Institute of Risk Management Risk Predictions 2022

Page 1

Institute of Risk Management

Institute of Risk Management Risk Predictions 2022 Resilience, Risk & Recovery

Developing risk professionals


Contents Introduction - Stephen Sidebottom, Chair, IRM Launching Soon - Armed Forces Community Group Charities Group Climate Change Group Construction and Infrastructure Group Cyber Group Energy and Renewables Group Environmental and Social Governance Group Enterprise Risk Management Insurance Group Financial Services Group Innovation Group Nuclear Group

3 4 4 5 8 10 11 12 13 14 15 18

Global View South Africa India Middle East North America Iraq

19 20 21 22 24

2


Introduction Stephen Sidebottom IRM, Chair, provides an overview of the global risk landscape in the early months of 2022 I would highlight five areas of risk that boards should have high on their agenda for 2022. 1.

Geopolitical uncertainty and instability

2.

Inflation

3.

The mixed pace of global post-pandemic recovery

4.

The changed relationship with the workforce

5.

Environmental, Social, and Governance (ESG)

One of the challenging things about these risks is that they play out over multiple time-scales. All boards and executive teams have to balance things that are urgent against things that are important. The response to the pandemic crisis has been extraordinary, and companies now generally understand the risks associated with this as we start a faltering recovery. Other urgent issues include assessing the impact on inflationary pressure on your business. It’s been thirty years since we’ve seen this type of sustained inflationary pressure, and many management teams therefore won’t have direct experience of the significant risks it can create. I think much more attention should be given to the complex issue of engaging with people in the workforce and their changed post-pandemic needs and expectations. The frequently used language of ‘return to work’ rather than ‘return to the office’ is symptomatic of a simplistic managerialist response that misses the business risks inherent in what’s changed. Whether that manifests as experiencing your own ‘great resignation’ or a more gradual failure to win the best talent, this requires deeper thinking. What’s more this is only one element in the broader ESG agenda. 2022 has to be the year boards recognise the consequences of ESG failures as an existential risk for most major companies. In terms of businesses and their supply chains, the ripple effects of the pandemic and surges in coronavirus (Covid-19) infections, combined with cyber-attacks and extreme weather events are testing business resilience. The risk of business failure remains high. But most major companies will have a good view at this stage of the pandemic of their ongoing risks and the strength of their business resilience plans and practices. Post-pandemic recovery, environmental risks, and cyber should all be significant areas of risk management focus. My final piece of advice to businesses in terms of moving from a crisis response to the pandemic to business continuity would be to step back and look at how your management model works to build sustained performance. Think about what leadership practices have had the most positive impact, and do more of that. In particular, focus on inclusive leadership, becoming much more deliberate about increasing engagement and collaboration, and exploring how to encourage a step-change in innovation and experimentation, which most organisations really don’t do at all well. In what seems like an increasingly fractious and changing world, I envisage the business response to global risks evolving throughout 2022 and beyond through an investment in risk management capability; assessing and evolving your risk frameworks, continuously improving data insights, and building risk management skills throughout your workforce. I would like to thank all of our contributors from our Groups for this year’s contributions to this document and for their ongoing support to the institute. 3


Launching Soon - Armed Forces Community Group Inspired by the signing of the Armed Forces Covenant in 2019, the Armed Forces Community Group will look to form a network of like-minded individuals who have ever been engaged with any aspect of the armed forces. This can include serving members, reservists, or veterans along with those who support cadet forces. Additionally, we are open to close family members as we recognise the support that families provide to service personnel. We would like the group to be internationally focused, so we are open to membership from around the world. The purpose of the AFC Group is to support its members in their professional development as well as to provide a social dimension. This will include identifying routes into risk management professions for service leavers, supporting those risk professionals with ongoing development ideas, and enabling like-minded people to network and benefit from more social interactions. The Group would also look to support the IRM with its ongoing communication with the Armed Forces Community. The AFC Group will hold its inaugural meeting under the Chairmanship of Chris Blockley-Webb in the first quarter of 2022. To join the group please visit: https://www.theirm.org/join-our-community/special-interest-groups/armedforces-community/

Charities Group Richard Evans Partner, Head of Risk & Assurance Crowe U.K. LLP When considering emerging risks, whilst the inherent diversity of the sector is recognised there are a number of recurring themes which apply throughout. Various risk surveys (including our own) and organisation insights unsurprisingly cite people related risks as being the most significant they have been for some time. Staff wellbeing, and the risk of burnout is being cited across the sector – so many people have been running at pace for an extended period, with changing delivery models and ways of working, as well as maintaining the day-to-day role having a significant impact upon staff, particularly within (but not limited to) the health and social care sectors. This is compounded by the buoyant labour market and whilst the “great resignation” has not impacted as some have predicted there are some areas of the sector, particularly those with a high proportion of living wage employees, who are viewing challenges in vacancy levels, directly impacting beneficiaries and service users. This is also being seen across highly transferable roles, such as finance, technology, fundraising and marketing (to name but a few). These workforce risks are being exacerbated in the immediate term (which we know is less severe) Covid-19 (and wider sickness) related absences and dealing with the immediate impact of the new variant. Consequences include poor customer experience and being unable to deliver face-to-face services, such as in respect of mental health and welfare related. There are also the longer-term risks driven by Covid-19 which are being considered on the horizon – for charities these include backlogs driven by a range of structural factors which will impact both directly and indirectly to the organisations staff, fundraising and service delivery. Examples include delays to NHS patient services, cancer, and heart services, the ongoing and exacerbated delays in the justice system and delivery of face-to-face services – all of which challenge the funding environment and the ask upon an organisations’ resources.

4


Whilst a number of these risk factors target the outputs and expenditure of charities, there are challenges in respect of income and funding models. A number of funders are pivoting their strategies towards issues related to the pandemic, rather than established services and sectors. There is further risk when considering wider economic factors, including inflation potentially pressurising the capacity for established fundraising models. Political uncertainty and the ongoing uncertainty in supply chain and societal risks arising from Brexit all present a watching brief for risk manager’s horizon scanning. Covid-19 and the pandemic period have accelerated digital transformation to meet the demands of hybrid working and service provision. However, this in turn has created new cyber risks with the move to cloud-based approaches alongside legacy systems. As such, cyber and information security should be a recurring point of focus for risk managers. The shift to remote and potential longer-term transition (rather than an extended pandemic emergency response) to hybrid and new ways of working present further technology risks to both assess and importantly – translate these to risks and issues that the organisation understand. An emerging area for risk managers to navigate includes Equality, Diversity, and Inclusion (EDI) risks and what these mean for the charity, both for your existing staff and when looking at recruitment, funding, and delivery of services. Facilitating the debate and response, including ensuring the risks are captured and understood, represents a new area of activity. Adopting virtual or hybrid delivery models represents both upside and downside risks, but the pandemic is also driving demand for specialist services, which has a further impact upon resources and costings. Risks to both changing ways of working and how the charity assesses the effectiveness of response are critical – this includes avoiding the risk of subjective bias in determining workforce strategies and being data led in terms of feedback and performance. Despite the challenges the forthcoming period presents a significant opportunity for risk professionals to make a real contribution to their organisation. We have viewed an increased sector focus upon risk as an enabler – particularly in the consideration and application of risk appetite. More Boards and management teams are having active conversations as to what their risk appetite is and what it should be – identifying that in the majority of cases that the actual level of risk being taken is lower than it should be. This also highlights and strengthens the recognition that not everything will work and that in 2022 there is a need to be bold and take opportunities – a clear risk appetite position helps to provide the framework for leadership and the wider organisation.

