Risk Management Could Be a Powerful Tool, But it Just isn’t (part 2)

In the second of a four-part series, Alex Sidorenko, founder and CEO of Risk-Academy, explains how the key to managing corporate risks is often through dealing with the individual risks of decision-makers first.

If there is one thing I learned in my previous role as Head of Risk at a multibillion-dollar sovereign investment fund, risk management is not about managing risks. It’s about helping management make strategic, operational and investment decisions while keeping the risks in mind.

It sounds simple enough, but it’s anything but. Here are some of the lessons I had to learn the hard way:

A. Read part 1

Alex has created a short bootcamp designed to help companies implement quantitative risk management. Imagine saving the company so much money that investing in risk management competencies and resources becomes a no brainer for the executives. That's exactly what Alex Sidorenko did at a global $10B chemical company and he has been kind enough to share his top tips and lessons learned with you each week. Sign up now!

B. Individual and corporate risks are not the same

There is a big difference between the risks that the board is concerned about, such as corporate risks, and the risks that individual managers worry about, often their personal risks. It is quite natural for humans to consider risks that can potentially impact them personally as significant, while the risks that impact the achievement of strategic objectives as somewhat remote or distant.

The important lesson I learned is that if you want management to pay serious attention to corporate risks, you should first help them deal with their individual or personal risks. And by personal risks I mean things like maintaining their area of influence, building a solid reputation, advancing their career, not losing their job and protecting themselves from investigations or prosecution.

Another aspect that has a huge impact on the quality of decision-making – and hence the quality of risk management – is remuneration policy. Many people are driven by their financial self-interest much more than any corporate values or best practices. And this has a huge implication on the work of risk managers.

To address these challenges, I aim to do the following:

  • Demonstrate how proactive risk management can benefit individuals within the firm and solve their personal risks. Even basic things like creating a paper trail for key decisions and risks taken by management to protect against any future inquiries;
  • Review existing remuneration policies and find out how the bonus payments are calculated to understand whether it drives any excessively risky behavior and what periods are particularly vulnerable. For example, employees usually make much riskier decisions just before bonus entitlements are calculated at the end of each quarter or year-end;
  • Work with HR to ensure existing individual objectives and KPIs adequately take risks into account. This will help to cement the message that risk management is a part of normal performance management;
  • Work with strategy to ensure corporate objectives and KPIs are also set based on the outcomes of risk analysis to help make the targets more realistic and achievable;
  • Include risk management roles and responsibilities into existing job descriptions, policies, procedures and committee charters to reinforce ownership and accountability.

As risk managers, we need to be prepared to the fact that some managers ignore risks and take uncalculated risks for a reason. Therefore, it’s absolutely critical to understand what motivates each individual.

Agree? Disagree? Post your comments below to join the conversation.

Read part 3.


– – – – – – – – – – – – – – – – – – – – –

RISK-ACADEMY offers decision making and risk management training and consulting services. Our corporate risk management training programs are specifically designed to promote risk-based decision making and integrating risk management into business processes. Risk managers all over the world call us in to help sell idea of integrating risk analysis into decision making and using quantitative risk analysis techniques. Check out most popular course for decision makers https://riskacademy.blog/product/risk-based-decision-making-executives/ or our dedicated programs to help risk managers learn the foundations of quant risk analysis https://riskacademy.blog/product/risk-managers-training/. We can also help audit risk management effectiveness or develop a roadmap for risk management integration into decision making https://riskacademy.blog/product/g31000-risk-management-maturity-assessment/ 

RISK-ACADEMY offers online courses

+ Buy now

Informed Risk Taking

Learn 15 practical steps on integrating risk management into decision making, business processes, organizational culture and other activities!

+ Buy now

ISO31000 Integrating Risk Management

Alex Sidorenko, known for his risk management blog http://www.riskacademy.blog, has created a 25-step program to integrate risk management into decision making, core business processes and the overall culture of the organization.

+ Buy now

Управление рисками

В этом коротком и очень увлекательном курсе, Алексей Сидоренко расскажет о причинах внедрения риск менеджмента, об особенностях принятия управленческих решений в ситуации неопределенности и изменениях в новом стандарте ИСО 31000:2018.


9 thoughts on “Risk Management Could Be a Powerful Tool, But it Just isn’t (part 2)

  1. Role as risk managers is to advocate and influence decision makers. Provide guidance to stakeholders to ensure that they understand the risks in their respective units.

    1. Completely agree – only Personnal remuneration packages have an impact on human behaviour

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.