SlideShare a Scribd company logo
1 of 22
Download to read offline
2021 Survey Report
21
COUNTRIES
5000
RISK MANAGERS
IN EUROPE
22
MEMBER
ASSOCIATIONS
40+
YEARS
As the single
recognised voice
of European
risk managers
www.ferma.eu
THE ROLE OF RISK MANAGEMENT
IN CORPORATE RESILIENCE
02
About FERMA
The Federation of European Risk Management Associations
brings together 22 national risk management associations in 21
European countries. FERMA represents the interests of nearly
5000 risk and insurance managers in Europe active in a wide
range of business sectors from major industrial and commercial
companies to financial institutions and local government bodies.
More information can be found at www.ferma.eu
03
On behalf of FERMA, I am pleased to present this report that
we have produced with McKinsey & Company. It explores the
contribution of risk management to corporate resilience as we
move forward from the immediate impact of the pandemic
crisis.
Before the pandemic, we knew that risk management and
risk managers had an important role in keeping shocks from
destabilising their companies. The pandemic proved that. Until
this report, however, we had little data on this contribution.
Against this backdrop, FERMA and McKinsey & Company
surveyed risk and insurance professionals and senior executives
across sectors globally in the summer of 2021. Our aim was
to establish a current view of the role of risk and insurance
management in fostering resilience for their organisations.
Today, we see from the report that the majority of participants
feel their organisations are well equipped to manage resilience
overall. At the same time, more can be done. In particular,
these results give the impression that there is work to be done
on improving organisational risk culture, as well as making
resilience more of a strategic priority.
Risk and insurance managers are already involved in this
process in a meaningful way. The findings give us a great
incentive to maintain momentum. We must continue to
underline our worth to our organisations. They also show us
where we can take the initiative by developing in areas such as
foresight capabilities and sustainability.
This survey gives us a foundation for our future work on
resilience. We will also embed resilience into our advocacy
work when we contribute to European projects, across a range
of topics linked to the green and digital recovery, and beyond.
The pandemic has highlighted the importance of good risk and
crisis management and its contribution to resilience, but we
must not be complacent. We continue to face other, potentially
disruptive shocks, for example, from climate change and
cyber risks. Resilience is essential for the success of European
business, and as this survey shows, in this, risk and insurance
managers can be leaders.
Dirk Wegener,
President of FERMA
FOREWORD
Dirk Wegener, President of FERMA
04
EXECUTIVE SUMMARY
The COVID-19 pandemic has put a spotlight on organisational
resilience. As catastrophic events grow more frequent but less
predictable, the need for resilience grows. This need is further
highlighted against the backdrop of increasingly interconnected
and complex risks.
In this context, FERMA and McKinsey & Company surveyed
risk and insurance professionals and senior executives across
sectors globally in the summer of 2021 to collect a current
view of the role of risk and insurance management in fostering
resilience for their organisations.
The responses show that :
• The Coronavirus pandemic accelerated the push for
corporate resilience, though in varying degrees across
sectors and resilience pillars.
• More than 60% of the participants acknowledge resilience
as a top priority or very relevant in strategic decision-
making.
• Risk and insurance managers are involved in resilience in
a meaningful way with further room to lead initiatives.
• 57% of those that responded to the survey feel their
organisations are well equipped to manage resilience
overall. Financial, operational, digital and technological
resilience are considered the most relevant areas across
companies. Foresight capabilities (scenarios and stress
testing) emerge as a core area to strengthen corporate
resilience.
• The risk function and executive teams play a leading role
in building resilient organisations, more than strategy
teams.
• Looking forward, almost three-quarters of the risk
managers surveyed see a clear need for both improving
risk culture and more strongly integrating resilience in
their organisations’ strategy.