Climate Change Group Martin Massey MIRM, Chair, Climate Change Group Managing Director OneRisk Consulting Ltd In 2021 the Group helped design and launched the Climate Change Risk management course in conjunction with Imperial College, Grantham Institute and the IRM, and we also published a guidance report focused on climate change for risk professionals. Both the course and guidance aim to equip risk managers with the knowledge with the latest tools and techniques to help translate the complexity and uncertainty of climate change to support their organisations in identifying, assessing, and managing their climate-related risks and opportunities and integrating them within existing ERM frameworks. In 2022 economic challenges flowing from the pandemic still persist and will continue with market risks such as financial market volatility and interest rate uncertainty being a major area of focus in the year ahead. Human capital risks will continue as organisations need to work out their work-from-home policies that seek to maintain staff retention rates.

5


In respect to climate change 2021 was also a big year with United Nations Climate Change Conference (COP26). The conference succeeded in getting 197 countries to align on the Glasgow Climate Pact and other landmark pledges, but even these new commitments are expected to miss the 1.5°C goal established in the 2016 Paris Climate Agreement and increase the risks from a disorderly climate transition. The economic overhang of the Covid-19 crisis and weakened social cohesion in advanced and developing economies alike may further limit the financial and political capital available for stronger climate action. China and India lobbied to change the Pact’s wording from “phase out” to “phase down” of “unabated coal power and inefficient fossil fuel subsidies.” The economic crisis created by the Covid-19 pandemic risks delaying efforts to tackle climate change by encouraging countries to prioritize short-term measures to restore economic growth, regardless of their impact on the climate, over pursuing green transitions. Brazil, for example, joined the other 140 countries responsible for 91% of the Earth’s forests in endorsing the Glasgow Leaders’ Declaration on Forests and Land Use, even as deforestation in the Amazon accelerated to a 15-year high in 2021. Geopolitical tensions and nation-first postures will also complicate climate action. Climate change continues to be perceived as the gravest threat to humanity and in the latest Global Risk report 2022, GRPS respondents’ rate “climate action failure” as the risk with potential to inflict the most damage at a global scale over the next decade. A climate risk taxonomy splitting risk between physical, transition and liability risks is becoming more widely used amongst most organisations, so we provide some of the major trends and risks as was opportunities that we predict in 2022: > Physical risks - extended wildfire seasons and prolonged heatwaves were two of the major trends that we have seen in 2021. Wildfires in California and Australia have been in the news for the last few years but in 2021 we saw many intense wildfires across some newer regions of the world including Southern Europe and Siberia. In August 2021 wildfires broke out in the Mediterranean, where the Greek Prime Minister described them as the countries “greatest ecological disaster in decades”. In 2021 we continued to see heatwaves increase healthcare services strain on water, energy and transportation resulting in power shortages and even blackouts. Indirect impacts on food and livelihood security impact people who lose their crops or livestock due to extreme heat. One of the most extraordinary and powerful heatwaves ever experienced by North America hit the west coast in June 2021 and did not go away. This was caused by what meteorologists called a “dome of high pressure,” the heat wave extended from California – worsening the drought even as the first wildfires of the season began – and extended all the way up to Canada, where temperatures rose to 121.28F (49.6C), shattering all previous records. “This is the beginning of a permanent emergency,” the Governor of Washington state said. > Transition risks - relating to the consequence of transitioning to a lower carbon or “green” economy are resulting in a range of both global risks and opportunities facing organisations. These range from carbon emissions targets and plans, investment in green infrastructure, green washing, “green” Energy inflation; organisations’ purpose, global flow of information, digital platforms, changing societal expectations etc. Perhaps the most important trends in 2021 that we see continue include corporate pledges and Climate Related Financial Disclosures. Climate change awareness and adaptation and wider ESG criteria are increasingly valued by shareholders including investors, industry regulators, employees, and customers. We are continuing to see record number of corporate pledges especially net zero targets on mitigating climate change, which is raising the bar for corporate governance.

6


The growing focus on climate change also extends to corporate disclosures, and there has been significant progress on this front with improvement in global flow of information and continued regulator pressure that is leading some countries to introduce mandatory climate and ESG reporting. Continued global activism will also contribute to capturing global attention. In 2021 we also saw increased global sustainable investment. The Global Sustainability Investment Alliances latest investment review shows that global sustainable investment now tops US$25 trillion – up 15% in two years and in total equates to 36% of all professionally managed assets. More than 70 asset managers, including BlackRock and Vanguard, have also recently signed a pledge with the Net Zero Investors Initiative, which has been formed to help achieve net-zero greenhouse gas emissions by 2050. Changing societal expectations is leading to the increasing demand for sustainable products. As consumers people increasingly want to purchase products that they view as sustainable across the entire value chain. They want to believe that their consumption habits won’t negatively affect the environment, and many are fearful of the overall impact of climate change. Unfortunately, this is also leading to a major risk issue namely “Greenwashing.” This is primarily a marketing tactic where consumers or investors are misled into believing that an organisation or brand is sustainable. As the world begins to decarbonise new market opportunities are available for organisation to create products and services for a low-carbon world that uses less energy and natural resources, emit fewer greenhouse gases, and can help mitigate climate damage and regenerate natural systems. On the flipside there are opportunities to help organisation’s improve resilience which in turn is leading to product innovation such as the electric and hydrogen economy and a range of new technologies. In the insurance sector the use of parametric insurance in increasingly being used to offer bespoke solutions to cover climate related perils covering for example heat stress solutions for livestock farmers. Overall organisations are continuing to realise that modifying existing internal business activities to address climate change and wider social issues is simply good business overall and can protect the reputation of the organisation. Government and regulators are now stepping in to push further change, faster and with more consistency across the economy than the market alone could do. Europe is taking the lead on climate-related financial disclosures, and other jurisdictions are following suit.

7


The global flow of information has also helped raise the awareness of ecological and social crises around the world. Global and local activism that we saw in 2021 including is continuing to capture global attention and galvanised opinions. This has led to sustainability issues becoming core considerations in business. To be able to distinguish between companies, and investment opportunities, investors need high quality, comparable data, and this is driving the call for global sustainability standards and the regulatory interest in mandatory climate and ESG reporting. > Liability risks - climate change litigation has gained momentum since the adoption of the Paris Agreement in 2015, increasing in volume, scope, and geographical coverage. Of the over 1,500 cases documented worldwide between 1986 and 2020, more than half have been brought since 2015. Most of these cases are in the US where some of the biggest oil and gas companies are embroiled in legal disputes with cities, states, and children over the industry’s role in global warming. Awareness of climate risks and the growing perception that courts can be a forum to advance climate goals are two main drivers of climate change litigation. Standards of care are also evolving, increasing the risk that states and corporations can be found negligent in their duty to protect the public from the harmful effects of climate change. These trends have led to a number of new legal cases including District Court in The Hague ruling in May 2021 that Shell must reduce its global net carbon emissions by 45% by the end of 2030 from 2019 levels. Although the decision is under appeal this was the first time a judge has held a corporation liable for causing climate change. The ruling could set a precedent for similar lawsuits in the future.

