Risk and the board

A key role of the board is to determine the nature and extent of the risks the organisation faces, and to formulate and approve the organisation’s approach to managing and mitigating those risks.

A key role of the board is to determine the nature and extent of the risks the organisation faces, and to formulate and approve the organisation’s approach to managing and mitigating those risks. The training needed to help directors handle these complex issues needs to be both thorough and regular, advises Chris Glennie, commercial director of ICSA: The Governance Institute. 

Risk is something that everyone grapples with every day, from deciding when to cross the road to whether or not to walk under a ladder, but the risks that organisations face are on a totally different scale. Directors have a duty to help develop strategy and determine the nature of the risks that the companies, charities, or any other type of organisation they are involved with, are willing to take to achieve their strategic objectives. Get it right and organisations reap the rewards, get it wrong and it can lead to financial ruin and collapse, as was the case for Lehman Brothers and Kids Company.

Risk appetite is something which can be easy to articulate in theory, but it can be very hard to achieve in practice, which is where good training comes in. A good starting point is to have a firm understanding of best practice. This is particularly essential if directors are looking to improve approaches to risk in the boardroom. You need to know what is on offer if you are to suggest an alternative way of doing something.

Secondly, directors need to be aware of any hot topics that might affect their risk profile. Cyber risk, data protection, the Modern Slavery Act and corporate manslaughter are all things that directors need to have on their radar, particularly as the UK Corporate Governance Code makes it a requirement that they have sufficient knowledge to be able to discharge their duties and responsibilities effectively.

ICSA: The Governance Institute offers numerous courses and bespoke training for directors to help them refresh their skills and knowledge, including a half-day workshop examining the role of the board in risk and risk management. The course has been designed so that boards gain an understanding about their role in determining the organisation’s approach to risk, identifying and assessing risks and instilling the right culture through the organisation.

Establishing the right culture is crucial. The banking crisis grew out of the fact that people were encouraged to take greater and greater risks to maximise profits. Greed led to unfettered risk taking and this is in no-one’s long-term interests as the resulting near global recession so clearly demonstrated.

Failures of governance or the management of risk by boards have been a key factor in many of the major financial sector failures in recent years according to the Prudential Regulation Authority (PRA). At the City Week Conference in May 2016, Andrew Bailey, CEO of the PRA at the time, said ‘My assessment of recent history is that there has not been a case of a major prudential or conduct failing in a firm which did not have among its root causes a failure of culture as manifested in governance, remuneration, risk management or tone from the top.’ 

He went on to state that ‘culture is a product of a wide range of contributory forces:  the stance and effectiveness of management and governance, including that well used phrase “the tone from the top”; the structure of remuneration and the incentives it creates; the quality and effectiveness of risk management; and as important as tone from the top, the willingness of people throughout the organisation to enthusiastically adopt and adhere to that tone.’ 

The current focus on ethical behaviour is intricately linked to risk and directors need to be aware of their duties in this respect. Regulators require that risk management and internal audit in firms are effective and act to root out inappropriate incentives and weak controls. The 2016 Senior Managers Regime and Senior Insurance Managers Regime explicitly hold to account chairmen and non-executive directors of banks and insurance companies for boardroom decisions and squarely lay the finger of blame on their shoulders for poor decisions. Board members therefore need to show increased understanding of key business and strategic activities, and their associated risks.

For any new director, learning how the board establishes and maintains policies in relation to risk and internal controls is essential. They also need to understand the board’s oversight role in relation to risks and the effectiveness of management’s internal controls. Finally, directors need to know how to report to stakeholders on risk, the board’s mitigation of risks and internal controls. 

www.icsa.org.uk

Read more

Latest News

Read More

Why teams, not individuals, will drive the future

27 November 2024

Newsletter

Receive the latest HR news and strategic content

Please note, as per the GDPR Legislation, we need to ensure you are ‘Opted In’ to receive updates from ‘theHRDIRECTOR’. We will NEVER sell, rent, share or give away your data to third parties. We only use it to send information about our products and updates within the HR space To see our Privacy Policy – click here

Latest HR Jobs

University of Leeds – Professional Services – Human ResourcesSalary: £39,105 to £46,485 per annum (depending on experience) Grade 7

HR M&A Expertise: Extensive experience having led 10+ mergers and acquisitions within or for a global organization, focusing on HR due diligence and integration planning.

Lead and manage the HR team of 4, comprising a Recruitment Advisor, HR Advisor, Senior HR Advisor, and Senior Payroll Advisor. The Executive Director –

The role of the Human Resources Director is to ensure the HR effectiveness of Connected Places Catapult by developing and implementing the people plan in

Read the latest digital issue of theHRDIRECTOR for FREE

Read the latest digital issue of theHRDIRECTOR for FREE