05
SURVEY METHODOLOGY AND RESPONDENTS
ACROSS FUNCTIONS ACROSS ROLES
GLOBAL FOOTPRINT
COMPANY SIZE
Revenue in 2020 in euro
Source: Corporate Resilience Survey 2021
1. Some questions were not answered by
all participants, thus n can be different
per question
2. N = 16 for Other in Functions
3. N = 22 for Other in Positions
9%
23%
30%
38%
Other 2
Both Risk Manager
Insurance Manager
64% 23%
5%
8%
2 continents
1 continent
Global
National
11%
21%
14% 26%
28%
5-10bn
>50 bn
1-5 bn
<1bn
10-50bn
12%
31%
38%
10%
8%
Board
Executive
Committee (C-level)
Other 3
Middle Mgmt.
(C-2 & below)
Senior
Leadership (C-1)
In 2021, the Federation of European Risk Management Associations (FERMA) and McKinsey & Company surveyed
risk professionals from a range of industries and countries, about corporate resilience and the impact of the
pandemic. The survey probed for views on the risk function, as well as the present and future status of resilience
in their organisations.
Results reveal the growing importance of risk management and resilience in long-term strategy development. The
results also provide valuable insights on some of the measures needed to further strengthen corporate resilience.
06
LOCATION1
INDUSTRY
7%
7%
8%
22%
7%
20%
18%
10%
Telecoms, Media
Technology
Travel, Logistics
& Infrastructure
Social, Healthcare
(incl. pharma)
& Public Entities
Advanced
industries 3
Banking
Insurance & PE
Global Energy &
Materials
Professional
Services
Consumer &
Packaged Goods
4
SURVEY METHODOLOGY AND RESPONDENTS
1. These locations are the headquarters but all participants are from Europe
2. EU and others include Luxembourg, Austria, Belgium, Denmark, Norway, Portugal, Spain,
Sweden, Switzerland, United States of America, Nepal, Angola, Japan, China, Brazil, and
Argentina
3. Advanced Industries include Advanced Electronics, Semiconductors, Automotive
& Assembly, and Aerospace & Defense
4. GEM includes Basic Materials, Chemicals & Agriculture, Power, Oil & Gas
8%
9%
9%
21%
25%
28% Others 2
France
Italy
Germany
Finland
Netherlands
07 Source: Corporate Resilience Survey 2021
RESILIENCE DEFINITION
HOW DO YOU DEFINE RESILIENCE FOR YOUR ORGANISATION?
We asked survey participants to define resilience as it relates to their organisation. The respondents expressed diverse views, revealing
that resilience is a term used to cover a wide range of elements, action areas, capabilities and objectives.
“Finding opportunities from crises
and threats”
“Advancedcapabilitiesonbusiness
continuity and crisis management,
dynamic scenario analysis and
planning, balance-sheet strength
and operational agility”
“The natural capacity to respond decisively to crises and
potential disruptive events, minimising damages and enhancing
opportunities”
“Ability and strength to continue
the vision of the company
despite setbacks; go from
reactive to proactive; move from
post-strategy to pre-strategy”
“The underwater portion of the iceberg of our risk management
organisation; the capacity of the company to sustain the impact
of events after applying emergency measures; our culture,
our team sense, our leadership, and our feeling that our
organisation is among the best.”
“The readiness to continue to provide products and services
to our customers no matter how much the external context
changes or worsens.”
“To execute our strategy, we need
to make sure that we adapt to
real-life changes—including the
pandemic, energy transition, etc.”
“The ability to resist the impact of
crises and big events; meeting objectives and goals; providing
business continuity and service customers”
08
RESILIENCE AND THE IMPACT OF THE PANDEMIC
The coronavirus pandemic has raised the profile of risk and
insurance management, and corporate resilience.
90% stated that the pandemic made risk and insurance
management more important to their organisations. Of these,
more than 50% said it was to a considerable or great extent.
Only 10% found no direct impact.
The impact of the Coronavirus pandemic on risk
and insurance management
To what extent has the pandemic made risk and
insurance management more important to your
organisation?
36%
39%
16%
10%
Not at all
To some extent
To a considerable
extent
To a great extent
“The pandemic caused us to look beyond one risk
area and toward a corporate-wide view. It forced us
to understand the advantages in moving our stance
from risk management to resilience.”