Construction/Infrastructure Group Danielle Mudd, IRMCert Chair of the Infrastructure Group Overall, 2022 for the construction sector is looking to be prosperous and one of growth despite skills shortages, increased costs, and stricter regulations. A continuing area of concern for the construction industry will be skills shortages; statistics published by the Construction Skills Network (CSN) stated that over 210,000 construction jobs will need filling in the UK by 2025.

8


It’s well-recognised that the sector is largely propped up by an ageing workforce and has struggled to attract new talent. In addition, in the run-up to Brexit, the sector saw a sharp decline in the number of European workers. The need to encourage new people into the sector, including educating school-age children, has been well-recognised and this will be a continuing effort. In addition to the skills gap, material shortages and transport issues continue to plague the sector. We’re facing global shortages of steel, timber, and IT components, increases in raw material prices and long-lead times for core supplies, and that is expected to continue into 2022. The impact of Brexit continues to be an uncertainty, with a shortage of HGV drivers compounding the issues faced in recent months; most firms are anticipating this to continue to impact through 2022 particularly as some suppliers have decided to focus efforts on primarily supplying the EU. Covid-19 has remained an issue, particularly with the increased transmissibility of the recent Omicron variant, which has resulted in construction sites seeing a significant reduction in their workforce over the winter months. Companies are anticipating Covid-19 to play an ongoing role in project delivery with uncertainty around workforce availability and productivity, delays to deliveries and additional costs resulting from enhanced requirements. The sector is expecting the government’s ‘Building Safety Bill’ to land in 2022, (due to go to the House of Lords committee 21/2) which will enable it to create new regulations for those involved in the building process; there is a chance that productivity will be impacted while companies get to grips with any new requirements. Despite this, the aim is to improve the UK’s new building stock and ensuring high standards; although this may impact on margin it’s an opportunity to the sector to become more innovative and efficient. A big area of opportunity is the continued adoption of technology, particularly those that can enhance productivity; we can expect an increase in the likes of construction drones, smart contracts, Augmented Reality, and Artificial Intelligence. From a Risk Manager’s perspective, the past year has been one of adaptation and change with hybrid working in effect for most of the population (at least for part of the year). At the granular level, there have been challenges in being able to effectively and efficiently hold reviews and workshops, and in being able to effectively challenge risk inputs. Body language plays a huge part in feeding into the risk process and operating in a largely 2D environment makes it extremely difficult to pick up on the subtleties. Despite this, there has been success with greater use of technology, such as interactive white boards, which has enabled teams to maintain a collaborative environment. As ever, it continues to remain important for projects within the sector to be supported by qualified professionals; it’s becoming increasingly common to see robust risk management expectations contracted through the supply chain which is incredibly positive and opens doors of opportunities for those looking to start a career and established risk professionals alike.

9


Cyber Group Co-authors: Paul Saunders, Managing Director of GDFM Ltd Sarah Peaston, Head of Regulatory Compliance, Technical Solutions & Training Resilience, Risk & Recovery As we look back on 2021 and consider the path ahead for 2022, much of the same themes prevail. Despite ongoing pandemic conditions, 2021 continued to be a progressive period for regulation and indeed new and compounded risk factors. As we embark on 2022, with two years of experiencing the most surreal global disaster recovery scenario enactment; resilience, risk and recovery have become ever more tangible, as industries continue to weather the storm of risk exposure, the testing of resilience provisions and feeling the impact of their recovery agility. Throughout 2021, firms have been preparing for the initial operational resilience regulatory implementation deadline, which is now firmly in sight at the end of Q1 2022. It will be essential for firms to embody operational resilience as a culture rather than a series of implementation dates, in particular as the coming year will be the first for undertaking the mandatory self-assessment. The outlook for 2022 and beyond is the increasing need to enable a dynamic operational resilience approach, with the associated benefits this will bring and the inherent moving away from perhaps more traditional management methods. The convergence of reviewing and managing micro and macro risks in this space will also become more natural due to the comprehensive nature of the regulation, including frontto-back mapping and ownership, prioritisation of important business services, impact tolerance computation and monitoring, appropriate ownership, and testing and ultimately a resilience capability inherent in the Business As Usual operating mode. Into 2022 the post Brexit landscape of regulatory divergence will continue to occur, which, whilst bringing respite from some components of regulation, will also present challenges to firms who operate under UK and EU regimes and who may experience efficiency considerations when managing very similar, yet ultimately different regimes, as differentiation evolves. Responsibility and accountability of leaders and senior management has been a focus during the pandemic period, with the natural disruption triggering expectations of closer monitoring and the consideration of reasonable steps. The finalisation of the extended Senior Managers and Certification Regime (SM&CR) implementation during 2021, enhanced formalisation regarding conduct and the effectiveness of accountability and responsibility. This regime is expected to start to be more consistently leveraged by regulators during 2022, after its initial period for newly captured firms and now that comprehensive industry application of this regulation is in place. Leaders will be expected to be experienced in evidencing accountability and responsibility in a consistently structured manner, including keeping abreast of the potential to breach obligations and the corresponding taking of reasonable steps, for their designated areas of responsibility. Cyber-crime has grown exponentially during the pandemic period and the implicit digitalisation of many investment routes for both mature and new investors alike, has created opportunities for fraudulent activity and scamming. The sophistication and speed of cloning and impersonation of legitimate firms is anticipated to increase into 2022 and firms should ensure vigilance, agility, and non-complacency to ensure the best defence for themselves and their clients, partners, and investors. This includes proactive monitoring of their brand to ensure any illegitimate presence is identified and addressed on a timely basis.

10


During 2021, as in prior years, there was persistent focus on how firms complied with Anti-Money Laundering Regulations (MLRs) and following the FCA’s Q2 2021 “Dear CEO” letter to retail banking providers outlining specific gap analysis action to be taken in this space, it is anticipated that throughout 2022 a high level of scrutiny on accountability and effectiveness will occur. It is particularly important into 2022, that firms undertaken a periodic ‘fresh’ review of their processes to ensure the design remains effective for their activity and that weaknesses are quickly highlighted and addressed to ensure ongoing compliance. Financial crime is an ever-evolving landscape and firms cannot afford to rely on static models to meet their obligations and should consider overall capabilities, in ensuring operating in 2022 remains effective and within MLRs. The year ahead is anticipated to naturally experience more working model changes, perhaps themselves susceptible to resilience, risk and recovery weaknesses and a comprehensive assessment will be required by firms to mitigate with robust solutions and creativity, as we continue to face familiar and at times unexpected challenges.

