Businesses across the globe have, in the last couple of years, seen exceptional uncertainty due to political tensions, economic turmoil, COVID-19 pandemic and others. Markets today have put additional pressure on risk officers to safeguard the firm due to extreme conditions like changing consumer preferences, technology advancements, regulatory changes, competitive pressures, globalization etc. This dynamic nature of the market makes the boards and senior management of firms to constantly readjust their strategy, objective, policies and process. Firms now need to take a holistic approach to keep the pace with the change happening around them.
Risk Management is all about identifying, assessing, evaluating, and measuring risks followed by monitoring, mitigating and minimising those risks. The Basel Committee defines operational risk in Basel II and Basel III as: The risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events.
The Basel Committee defines operational resilience as “the ability to deliver critical operations through disruption.” The principles of operational resilience aim to strengthen banks’ ability to withstand operational risk-related events that could cause significant operational failures or wide-scale disruptions in financial markets, such as pandemics, cyber incidents, technology failures or natural disasters.
An organisation is faced with a multitude of challenges not only in setting the strategy and direction of the organisation but with weighing up the appropriate risk appetite and building the correct level of resilience to survive and thrive. Therefore, an integrated Risk and Resilience framework in place is a better approach to managing uncertainty and addressing challenges.
The benefits of an integrated approach (as mentioned in the guideline on integrating strategy, risk and resilience 2022 edition, IRM South Africa https://www.irmsa.org.za/page/guideline) are:
- Enhanced reputation and shareholder value
- Receptiveness to change
- Better trust and stakeholder confidence
- Informed and future-fit strategic initiatives
- Efficient operations
- More agility and flexibility
- Framework to deal with known and unknown
- Reduced cost and impact associated with incidents and sudden disruptions
- Increased coordination and integration across stakeholders