global financial meltdown. Not only are CFOs worried about the economic situation of the world, they have to also deal with compliance of the many regulations that bears down on the illegal transfer of money in a seamless electronic world. More trade agreements in recent times which also spells out more compliance and monitoring, something that the business people tend not to focus too heavily. Country embargoes and natural disasters also spell RISKS to the CFO.

Yes, where the process of Risk Management which used to be the purview of Risk Managers has now given CFOs (especially global CFOs) sleepless nights. The threats of war, unrests and natural disasters are slowly getting more focus than the previous risks of exchange rate fluctuations, general economic risks, country political risks and operational risks.

As CFO, have you looked at your Risk template or software and made modifications to it in recent years? If you have not, that becomes a Risk itself. Without objectively looking at trends of all natural risks surrounding your global operational sites, you as the CFO cannot create plans to mitigate those risks. How do you steer away from a storm if it does not even appear on your radar screen. If you don’t see the risks, there’s a 75% chance that your people at the operational site will not even consider these risks.

Let’s look at some risks which are mostly taken for granted.

Natural Disaster - Earthquakes

For this risk, I see 2 groups, one that have never experienced an earthquake and therefore will deem that an earthquake will never happen; and the one that experiences 20 tremors each year and therefore it becomes ‘business as usual’. The mentality of “we have experienced 20 tremors and only 2 were considered larger than usual, but we survived” is something that I equate to “we have 0.5% more stock losses than average but only these 2 years, the average went up by 1%”. In the earthquake scenario, it is highly likely that the risk is not even recorded somewhere, or if it is, it is brushed off due to lack of clarity. However, for the stock risk, you would probably send a team of auditors  to investigate. But consider the values behind it, the tremors could have happened near one of your major plant which would have resulted in total loss. But this risk is usually in our blind spot.

Globally, the number of tremors and earthquakes have increased by more than 30% in the past decade ending 2012 compared to the previous decade and it is occurring in places which has never had an earthquake before.

Natural Disaster – Floods

Another disaster which is usually downplayed in a Risk exercise is one of flood. Yes, some areas are prone to floods and it is perceived to be an inconvenience for a few weeks and usually there are insurance covers. These are floods following heavy downpours but floods can be due to other reasons and can be of a larger magnitude.

For instance, the tsunami that devastated parts of Japan caused by an earthquake. An impact from a meteorite on the eastern seaboard of the US (or any other country), large enough to cause tsunamis and wash away cities is not only a possibility but a likely event as well. Not only will there be high fatalities, there are also other risks like losing entire IT facilities which are housed in one of the buildings there, similar to the 9/11 incident where a lot of companies lost entire IT teams.

Terrorist Attacks – EMP

Unlike any bomb attacks, where the disaster is limited to the immediate site, an EMP would basically black out the entire city. Communication is stopped immediately. Part of Risk Management is to have a communication tree in place to ensure that risk assessment can be made and communicated to the HQ. How then can this happen when all modes of communication are rendered useless. If this was followed by biological or other means of terrorism, there is no way information will flow.

Part of the Risk Management exercise is to develop a contingency plan as well as a means of communication to the right people in Management in the event an incident occurs. But we usually plan for medium size emergencies, perhaps up to a point short of a sub-national disaster. There are contingency plans drawn up, with relative good emergency call trees set up but what if there is a total breakdown in communication lines? What would be the fall back strategy, how does one call one another or inform the HQ that safety of staff have been verified and that it is either business as usual or business is stopped until further notice (this can be where the safety of an area falls below acceptable levels).

Some of these scenarios are not only possible but are slowly increasing in likelihood:

  1. Major earthquake (> 8.0) strikes a cluster of countries that have never experienced an earthquake before
  2. National power and communication outage due to a terrorist strike
  3. Tsunami hits capital where your office is after an earthquake
  4. Global HQ destroyed together with data center

These are the areas that has not evolved much even when the risks associated have long time (at least a decade) evolved to become a real threat to the business and your team. Isn’t it time to consider Risk Management 2.0?