09 Source: Corporate Resilience Survey 2021
Perhaps unsurprisingly, the areas where most organisations
have taken action during the pandemic are workplace safety
and remote working. Around three-quarters of respondents
have fully implemented changes already in these areas. Only
a handful of organisations have not planned any changes in
these areas.
To what degree has your organisation taken action in these areas of resilience since the pandemic?
Implementation started Planned and budgeted
Implementation completed Not planned
Workplace safety
Remote working
Supply chain
Insurance strategy
Others1
11%
18% 3%
4%
21%
14% 36%
5% 30%
25%
8%
21%
30%
42% 11%
26%
75%
5%
5%
78%
Managing business operations and the supply chain emerged
as key vulnerabilities during the pandemic. While over a quarter
of respondents have already made changes to their supply
chain, over half of the organisations covered in this survey
have either planned or begun implementation of supply chain
changes.
Almost two-thirds of respondents plan to make changes in their
insurance strategy or have made them already. This is likely
linked to hard-market conditions that began to appear 6–8
months before the pandemic. The pandemic worsened these
conditions, and could have led some commercial customers to
consider self-insurance or captives, for example.
1. Other focus areas: Threat intelligence, Controls update, Supervisory Board activities, Higher
self insurance/deductibles, Emerging risk scenarios and corporate contingency planning; N = 20
“We are learning from the crisis, reviewing, for example, our
evaluation process for suppliers. In the past we focused mainly
on financial impact but have since adopted a holistic view,
looking at the geographic footprint, compliance issues, among
other factors.”
10
A simplified overview of the stages of actions relating to resilience in the pandemic:
RESILIENCE AND THE IMPACT OF THE PANDEMIC
In this stage our respondents
were working on workplace safety,
remote work planning and HR/
staff issues. In addition, many risk
managers and Risk Committees
began to have more frequent and
direct interaction with the Board of
Executive Committees.
As organisations spent more time
dealing with the consequences
of the pandemic, changes or
modifications began to be made
to the supply chain, risk transfer/
insurance strategy, as well as on
controls.
This is the stage where some
organisations are now asking the
questions of how to move forward
or how to move to a resilience
path. Work in this area is around
scenario analysis, gathering and
disseminating threat intelligence
and working on contingency plans
and stress tests.
CRISIS MANAGEMENT
AND RESPONSE
CORE ENTERPRISE RISK
MANAGEMENT ACTIONS
FROM RISK TO RESILIENCE
“ We have established a 5-year scenario as an annual exercise.
This is an input for strategy setting to be linked to the en-
terprise performance plan. We develop mitigation actions for
scenarios as part of our strategic objectives. This way, risk is
involved, speaking the same language as strategy.”
“ During the crisis, we led a Risk Committee, sitting with the
Executive committee every week over 3 months. This was an
opportunity for us to demonstrate the value of the risk function
over the longer term.”
Based on the input from risk managers we have illustrated in the simplified graphic below the stages of actions on resilience, with a
selection of examples of actions taken. In practice, it is very likely that these stages are overlapping.
11 Source: Corporate Resilience Survey 2021
To what extent is resilience considered in your
organisation's strategy?
For almost one in six resilience is a top strategic priority. Further,
almost two-thirds of organisations make resilience a strong
focus in their organisation’s strategy. Only 6% of respondents
do not place any specific focus on resilience in the context of
their strategy.
Resilience as part of the strategic process
2 in 5 surveyed are in organisations where risk and insurance
management are a regular feature of strategic discussions.
While there is already strong involvement of the risk function
in strategic discussions there is also room to grow with 13%
not at all involved in these discussions in their organisations.
How much is your risk function involved in
strategy discussions in your organisation?
Results on the use of scenarios and stress-testing techniques
are split. More than half (53%) of executives rarely (or never)
use them in strategic decision making, while 47% do. 12% use
stress testing in every risk and resilience exercise as part of their
strategic process.
How often do you run scenario analysis or stress
tests on key risks as part of your company’s
strategy process or in preparation for strategic
decision making?