Energy and Renewables Group Alex Larsen, CFIRM and Grant Griffiths, Co-Chairs Covid-19 With a more positive outlook on the Covid-19 pandemic front from both business and global society there is a consensus 2022 will be a year of recovery and with it, continuing demand for energy including oil and gas. On the other hand, the huge supply chain issues, growing inflation and other economic warning signs may also signal a major downturn. Emerging Technology Whether the economy recovers or fails, expect to see continuing investment in advanced and emerging technologies which support the impetus for Net Zero and the low carbon economy. Factors influencing investment and the drive towards sustainable technologies and their long-term role in the energy mix include ESG factors, supply chain risks and the implications of supply chain changes, and political factors. The moves toward investments in technology will be underpinned by the demands of stakeholders including investors and financiers as they continue to align their portfolios towards fulfilling their ESG strategies. Other factors driving investment include efficiencies and resilience that technologies such as blockchain, AI and smart oil fields provide in surviving a major drop in prices. Political factors On the domestic front the cost of energy for householders and consumers will be a political challenge with a wide range of geopolitical factors (e.g., Russia, China), economic and social imperatives all weighing heavily on policy decisions. Energy has always been political in nature and now more than ever before is likely to emerge as an election issue for many. Risk management From a risk manager’s perspective expect to see greater focus on building resilience in response to the higher levels of uncertainty witnessed over the last two years along with a focus on workplace culture as a game-changer in the pursuit of greater agility, innovation and strategic outcomes as the increasing interconnectivity and complexity of the energy value chain brings about new risks, challenges, and opportunities for energy.

11


Bitcoin 2022 could be the year that energy companies look at mining Bitcoin. Water dams in North America and other power companies have looked at using their excess energy for mining and in many cases the profit being made from this is allowing them to upgrade their facilities in a way they have never been able to do before. With energy companies looking for alternative sources of income whilst also realising the potential for using existing energy in their network, Bitcoin mining might be an experiment that several larger energy companies undertake. And if this can be achieved by the use of renewables, it’s a massive win-win for everyone.

Environmental & Social Governance (ESG) Group Co-authored by the committee In 2022, enterprises in the public, corporate and not-for-profit sectors across the globe will continue to experience volatility, uncertainty, complexity, and ambiguity (VUCA) in the contexts in which they operate. This context, by its very nature, makes the exercise of predicting the future somewhat challenging, however, it is the view of the IRM Environmental & Social Governance Group committee that the following social drivers will be important to leading enterprises and the risk professional in supporting good governance: > Greater stakeholder accountability - stakeholders, both internal and external to the organisation, will continue to influence change in the way in which the enterprise is governed. Key stakeholders will include the investor community, public bodies, the press, social media, activists, employees and their families, former employees, clients, beneficiaries and consumers, volunteers as well as partner organisations. Seeking to gain assurance that the organisation is addressing risks related to modern slavery, inequality, diversity, inclusion, health, safety, safeguarding, security, welfare, and environmental sustainability are just some of the arenas in which stakeholders will continue to drive for change. Managing an organisation’s reputation becomes a core capability in such an environment. > Real-time public scrutiny - media scrutiny and ‘grandstand public experts’ scrutinising the way in which the health and environmental crises are being handled – in real-time, including the lessons that should have been learnt - will continue to bring into question the adequacy of governance across public, corporate and not-for-profit sector organisations. Organisations are being held to high standards by the court of public opinion, challenging how crisis and resilience management is deployed. In this context, the difference in behaviour between more ‘purpose-driven’ versus more ‘profit-driven’ organisations will become apparent; transparency and accountability will continue to need to be demonstrated, however, in the wider context of the social driver upon the modern organisation to demonstrate its place and purpose in society. This will involve organisational change in the culture, structure, and strategy as well as governance of the new enterprise. > Role of the risk professional – the role of the risk professional will grow in importance as organisations recognise this profession to be formally educated in the fields necessary to (i) understand the changing nature of the external and internal contexts, as well as (ii) support organisations to fulfil their social responsibilities in demonstrating good governance, both in profit-driven as well as purpose-driven enterprises, and in (iii) helping to prepare for media-driven crises and recovery plans. > Changes in risk reporting – as part of meeting these stakeholder requirements, the risk professional will lead the development of conventional risk reporting into more mature processes. Integral to this will be the need to demonstrate that the organisation is being governed in such a way that it is fulfilling its social responsibilities in an ethical and sustainable manner. It is viewed that formal ESG policies and processes are necessary to carry this out.

12


ESG will become a ‘golden thread’ running through the achievement of the strategic objectives/priorities’ of ‘ESG-intelligent’ enterprises and an enabler in their opportunity management whilst becoming a strategic risk for those organisations failing to recognise the changing nature of the social context. ‘ESG-intelligent’ enterprises - the leadership of ‘ESG-intelligent’ organisations will recognise that the external and internal organisational contexts have changed and that organisations, in turn, need to change if they are not only to survive but thrive in a new world order.

Enterprise Risk Management (ERM) in Insurance Group Authored by the Co-Chairs: Dr Isaac Alfon, AFF, Founder and Managing Director, Crescendo Advisors Ltd and Justin Elks, AFF, Partner, Crowe U.K. LLP Five risk themes for insurers to respond to in 2022 While a few months ago Covid-19 seemed to be more under control, sadly it seems that it is not over. The pandemic and Brexit are taking place at the time of long-term trends toward stakeholder capitalism and business sustainability. In its widest sense, sustainability in business encompasses not only environmental, social and governance issues, but also operational and financial resilience. The Prudential Regulatory Authority (PRA) and Financial Conduct Authority (FCA) are increasingly focusing on these broader issues too, making it increasingly difficult to separate doing business from regulatory compliance. Within the parameters of these events and long-term trends, we think there are five key themes that insurers should pay attention to during 2022. Macroeconomic environment At the start of 2021, there were concerns about the risks from loose monetary and fiscal policy, and high debt. Experts now seem less concerned about an economic reckoning and more concerned about inflationary pressures as evidence by the recent increase in UK base rate. This has been driven by increasing concerns around energy prices, supply chains and labour shortages. Many still argue that these are temporary challenges. On the other hand, economic stimuli cannot go on forever. The International Monetary Fund (IMF) economic growth projections for 2022 are largely in decent, if not spectacular, territory. Risk managers will need to consider whether there is cause for optimism or concern, and the extent of complacency they see.

