News
Print Article

Risk appetite – Critical to Success

03/03/2022

Boards and CEOs define the "level of Risk" organisations are willing to assume while conducting their business activities.

Is defining risk appetite a one-time activity where a percentage of an acceptable level of risk is defined? Or is there something beyond this question?

Successful organisations go beyond the definitional trap of risk appetite. They prefer to integrate the concept of risk appetite with organisational planning and decision-making processes.

Businesses' environment is dynamic, and so are business strategies, so how can the risk appetite statement remain constant? Risk appetite evolves along with the changing business circumstances, business confidence, and strategy.

Boards can learn from COSO, which has published a new thought paper on Risk appetite – Critical to Success, in May 2020.

COSO Guidance on Risk appetite – Critical to Success, May 2020

As per the new COSO guidance (re-produced from page 3 on Putting Risk Appetite into the Context of Business) –

  • Risk appetite must be flexible enough to adapt to changing conditions, helping an organisation to remain relevant in the evolving landscape.
  • For example, during good economic times, a successful and growing company may be more willing to accept certain downside risk than when economic times are bad, and business outlooks deteriorate.
  • Early applications of risk appetite often focused on financial and operational measures.
  • This focus worked well with a compliance mindset. But to excel in applying appetite, organisations need to broaden their scope, which requires viewing enterprise risk management through the lens of objectives that align with performance expectations.
  • This view expands risk appetite to include all stakeholders and to be incorporated into the organisational culture.

The COSO Enterprise Risk Management—Integrating with Strategy and Performance defines risk appetite as:-

"The types and amount of risk, on a broad level, an organisation is willing to accept in pursuit of value."

Six things to remember about Risk appetite (RA):-

  1. RA is not a separate framework it is integral to managing risk
  2. RA and Risk tolerance are related but distinct
  3. RA applies to more than the financial services industry
  4. RA is at the heart of decision making
  5. RA is much more than a metric. It is tied up to strategy.
  6. RA helps improve transparency as a well-communicated RA creates awareness of the risks the organisation is willing to assume and limit.

Organisations could look at combining Objective and Risk focus approaches and linking them on the subject of Risk Appetite. Let us look at a practical

Conclusion

In today's times, 'effective risk management is a real-time play between changing risk appetite, strategy, and performance. Understanding risk appetite is critical to business success.

It is the foundational step in strategic planning and integral to decision making. Organisations monitor and evaluate performance regularly; however, they fail to validate their risk appetite with emerging business scenarios, thereby leaving a risky gap in their corporate governance processes.

Precision and appropriate language are essential elements for arriving at a quality risk appetite statement.

Laser-sharp risk appetite statements focused on objectives and risk limits coupled with transparent communication to all levels go a long way in preventing avoidable events that can potentially cause losses.

Risk appetite statements should be designed at the enterprise, business unit, and the process owner level.

Such a cascading approach will create a risk-aware culture and permeate risk management practices at various decision-making stages in the organisation.

The COSO guidance suggests that organisations draw on continual improvement practices as far as Risk appetite is concerned. As part of internal reporting practices, report variation from desired risk appetite to management and the board.

Continuous validation of risk appetite is a critical factor for organisational planning and success. It is of great value in uncertain times.

Source

https://www.coso.org/Documents/COSO-Guidance-Risk-Appetite-Critical-to-Success.pdf

https://jhsassociates.in/risk-appetite-is-linked-to-strategy-confidence-and-circumstances/

General