Risk management is important for businesses to identify and manage risks that could negatively impact objectives. There are strategic risks related to long-term objectives and operational risks regarding day-to-day operations. Key risks include financial risks like currency fluctuations, legal risks from non-compliance, technological risks to systems, and reputation risks that could damage stakeholder relationships. Implementing a formal risk management process helps businesses reduce surprises, focus on objectives, and take calculated risks.

1. Risk Management
Business Risks

2. What is risk?
Risk is the possibility that an event will
occur and adversely affect the
achievement of an objective.
COSO ERM Framework

3. Upside and Downside risk
• Upside
– Opportunity
• Downside
– Threat

4. Underlying principles
– Every entity, whether for-profit
or not, exists to realize value for
its stakeholders.
– Value is created, preserved, or eroded
by management decisions in all
activities, from setting strategy to
operating the enterprise day-to-day.

5. Benefits of risk management
Reduction in management time spent fire-fighting
Fewer sudden shocks and surprises
More focus internally on doing the right things the right way
And therefore
Greater likelihood achieving business objectives
Increased likelihood of change initiative being achieved
Strategy is appraised more effectively, leading to calculated
risk taking
Hence
Greater confidence in moving into new areas
Overall cost of risk is reduced

6. Why Risk Management is Important
Risk Management supports value creation by
enabling management to:
– Deal effectively with potential future events
that create uncertainty
– Respond in a manner that reduces the
likelihood of downside outcomes and
increases the upside

7. Strategic and Operational Risks
• Strategic
– Relate to the fundamental aspects of the
organisation
– Linked to the high level corporate objectives
and the strategic plan
• Operational
– Relate to the day-to-day matters that could go
wrong

8. Risk management process
Identification Assessment
Review Management

9. Strategic and Operational Risks
• Strategic
– Long-term
– High level
• Operational
– Short-term
– Low level

10. Factors contributing to
strategic risk
• Industry/market
• State of the economy
• Actions of competitors
• Stage of product life cycle
• Nature of product e.g. raw material
• Gearing
• New technology

11. Operational risk
Definition – loss from failure pf internal
business and control process
Includes
• Internal control failure
• Audit failure
• IT failure
• Loss of key personnel
• Fraud

12. Impact on Stakeholders
• Business risk can impact on stakeholders in a
number of ways
• Shareholders
– Fall in share price
– Reduced dividend
• Directors
– Loss of income (bonus)
– Loss of reputation
– Termination of office

13. Impact on Stakeholders
• Managers
– Loss of income (performance related pay)
– Promotion opportunities reduced
– Loss of motivation
• Employees
– De-motivation
– Loss of income (performance related pay)
– Reduced promotion opportunities

14. Impact on Stakeholders
• Customers
– Poor product – could look for alternative suppliers
– Loss of sales to retail market
• Suppliers
– Loss of supply

15. Impact on Stakeholders
• Government
– Loss of taxation revenue
– Unemployment
• Banks
– Financial loss from loan defaults

16. Common business risks
• Financial
• Legal
• Technological
• Health & safety and environmental
• Reputation
• Business Probity

17. Financial risks
• Currency risk
– Exchange rate movements
• Transactions
• Translation
• Economic (competitiveness)
• Interest rate risk

18. Financial risks
• Market risk
– Movement in market value of an asset
– Includes derivative risks
• Credit risk
– Default/late payment of debt
• Liquidity risk
– Company will be unable to pay its obligations
(cashflow)

19. Legal
• Non-compliance with law and regulations
– Fines/penalties
– Loss of reputation

20. Technological risks
• Physical loss/damage
• Data and systems integrity
• Fraud
• Loss of competitive advantage due to
failure to introduce new technology

21. Health & safety and environmental
risks
• Failure to comply with legislation
– Environmental
– Health & Safety

22. Reputation
• Loss of reputation caused by adverse
consequences of another risk
• Examples
– Poor customer service
– Poor ethics
– Health & safety

23. Business probity
• Governance and probity within the
organisation.