13


“Great resignation” Talk of the “great resignation” - including people dropping out of the labour market altogether - started in the US as part of the wider discussions about the future of work post-pandemic. This has added to concerns about skills shortages, amplified in the UK by the departure of many EU citizens. Risk managers will need to evaluate whether the business, including the risk function, has the skills and capabilities needed to deliver in 2022. Regulation The transition from the UK’s FRC to the new Accounting, Reporting and Governance Authority (ARGA) continues to ratchet up the pressure on governance, even if reforms are not directly targeted at insurers. The change in FCA leadership seems to have led to a doubling down on customer’s protection, with a continuing focus on general insurance pricing and the protection of the vulnerable – although some argue that “vulnerable” is now quite widely defined. The PRA appears to be taking back control of Solvency II and has been reviewing its implementation. While there are positive noises around removing bureaucracy and widening the assets that can benefit from the Matching Adjustment, there are also industry concerns of a competitive penalty if the UK’s application of Solvency II becomes (or remains?) more prudent than that of Europe. Risk managers will need to continue to monitor these changes, while considering the cost/benefit for their organisations and any unintended impacts. Sustainability and climate change There is an increasing focus in society on sustainability and climate change. For insurers, climate change has taken centre stage. Although COP26 may have achieved less than had been hoped, it has succeeded in switching the emphasis from ambitions and commitments to actions and accountability. While sustainability and climate change also create opportunities for insurers, and insurers should be focused on sustainability as a strategic goal, the regulatory driver for action should not be overlooked. All insurers will, of course, have already “fully embedded their approaches to managing climate-related financial risks” as mandated by the PRA. Looking forward financial institutions, including insurers, will be required to disclose the impact of climate change and net zero transition plans. The PRA has already announced that it will switch to actively supervising against its climate change expectations during 2022 and reminded the industry that section 166 reviews can be applied. More generally, sustainability can lead to interesting hybrid issues, for example, is greenwashing the next misselling scandal waiting to happen? Operational resilience Some insurers have continued to enhance the digitisation, efficiency, and resilience of business processes. However, there is a risk that insurers struggle to return to service levels and capabilities they had reached before the pandemic; for example, many call centres still appear to be operating on reduced scale “because of Covid-19”. During 2022 the operational resilience rules will become effective. The focus will shift to maintaining operational resilience through planning remedial actions needed to build and maintain resilience within agreed tolerances. Risk functions will need to oversee these plans and ensure that they are credible, appropriately resourced and deliver resilience for their business in line with agreed tolerances.

14


The insurance industry has a lot of work to do to continue to fulfil its social role of mitigating losses from unpredictable events and supporting savings. The experience of the successful response to Covid-19 outbreak shows that the industry can rise to these challenges. These themes touch on all aspects of insurance – investment, underwriting and operations – and will require both a strategic focus and tangible action to enable insurers to respond to the challenges they raise.

Financial Services Group Maria Singende, IRMCert, Chair As we enter 2022, regulation, global growth, inflation, rate of employment, fiscal and monetary policies will continue to shape risk management in financial services. Customers, employees, supply chains, competition, innovation, and digitalisation developments will also inform financial institutions risk management strategies. Monitoring developments in these areas will remain crucial to ensure effective risk management of the primary risks faced by financial institutions. After experiencing the worst ever recession in 2020 due to the pandemic, recovery has been slow due to the Covid-19 variants. Supply chain challenges have also impacted recovery. Energy prices have caused inflation to soar to record levels. The above factors translate into the primary risks faced by financial institutions i.e., credit risk, operational risk, market risk, liquidity risk and reputational risk. These factors also inform risk appetite and tolerance setting for the different primary risks. The economic slowdown created by the pandemic led financial services firms to be on high alert for defaults. Increased innovations through online services and digitalisation have brought opportunities as well as threats. Frauds and cyber risks have increased. Balancing these risks and opportunities through enterprise risk management remains central for financial services firms’ success. Since the 2007/2008 financial crisis, the financial services sector has been strengthening its risk management capabilities ensuring alignment with regulatory requirements. This has prepared organisations for sudden shocks like the one caused by the pandemic. Stress tests carried out on globally significant banks have shown overall strength to stay solvent whilst supporting customers to achieve their objectives. The sector has demonstrated its resilience and ability to continue the business of funding the economy and facilitating payments and investments. Government support has remained critical in maintaining the economy through furlough and business loan schemes. Looking into the future, innovation is going to play an important role as the world moves into the post-pandemic era. New initiatives are associated with higher risks, and this is where the financial services sector needs to continuously upskill employees to keep pace with market developments. Whilst governments reacted to the pandemic by providing record support to their economies, greater international collaboration in restrictions and vaccine programmes is required to fully contain the threats caused by Covid-19. Climate change and sustainability will remain high on the agenda of financial services risk management strategies. The emergency of the pandemic has resulted in reduced carbon emissions hence slowing down threats caused by climate change.

15


Effective risk management involves having the ability to anticipate evolving risks, measuring them, and putting measures in place at an enterprise-wide basis to both manage and be able to benefit from the upside of such risks. The financial services sector is inherently in the business of taking risks therefore qualified enterprise risk managers have a very big role to play in ensuring that there is effective enterprise risk management.

Innovation Group Co-authored by: Sarah Gordon IRMCert, CEO, Satarla, Katalin Horwath, GRC Manager, Springer Nature Group and Rodrigo Souza, Senior Lecturer, University of Roehampton. Since Covid-19 has been moving far away on the horizon, in 2022, most risk managers will be more concerned about what comes next. Significant changes happened over the past years. Most businesses were able to adapt quickly, overcoming threats to harvest opportunities. Nonetheless, risk management teams, together with other experts, must reflect further upon the appropriateness of their tools and practices to deal with emerging and extreme risks, such as challenges and opportunities presented by the digital revolution and climate change. Given this scenario, we see that the comprehension of risks into context is key. Events do not generate threats nor opportunities per se, but the position and response of companies does. Uncertainties still exist regarding short-term and long-term impacts of Covid-19 to individuals and economies. Organisations must respond to the need of workers operating remotely, while customising and tailoring solutions and policies according to employees’ aspirations and goals as well as organisational ones. Numerous threats and opportunities exist regarding key talent’s retention and recruitment, but worldwide (remote) synergies and platforms may enable more fluid and further team collaboration in different time zones. Mental health and wellbeing are still on the risk radar of companies and individuals, as the youth feel disillusioned and (digital) social connections may be looser. Thus, we expect progress on responses to the challenges of making virtual (social and organisational) connections seem more natural and unobtrusive, akin to chats in the corridors or during lunch, and on platforms allowing full collaboration and inclusion between teams working in the same project onsite and remotely. As climate change risks and ESG propositions gain more relevance in board meetings as the next big disruptive wave, ERM must address sustainability and responsibility from multiple perspectives. Temperatures are rising and floods and natural disasters are happening more frequently around the world, therefore, the significant anthropological impact on the planet gets less forfeit and more real over time. We expect the spark of interest and investments from and in companies becoming greener and attempts to integrate risks and opportunities with other social and governance issues. Furthermore, risk tools must be revisited, revised, and redesigned to allow better real-time evaluation and monitoring of changes, as a key prerequisite to move on looking forward. We have seen how our world is interconnected both in the physical and virtual space, but these realities also need to be better integrated. We expect an increase in hybridisation within organisations. The digital economy will certainly be the platform supporting the physical economy. Nonetheless, the dissociation between both is unimaginable nowadays, as digital companies are moving to the high street and vice-versa. New technologies must/will be created, developed, and legitimised in these spaces as the interface between humans and machines shrink further.

