There are several wrong notions about Risk Management. Many Banks believe that Risk Management is about adhering to RBI’s Master Direction and guidelines about Risk Management. Many non-financial organizations believe that Risk Management is only for financial institutions. Therefore, most non-financial organizations do not have separate structure, systems, policies and procedures for the management of risks. Even in non-financial organizations where some function called ‘Risk Management’ exists, it pertains only to specific functions like supply chain management, production management etc.
What is Risk?
Risk is a situation that involving exposure to danger, harm or loss. When we step out of our house to go for morning walk, we run the risk of being hit by an out of control vehicle or being run over by a vehicle coming from the wrong side. When we lock our residence and go for a movie we run the risk of our house being burgled during our three hour absence. Risk exists wherever there is an opportunity for a profit or a loss. We commonly refer to the risks as exposures to loss, or simply exposures. A fire is an exposure. Defective products or defamation are liability exposures. Loss of business that results from a damaged building or tarnished reputation is also an exposure. All organizational processes that are involved in the manufacturing of product, provision of services as well as internal administrative work have an embedded risk of loss due to quality issues, unintended adverse effect on the consumer, non-compliance with regulatory prescriptions, wherever applicable, miss-selling, theft, pilferage, fraud etc.
Just as the risks mentioned above do not prevent us from walking on the road, the risks inherent in organisational processes also do not hinder an organisation from functioning. All the risks have to be managed and mitigated and there are ways to do it.
What is Risk Management?
In simple words, Risk Management is all about trying to find out what can go wrong and doing what needs to be done to ensure that what can go wrong does not go wrong. It is also about what to do to minimize the impact/loss if something that can go wrong actually goes wrong.
Everyone, including you and me, does several things towards managing the risks that we face in our life. For example, basic things like wearing footwear, brushing teeth every day, carrying an umbrella during the rainy season etc., are some of the routine things that we do to manage risks. Taking an insurance policy is also a major action that we take to manage the risk that our dependents would face in the event of our premature departure from this world.
Similarly, all organisations take, in the normal course of their business, several steps towards managing various risks. For example, taking Fire and Burglary insurance policy, installing fire extinguishers in the office, hiring internal auditors, hiring employees specifically to collect receivables, having continuous R&D etc., are some of the steps that organisations routinely take to manage the risks.
Risk Management, in essence, refers to the process of deep analysis of all processes involved in manufacturing and/or delivery of goods and services and all other internal processes and external factors to find out what can go wrong and how to eliminate or minimize such risks. It is the process of making and carrying out decisions that will minimize the adverse effects of risk on an organization. The adverse effects of risk can be objective or quantifiable like loss of assets due to fire, theft, burglary and insurance claim costs, or subjective and difficult to quantify such as damage to reputation or decreased productivity.
If neither elimination nor minimization of risks is possible, an organisation must proactively develop enough financial strength to absorb the impact of such risks whenever they materialize.
Why Risk Management?
If organisations are already taking steps to manage risks, what is the need for Risk Management?
Although organisations do take several steps to manage various risks, there are many risks, known and unknown, which are either not sufficiently taken care of or are not at all taken care of. That is the reason why only a few organisations survive over a long time. According to a report, in the USA only 25% of the organisations make it to 15 years or more. Even the large and successful organisations, sometimes, suddenly collapse and close shop. For example, Jet Airways and Kingfisher Airlines, both of which were market leaders in the domestic aviation industry at different points in time, suddenly collapsed. Their closure resulted in job loss for their employees and bad debt for their lenders. Even a tightly regulated entity like Yes Bank almost went bankrupt and had to be revived with the support of a clutch of banks under RBI supervision.
This happens because most organisations do not systematically manage their risks.
Banks have been required to have a systematic risk management structure, policies and process in place since 1999, as mandated by RBI. However, even after two decades of tightly monitored Risk Management, they are not managing their risks properly and adequately, as evidenced by the huge Non Performing Assets that they are saddled with. The primary reason for this is the fact that Banks have misunderstood risk management more as ‘compliance with RBI’s risk management guidelines’ and have been focusing on adhering to RBI prescriptions rather than truly ‘managing’ various risks that they face in the best manner possible.
Risk Management is all about managing risks effectively so that the survival of the organisations is not hampered by the impact of risk events.
By focusing attention on risk and committing the necessary resources to control and mitigate risk, a business will protect itself from uncertainty, reduce costs, and increase the likelihood of business continuity and success.
Hermes 360 degree Risk Management
We offer Risk Management Consulting service which encompasses review of all important systems, policies, products and processes, including but not limited to the following:
- Net Worth Planning
- Profitability Management
- Cost control
- Eliminating income leakage
- Fraud Management and disciplinary process
- Effective reconciliation process
- Performance Management
Not having a robust risk management system is the biggest risk an organization runs.
We are offering free of cost introductory risk assessments for first 100 clients. If you wish to participate, please visit HERE
Author :
K Mohan Bhaktha
Independent Risk & Productivity Consultant & Lecturer
Risk Mgmt | FEMA & AML Compliance | Forex |Internal Control | Fraud Prevention | Productivity Mgmt |