  • Kim Meng Cheong
    Kim Meng Cheong
    Chief Financial Officer Marsh & McLennan

    Kim has over 25 years of experience taking charge of Finance but over the years have also been responsible for Customer Support as well as Operations. While his current responsibility is primarily Finance, I work with Operations and Sales & Marketing. Previously his portfolio includes Human Resource, IT and Faclities Management on top of Finance and look forward to any positions in Operations in Senior level/ C-level. Industry wise, he has experience in the Projects Industry in Malaysia, the semiconductors industry in both Malaysia as well as Taiwan, the Healthcare industry (equipment) ,consumer AV as well as the insurance broking industry in Malaysia.

You May Also Like

Business failure by overtrading
Business failure by overtrading

Remarkable sales figures and improved short-term profits do not necessarily indicate ongoing success...

Challenging The FinTech Funding Gap In Asean To keep The Growth Engine Running
Challenging The FinTech Funding Gap In Asean To keep The Growth Engine Running

What is the preferred method for FinTechs to raise money? How much capital do FinTechs hope to rais...

Building a personal set of values - the 6 I's
Building a personal set of values - the 6 I's

Becoming a successful CFO requires persistence, hard work, technical skills, and people and manageme...

Fixed Cost Management
Fixed Cost Management

From the financial perspective, there are two types of cost that management has to deal with –...

The Future of Forex: How to Navigate the Asian Landscape for Maximum Profit
The Future of Forex: How to Navigate the Asian Landscape for Maximum Profit

To get a grasp of the evolving nature of Forex in Asia, it is pertinent that we look through the his...

Entrepreneurship: The Struggles No One Talks About
Entrepreneurship: The Struggles No One Talks About

Success is all about the money, fame, and glory. That’s the constant message we see on social ...

Boardroom commitment to security
Boardroom commitment to security

The subject of ‘Board commitment to security’ is a sensitive and often emotive one. The ...

Blockchain for Claim Management in Insurance Industry
Blockchain for Claim Management in Insurance Industry

Insurance industry has a vast potential for blockchain-driven innovations solving multiple pain poin...

Fraud Detection : Challenges in Real Time Payments
Fraud Detection : Challenges in Real Time Payments

“The financial industry is shifting towards real-time data analysis, deploying technologies su...

Bench to Market
Bench to Market

BENCH TO MARKET Some thoughts from an (interested) observer: #1    having the innovator/...

Risk Management Concepts
Risk Management Concepts

Risk Management Concepts - a practical approach. History, the Persians and risk management, an ex...

Start Up
Start Up

Millennials are now the largest segment of the U.S. labor market according to >Pew Research, an...

Granting Credit & KYC
Granting Credit & KYC

Money cost money. Credit is money. Hence, credit cost money!   Credit also carries an element o...

Money in the bank was never more important than it is today
Money in the bank was never more important than it is today

With the current spread of COVID-19 pandemic, the world has got locked down. It is an unfolding even...

Risk Based Capital- Issues, Challanges and Opportunities
Risk Based Capital- Issues, Challanges and Opportunities

Introduction A Stable insurance sector is encouraging various insurance regulators around the world...

COVID-19: the changing fortunes of industries and how businesses can thrive
COVID-19: the changing fortunes of industries and how businesses can thrive

With no end to the COVID-19 pandemic in sight, how can businesses build resilience and pivot for fut...

The death of Entrepreneur & Entrepreneurship
The death of Entrepreneur & Entrepreneurship

What amazed me was that why a person with a Net worth of 25,000 crores (nearly US 3.6 billion) could...

Managing Conduct Risk in ASEAN and Malaysia - Addressing Drivers, Restoring Trust
Managing Conduct Risk in ASEAN and Malaysia - Addressing Drivers, Restoring Trust

There has been no shortage of well-publicized and highly damaging misconduct scandals within the glo...

Defining business problems clearly
Defining business problems clearly

I have observed in my years of project delivery, stakeholders are generally quick to jump into solut...

Fraudsters capitalise on COVID19 crisis...
Fraudsters capitalise on COVID19 crisis...

Shiny hunters, a hacking group, allegedly stole personal data, including email, phone numbers, hashe...

Stay Connected With Us