16


Surrounding all the events above, we still need to face considerable political instability in governments, currencies, and commodities in 2022. Communities that have been created virtually and are becoming concrete in demonstrations on the streets. Unheard groups are gaining voices in different platforms and cannot be neglected or ignored any longer. Cryptocurrencies are obtaining more followers. There are mixes of social cohesion and social erosion, which may not have a clear direction in their infancy or juvenile period but are maturing to shake pre-established boundaries in society. That imposes a huge pressure on governments and policy makers to accommodate requests coming from different stakeholders and to create an arena for potential (partial) consensus and (re)stability. Society may be facing existential threats in the near future. They may not necessarily create the extinction of humankind but will certainly shake paradigms. As we emerge from Covid-19 we realise that coming back to normal may not be the path we all want. The challenge then becomes how to accommodate so many claims and imperatives constrained by the reality we live in and without polarising it even further Perhaps our solution will be to create metaverses or multiple universes, tuning finer lines between physical and digital worlds. As risk managers we may be well-positioned in this space to think out of the box and look to our risk management toolkit to pull out ideas and solutions to attenuate these tensions considering both their short-term as well as long-term implications of decision-making processes. In sum, in 20222, we expect lots of rethinking and re-analysing before each one of us can set a clearer direction for our ship to sail forward.

17


Nuclear Group Kathryn McCloghrie, CMIRM, Head of Corporate Strategy, Sellafield Ltd Chair IRM Nuclear Industry Group 2021 has been an eventful year for the nuclear industry in the UK, with increasing government support for Small Modular Reactors and Advanced Nuclear Technologies. The announcements in relation to the Regulated Asset Base funding model for large nuclear power stations have created new opportunity, whilst the policy position on Chinese engagement in these projects could threaten projects by excluding potential partners. Whilst government policy is supportive, the security context continues to be threatening, particularly with increasing geo-political tensions and the rapid development and expansion of cyber threats. The potential for malicious attack on critical national infrastructure is increasing. As we enter 2022, the resource impact of Covid is as bad, perhaps worse than it has ever been. This is partly due to increasing isolations and positive test results, and partly because it compounds other resource issues such as scarcity and high attrition. Recruitment and retention are both key risks for the future. High levels of attrition and the consequent loss of knowledge and expertise are creating a challenge for most organisations, and particularly for nuclear operators, for whom plant and specialist knowledge are vital. STEM skills (Science, Technology, Engineering and Mathematics) remain an area of national scarcity and are critical to both new and existing nuclear facilities. Many employers are increasing flexibility regarding location or working from home to attract talent, however nuclear sites tend to require hands-on presence, restricting the opportunities. In addition, next year’s talent is expected to demand more from employers – avoiding ‘bad businesses’ and wanting a clear purpose and values which resonate with their own. The nuclear industry has always been controversial, reflecting a history associated with military uses and a very small number of high-profile accidents. The public perception of risk is increased by lack of understanding and historic secrecy. The opportunity for the future is to demonstrate the benefits of nuclear power as part of a balanced portfolio of low carbon energy which enables our climate change ambitions. Supply chain resilience is a key risk for the future. Whilst we have all learned a lot about our vulnerabilities in this space through Covid, there are indicators that this will continue to be a significant threat. The scale of government infrastructure projects continues to expand, leading to a competitive market. Key contractors also face increasing difficulty in recruiting talent, with both employment costs and rates of attrition increasing. In 2022, when key staff leave, businesses will have to increase salaries significantly to replace them. Retention is a critical risk. It is likely that cost and scarcity will lead to more specialist work, such as design and manufacturing, being undertaken off-shore – with the associated concerns about quality control, assurance and security. Nuclear plants tend to depend on specialist proprietary items, making them vulnerable to stoppages, and on small specialist suppliers, making their survival and success a critical risk to the plant operator even if the supplier is several layers below in the chain. Sustainability is an increasing topic for risk discussions, with uncertainties in stakeholder expectations, policy directions, regulatory evolution and public perceptions. Balancing environmental and social value for money will require many critical decisions. Enabling risk-informed leaders to appropriately judge these uncertainties and chart a path through the dynamic context will be key. Looking forward, the level of opportunity for investment in technology is enormous. From digital business systems to remote and automated plant systems – technology can transform our enterprises. Achieving this will require shrewd investment in systems, operator skills, creativity and management and use of information. For an industry where modifications are carefully scrutinised and controlled for safety reasons, moving dynamically to substantiate and deploy evolving technology will be a constant challenge. As always for the nuclear industry, safety and security are paramount. For 2022 operational resilience, in the face of these and other threats, will be our top priority.

18


Global View Africa Zanele Makhubo, CFIRM Chair South Africa Group Director: Enterprise Risk Management at Gauteng Department of Human Settlement (CRO) Future disasters - drought, global warming, and floods will continue in 2022 Covid-19 has exposed the world’s ability to cope in a crisis. To manage future global disasters, we must address any issues, such as a lack of planning and changing regulations. There is a need for collaboration, to develop proactive disaster management plans, agreed upon by all stakeholders from all disciplines, including Regulators, health, business, NGOs, community, civil society groups, labour stakeholders, disaster management, and business continuity. We need to prepare for the worst to achieve the best. Returning to the “new world at work” Addressing the issues of mental health and post-traumatic stress disorder when reintegrating the workforce back into the workplace. This requires robust changes in management policies. The ‘Human Factor’ needs to be prioritised across the board, with new policies put in place to address the needs of our workforce. Increase in unemployment An increase in unemployment will harm and set the South African economy back 10 years by deepening poverty and inequalities. It will take a momentous task to rehabilitate, rebuild and reconstruct the vibrant economy. It requires all the sectors of the economy to collaborate to find a better solution for all. Sustainability The slow pace in investing in sustainability priorities (environment, economy, and society) during the Covid-19 pandemic, shows an elevated impact on how the three domains interconnect. Unmaintained, dilapidating infrastructure affects: >

Environment - efficient use of resources, access to water, food security, air pollution, hazard management and economic preservation.

>

Economy - economic stability, unemployment, and deepened poverty.

>

Social - society’s livelihood, health, human rights, inequalities.

The country should meet the needs of the current generation without compromising the needs of the future generations. Lack of business continuity and Resilience Strategies Most private and public organisations do not have appropriate business continuity plans and resilience strategies to ensure continuity for future disasters or unforeseen events. Business interruption is too costly as it results in many operational risks. There is a need to develop robust business continuity plans which cater for business interruption, contingent business interruption, and trade disruption (supply chain) insurance.

19


Technology risk The risk of sourcing technological solutions leads more organisations and businesses vulnerable to cybercrimes. Are we agile enough to deal with the world of technology? Cyber insurance is a new consideration by CIOs, CEOs, and CFOs in the public and private sectors. Adaptive leadership is encouraged to initiate adaptive resilience strategies. Fraud and Corruption Risk The risk of slow implementation of consequence management makes it difficult to mitigate such risk.

