“Change” has been the operative word in the risk management community over the past several years. Over that period of time, corporations have watched as risk management has advanced from focusing exclusively on “insurable risks,” to a firm-wide view of risks known as enterprise risk management (ERM). During this transition, several clear trends have emerged.

In its initial growth stage, a number of smaller, boutique-type service providers formed the cutting edge of the discipline. This typically occurs when any new management approach is developed. Frequently, as in the case with ERM, each proponent advances an approach that favors its point of view, or area of expertise.

Unfortunately, this process typically leads to confusion for corporate America. Again, very much the case with ERM, as several interested groups worked to control the primary focus of risk management, with confusion and frustration following. However, at some point, a major international service provider becomes involved and tends to drive the conversation. Now it would appear that ERM has reached this stage in its development, as IBM has significantly stepped up its involvement in risk management.

Risk management’s growing role

One of the recent contributions from IBM is in the form of a new study of 1,900 global financial managers. While the study, “The New Value Integration - Insights from the Global Chief Financial Officer Study” (the Study), had a broader purpose, risk management played a major role in the findings. The Study’s primary focus was to determine how finance departments, in general, and CFOs, specifically, have been dealing with the recent global economic downturn. They found that CFOs have been having “far more conversations in the boardroom,” and, as a result, CFOs are emerging with more influence, particularly at the enterprise level.

The Study notes that the core finance responsibilities of CFOs have not diminished, but the downturn has caused the CFOs to take a far more company-wide view of issues and challenges. According to the Study, “CEOs and Boards are counting on their CFOs to be fact-based voices of reasons and insights.” Unfortunately, the results indicate that the finance department’s effectiveness in these core areas is lagging. They also found that more than 45% of the CFO participants indicated that their departments were not effective in the areas of strategy, information integration, and risk and opportunity management.

The results of the Study confirm that some organizations “stand far ahead of their peers, and there are a number of reasons for this.” These organizations—IBM calls them “the Value Integrators”—exhibit significant advantages in critical areas. Among the critical areas noted were managing enterprise risks, measuring and monitoring business performance, and driving insight from the integration of information.

The importance of developing an enterprise focus cannot be stressed enough. Regarding this single issue, the enterprise focus, over 70% of the participants stated a holistic view was either very important or critically important. Not surprising, the Study found, “Two key activities have become much more prominent—information integration and risk management.”

In fact, supporting and mitigating enterprise risks has had a 93% increase in activity in just five short years, from 2005 to 2010. All in all, the Study stresses the importance of focusing on enterprise risk management. All of the signs from the global financial executives pointed to more attention to how risks are managed and how opportunities are taken advantage of.

On the negative side of the ledger, there is a significant gap in the practices of CFOs that are not considered “Value Integrator” companies. The competitive disadvantages of not being in the lead group are great, and for some organizations it may well be a life or death disadvantage. If that was not discomforting enough, the study points out, “With expectations rising faster than effectiveness, CFOs face a widening execution gap.” The study found that one of the areas that requires immediate attention is enterprise risk management.

Another view of the growing importance of risk management has been documented by the Corporate Executive Board. Their latest research, “Enterprise Risk Intelligence - The Latest Challenges and Recommended Solutions for ERM Executives,” provides new insight into four major challenges. At the top of the list is sensing emerging risks. While the board struggles with many important agenda items, one thing is clear—they continue to be fearful of the “unknown unknowns” and, as a result, are requesting management to continue scanning the business environment for emerging risks.

Concern extends to events that can affect competitors and counterparties, as well as their own organizations. An additional area noted was gaining a better understanding of risk interdependency. A key to future maturing of ERM is the ability to gain a better perceptive on the interplay between key risks. Unfortunately, today few ERM programs—formally or informally, for that matter—explore the relationship between their top-level risks.

A continuing, constant challenge for many ERM programs is the difficulty in defining their corporation’s risk appetite. A major contributor to this challenging situation is the lack of a single approach to developing an organization’s risk appetite. Recent pressure to establish this key matrix has been growing in response to new and proposed legislative initiatives. Additionally, ERM executives should plan for increased demands to begin to measure the value of ERM. In order for ERM to grow, it is important to measure value from implementation. This will require much more thought regarding the upside of risk, and how it relates to strategic planning and opportunity identification.

Strategic acquisition

The release of the IBM study was followed closely by IBM’s announcement of a major acquisition in the risk management area of OpenPages, a leading provider of integrated risk management solutions for global companies. The company was founded in 1996, and has built a platform that empowers a risk-based approach to identify and manage key business risks across the entire entity. Their entire approach enables organizations of all types to focus on what’s important and to avoid unexpected outcomes while improving performance.

As an organization, OpenPages has historically provided a quality product coupled with superior service. The firm frequently scores high in independent reviews of available ERM software. For example, in the past, they have been given the top spot in the “Forrester Wave” report and were also recognized as a “Leader” by Chartis Research in its 2010 annual review. In addition, OpenPages was among only three ERM software service providers to achieve the “Leaders Quadrant” title in Gartner’s “Magic Quadrant” for ERM platforms. Gartner’s leaders selection is based in large part on the service providers’ ability to execute and completeness of vision in the market place.

It should also be pointed out that OpenPages software, while primarily directed at risk management, also assists with both governance and compliance-related issues. And with the fallout from the recent financial crash, which most experts agree has not yet been fully realized, both of these areas will benefit from increased interest from company directors and senior management. Having an integrated product that encompasses all three areas—risk management, governance and compliance—will increase its appeal to potential customers and should add to OpenPages’ 200-plus customer base.

Conclusion

As noted earlier, movement into the risk management landscape by firms like IBM will only help to draw the attention needed to advance ERM. Further, by combining the data management capabilities of IBM with the superior risk management platform provided by OpenPages, the bar will certainly be raised. However, the real benefit of this recent movement will be to provide a singular approach to ERM that senior management and the board can have faith in, since IBM is a known quality. In addition, credit agencies, investment advisors and governmental agencies will also appreciate the fact that this approach may receive universal acceptance and, finally, solidify a uniform corporate approach to enterprise-wide risk management.

While it will take time for its benefits to materialize, IBM’s acquisition of OpenPages may well signal a major turning point for corporate risk management. Not that the attention from the rating agencies, new and upcoming regulations or even increased pressure from the board have not resulted in advances in risk management; they have. However, most experts agree that one of the obstacles to ERM implementation has been a lack of recent and relevant data. Also needed is some method of converting this data into insightful information. With the movement of IBM into this market space, this need may be filled, and meaningful growth within the risk management community can take place.

The author

Michael J. Moody, MBA, ARM, is the managing director of Strategic Risk Financing, Inc. (SuRF). SuRF is an independent consulting firm that has been established to advance the practice of enterprise risk management. The primary goal of SuRF is to actively promote the concept of enterprise risk management by providing current, objective information about the concept, the structures being used, and the players involved.