India Co-authored by: Hersh Shah, SIRM, Chair Sunder Natarajan, CMIRM, Deputy Chair Rama Warrier, CFIRM, Deputy Chair P Subramanian, FIII, CFIRM, Deputy Chair What lessons have risk managers learnt over the last year? 1. Greater diversity will drive superior risk management 2. Companies will adopt a mix of modelling strategies 3. Alternative data will expand to fill information gaps 4. Risk managers will be a part of strategic decisions 5. Risk intelligence will now be an important skill valued over domain expertise alone Future top challenges/key three risk factors for India 1. Socioeconomic risks / inclusion of rural India which should hopefully be mitigated with the Budget 2022 2. Inflation risk 3. Inter-state relationships / geo-political risks What could have been done better? Businesses have shown tremendous resilience in the year 2021 in recouping a lot of lost ground. Though this is a tremendous achievement, it has caused a bit of distortion in the way non-pandemic risks are perceived. Owing to the ‘halo effect’ of the Covid-19 pandemic, the relative prioritization of risks has been less than realistic in many organisations. While respecting the severe impact of the pandemic, risk managers should balance it with the potential impact and probability of the other host of risks which their organization is exposed to. Another aspect which could have been handled better is the exaggerated risk response that was given to the pandemic. Whilst we should accept that the ‘unknowns’ made the risk managers err on the side of abundant caution, a quick review would indicate that many responses could have been toned down. The best example would be how the lockdowns and complete closure of business activities were implemented when a more pragmatic approach could have been adopted.

20


What good risk management looks like and the importance of having qualified risk practitioners in the business. Some of the fastest modes of transport built also tend to the ones with the best safety features. Risk management does the job of a brake or airbag or parachutes which help overcome an ‘incident’ and protect the ‘passenger.’ In addition, they also give confidence to the driver to fast. Risk management is common sense which is practiced well. All it requires is a systematic approach to all processes and functions with risk lens. The best persons who can build a risk culture in an organisation are representatives of each function who are qualified and trained to become risk intelligent. If each risk practitioner in each function were to ensure adherence to the laid down process, identify exceptions and flag them off for corrective and preventive action, they can only identify the bottom-up risks, but also enhance the efficiency and effectiveness of the process thereby contributing to the balance sheet. This coupled with a strong top-down approach including risk reviews completes an organisation that is risk savvy Everyone is a risk manager! Adam warned about the hidden risks of eating the apple whereas Eve embraced the opportunity and tasted it first! The result was the whole evolution of mankind! Between Adam and Eve whom would you rate as a better risk manager? Should a Risk Manager be risk-averse or risk embracing? Corporate houses are grappling with this question without a clear answer for a long time. Risk management as a field of management education came in existence very recently although the attributes of risk management are naturally found in all living beings including plants, basic elements such as water and air! Water flows from higher level to lower level to attain a state of equilibrium. So also air flows from high pressure zone to low pressure region. Risk management education is a continuous process of imparting essential life skills towards achieving equilibrium. Folklore about the engineering genius Sir Visvesvaraya, who identified a crack in a rail track with his surreal capability, of sensing a risk of derailment of train in which he was travelling, by just listening to the changing vibrations caused by a fault in rail track, proved a point that there are some naturally born extraordinary risk managers in this world. Good risk management lies in employing a qualified risk manager with an extraordinary orientation towards identifying the opportunities and risks that are associated in the environment in which we live.

Middle East Darren Mullan CFIRM, Chair For my risk predictions last year, I selected several trends which presented both risk and opportunity across the Middle East. For this year’s risk predictions, I have provided an update against these trends within the wider context of the ongoing impacts of Covid-19, continued regional socio-economic and political reform, as well as some of the well-publicized political and security tensions. Economic Growth In January 2022, the IMF forecasted moderate global economic growth for 2022 at 4.4%, down from 5.9% in 2021. This revised 2022 forecast is half a percentage point lower than in its previous October World Economic Outlook (WEO), largely reflecting forecast markdowns in the two largest economies (i.e., US and China). The Middle East countries are expected to show growth at, or higher than, the global average, mainly driven by oil revenues stemming the recent agreement by OPEC+ to boost oil supply. For example, the Saudi Arabian Ministry of Finance forecasts national GDP growth of 7.4% in 2022, versus 2.9% growth in 2021. 21


Whilst the regional economic growth will unsurprisingly continue to be driven by oil-related revenues, nonoil growth will continue to be a key area of focus (e.g. in addition to several infrastructure ‘giga projects’, the Saudi Arabian government has a number of programs, such as the National Industrial Development and Logistics Program and “Shareek” Program, which promote private sector productivity and economic contribution). Taxation Whilst the Middle East enjoys much lower overall taxation compared to the global average (e.g., some research indicates 25% regional versus 45% global taxation rates), taxation reform continues to play a key role in the wider economic reform across the Middle East. For example, the UAE Ministry of Finance (MoF) has recently announced the introduction of a new 9% federal corporate tax in the UAE that will be effective from 2023. Demographics Across the Middle East region, the bulk of the population is predominantly below 30 years old. In last year’s predictions, I highlighted that this factor would present both opportunity (e.g., meeting the needs and aspirations of these emerging consumers) and risk (e.g., meeting the increased demand for degree-level education and associated professional employment opportunities). My own observations in the region indicate that governments, despite the current economic challenges to employment levels, are successfully responding to this increased demand for professional employment opportunities (e.g., broader Saudisation of, combined with increased female participation in, the local workforce), which in turn is fueling consumer-led economic growth across non-oil sectors. In conclusion, the Middle East remains a fascinating region and will continue to respond to regional and global events, whether they have potential upside or downside. I also suspect that 2022, like 2021, will also provide some unexpected political and security challenges in the region, which are always difficult to predict but must still be managed. Unsurprisingly, as a profession we must therefore continue to help our respective employers and clients to anticipate, understand and navigate these risks and opportunities.

North America Michael Rasmussen, CMIRM IRM Global Ambassador, United States Agility is a thing of beauty. I love watching acts of agility. Take parkour for example, how these athletes can leverage and use their surroundings to navigate and seem to do the impossible . . . simply amazing. There has been a lot of focus on resiliency in 2021 and moving into 2022 as we deal with the waves of the pandemic and ramifications from it. Resiliency is the capacity to recover quickly from difficulties/events, the ability of a business to spring back into shape from an event. This is critical and I see a lot of organisations moving to bring together risk management and business continuity management into what is now defined as risk and resiliency management. Business continuity management as a separate function in the organization is outdated and over the next two-to -three years we will see a mass migration to an integrated operational risk and resiliency program. Resiliency is NOT enough though. I am seeing a lot of organisations in 2022 to see how their risk and resiliency programs can make them more agile as well.

22


Agility is the ability of an organisation to move quickly and easily; the ability to think and understand quickly. Good risk management is going to clearly understand the objectives of the organisation, its performance goals, and strategy, and continuously monitor the environment for 360° situational awareness to be agile. To see both opportunities as well as threats so the organisation can think and understand quickly and be prepared to move to navigate to seize opportunities while avoiding threats/exposures to the organisation and its objectives. Organisations in 2022 need to be agile organisations to avoid and prevent events, but we also need agility to seize on opportunities and reliably achieve (or exceed) objectives. Agility is not just avoidance of hazards, threats, and harms. Agility is also the ability to understand the environment and engage to advance the organisation and its goals. Organisations need to be agile and resilient. Risk management needs to be an integrated part of performance, objective, and strategy management to achieve this capability to enable situational awareness for this organisation so it can seize on the opportunity as well as avoid exposures and threats. So, the organisation in 2022 needs enterprise risk and agility that is also supported by operational risk and resiliency. There is a symbiotic relationship between enterprise risk and agility with operational risk and resiliency that organisations need to develop in today’s dynamic, distributed, and disrupted business. To be agile and resilient, organisations also need to think creatively and not just logically about risk management in 2022 and beyond. When we think of risk management we often think of structured approaches with complex models, mathematics, and analytics. We dive into the world of Monte Carlo analysis, and Bayesian modeling. There are calculations such as Capital at Risk (CaR) or Value at Risk (VaR). The field of risk management has been dominated by left-brain thinking. Does being a right-brain thinker make me bad for risk management? I do not think so. Historically, risk management has been dominated by left-brain thinking on risk. We have structured risk models, simulations, and analyses. We try to put uncertainty/risk in a box. As long as that box roughly resembles reality then our analysis is to some degree fairly sound. Good risk management requires structured thinking about risk and using models. As Sir Arthur Conan Doyle stated: “It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts.” I argue that this is not enough to be agile and resilient in 2022. Good risk management does need structured data and analysis, but it also needs to think about risk creatively. Business is complex and dynamic. There are so many variables that can hinder us from achieving objectives. Some of these can be fairly evident and common sense, some can be very abstract, remote, and down in the weeds of the organisation. That requires creatively thinking about risk and risk event scenarios. This requires us to explore intuitively complex relationships of risks to other risks and objectives. In the words of Alvin Toffler: “You can use all the quantitative data you can get, but you still have to distrust it and use your own intelligence and judgment.” Creatively thinking about risk, to be agile and resilient, requires good risk models from the structured risk thinkers, but then to think outside the box on how those models break down or what they do not cover. Right-brain risk thinking involves a lot of visuals of risk and going through risk scenarios. From a risk analysis point of view, I love bow-tie risk assessments. Monte Carlo simulations and such are valuable, but they also put me to sleep. I love the mind mapping analysis of a bow-tie risk assessment to visually analyze causes and effects, come up with things that are being missed, and look for ways to mitigate, transfer, and manage that risk to an objective.

23


Iraq Hisham Khalid, SIRM, Chair One of the biggest risks in Iraq is the unstable economy and the fluctuation of exchange rates for foreign currencies, as well as the inactivity in the private sector due to the factors stated, and the risks of Covid-19, and these problems can be summarized as follows: > The low exchange rate of the local currency against the US dollar is one of the biggest problems facing the economy, as it decreased by 20%, and this has led to a rise in the prices of goods and commodities as a cost because Iraq is a consumer country and there is no industry in it. Iraq should be Importing goods from outside Iraq in US dollars, if the price of goods is raised locally consequently the damage occurs to the consumer. This leads to a decrease in sales in general because the value of money has decreased against the dollar and this reduces the process of disposing of goods, and here we mention one of the most important elements that has contributed to holding back the movement of the wheel of the economy in general. > Iraq suffered in the war with ISIS many losses, including human and material, the supply of weapons and the suspension of the economy in the areas where the wars took place and the closure of many border outlets that generate economic resources for the state, meaning that the spending process here was in one direction without any resource alternative. > Iraq is considered one of the key countries in the local economy because there is no alternative financial resource other than crude oil. This point can be summarized in that Iraq sells oil for dollars to provide financial liquidity from which it can be spent on local projects and infrastructure, and there is no alternative economic resource other than fees. It is surprising to mention that oil revenue represents approximately 98% of the total resource, and this result is strange because Iraq has many resources that cannot be used. > Iraq’s situation with Covid-19 is that the discharge of crude oil has become insignificant and cannot be relied upon entirely because the resources are not sufficient due to the drop in oil prices in the local markets to stop factories and production all over the world. > Failure to support the private sector and open a good space for it is one of the biggest types of risks in Iraq, because the private sector is ahead of the government sector in most respects, both intellectually and technologically, and among the most prominent examples are the banks that are considered one of the pillars of the countries’ economy that does not receive adequate support from government agencies to take real space for it in the financial and banking sector. Lack of insurance culture Here we highlight that the lack of insurance or failure to properly activate insurance companies may lead to disasters in the public and private sectors. > Disguised unemployment: a lot of state employees does not have a clear job description and it does not take up space from real work, and the Iraqi government sector is considered one of the largest sectors in the world in terms of the number of its employees, that is, according to indicators that more than 20 % of the population of Iraq are state employees, when actually 5% is the real number that performs its role in work, and this is considered an expense and a burden on the government in disbursing dues and burdening it to allocate a budget for more salaries than necessary.

24


Why risk it? Get qualified Advance your career with the IRM qualifications

IRM certificates include: International Certificate in Enterprise Risk Management

International Certificate in Financial Services Risk Management

Digital Risk Management Certificate

Supply Chain Risk Management Certificate

What our students say Robert Luu Director of Customer Success, Galvanize, Singapore “Whether you’re directly in risk management practice or not, the IRM provides a great qualification to immerse yourself in to grasp the foundational knowledge that touches on a variety of topics of today, and the technological advancement of the future." Carla Knight, IRMCert Risk Management Specialist, Exxaro Solutions, South Africa “IRM qualifications are an excellent way to ensure that you stay relevant and on top of the changing risk management field. It has taught me so many things especially in the areas where I do not see myself as an expert.”

Companies we've worked with include:

Find out more at:

www.theirm.org/qualifications Resilience, risk and recovery


IRM Virtual Training With over 30 years’ experience delivering industry-leading training courses

Our face-to-face training courses have been temporarily suspended at our HQ in London (and throughout the UK). We have adapted a lot of our training courses to take place online as virtual classrooms in response to the global pandemic. We continue to deliver professional, interactive and practical training courses in these uncertain and testing times, there’s never been a better time to remain current and competent and aid the economic recovery of your business.

Virtual training courses include: > Choosing and Using Key Risk Indicators

> Risk in the Boardroom

> Embedding Risk Management

> Risk Management for a Digital Future

> Fundamentals of Risk Management

> Risk Reporting

> Practical Risk Appetite & Risk Tolerance

> Managing Third Party and Supply

> Risk Essentials Masterclass

Chain Risk Management

> Risk Culture

e-Learning courses include: > Enterprise Risk and Resilience > Resilience Masterclass

> Fundamentals in Quantitative Risk Management and Business Simulations

Benefits of IRM training:

CPD Practical & interactive training

Industry expert trainers

CPD & accreditation

Find out more at:

www.theirm.org/training-mag


Institute of Risk Management Institute Risk Management 2nd Floor,ofSackville House 2nd Floor, Sackville House 143–149 Fenchurch Street 143–149 London Fenchurch Street London EC3M 6BN EC3M 6BN www.theirm.org www.theirm.org

Developing risk professionals Developing risk professionals


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.