ROLE OF RESILIENCE IN STRATEGIC DECISION MAKING
Often
Every time Rarely Never
12% 35% 47%
6%
Mostly
Fully Partially Not at all
10% 30% 47% 13%
To a large extent
Is one of the top priorities To some extent Not at all
16% 46% 32% 6%
12
The survey sought to assess the robustness of structures and processes in each organisation using nine resilience categories. These
included foresight capabilities (scenarios and stress-testing), which enable organisations to simulate and quantify the impact on
business of a general or industry-specific scenario. Results are used to identify resilience areas for reducing potential adverse impact.
Response capabilities to disruptions and crises were also assessed, to discover insights into the ability of organisations to react to
and bounce back from unanticipated shocks.
RESILIENCE AND ITS CORE AREAS
A. Financial resilience High margins, low fixed costs, strong balance sheet, cash reserves,
access to capital market, hedging capabilities
B. Operational resilience Business continuity management, flexible workforce and production,
diversity and the transparency of the supply chain
C. Digital & technological
resilience
Digital strategy and risk management, cyber security, and invention
capabilities
D. Organisational resilience Purpose-driven mindset, openness to change, reskilling capabilities,
lean and agile setup
E. Market position and M&A
capabilities
Strong market position, diverse revenue portfolio, M&A capabilities,
capability edge
F. Reputation, brand, & customer Authentic reputation, brand value, stakeholder trust, social media
savviness
G. Purpose & ESG alignment Environmental, social, and governance criteria embedded in purpose,
vision and strategy; environmental targets; social and ethical standards;
robust governance
H. Foresight capabilities Systematic internal and external information gathering; scenario-
based simulations and stress-testing
I. Disruption & crisis response
capabilities
Criteria to trigger task force setup, crisis response protocols, strategic
adaptation
13
How would you rate your company’s capabilities and the effectiveness of its tools in managing resilience?
Source: Corporate Resilience Survey 2021
10%
32%
48%
9%
Poor Excellent
Very Good
Fair
“The crisis demonstrated that updating contingency plans was
useful. Though we had no specific plans for a pandemic in place,
existing plans and protocols were helpful in managing the
crisis.”
14
The survey probed the dimensions of resilience using three
lenses: the relevance of resilience for organisations, their ability
to manage resilience (capabilities), and the extent of the risk
function’s involvement (scope).
In terms of the areas of resilience that organisations find the
most relevant to them:
• Financial, operational and digital/technological resilience
are considered the most relevant areas of resilience across
most industries. Over 60% of risk managers consider
these three areas of resilience very relevant.
• Foresight capabilities is the area that is ‘least’ relevant in
terms of organisational resilience.
• Disruption and crisis-response capabilities are seen as
more relevant than foresight capabilities, which possibly
reflects the situation most organisations find themselves
in in the context of the pandemic. This finding could
reasonably be expected to change over time.
Relevance:
Which areas1
are most relevant for your
organisation’s resilience?
RESILIENCE AND ITS CORE AREAS
Relevant
Very relevant Somewhat relevant Not relevant
Financial
Operational
Digital &
technological
Organizational
Market position
and M&A capabilities
Reputation, brand
& customer
Purpose &
ESG alignment
Foresight capabilities 2
Disruption & crisis
response capabilities
68% 23% 6%
66% 27% 6%
62% 31% 8%
38% 44% 15%
38% 38% 19%
46% 40% 12%
17%
42% 37%
25% 40% 29%
18%
43% 35%
structural
factors
1. For definitions, refer to page 2.
2. Foresight capabilities refer to stress-testing resilience capabilities, which allows companies
to quantitatively assess the impact on business of a general or industry-specific scenario by
simulating reactions under each. This can then be used to identify resilience levers to reduce
potential adverse impacts.
15
Overall, the majority of risk managers (57%) rate their
organisation’s capabilities and effectiveness of its tools in
managing resilience highly. Only 10% rate their company’s
capabilities at managing resilience as poor. In terms of the
different areas of resilience:
• Over half of those surveyed believe their organisations
currently have effective capabilities to manage resilience
from a financial dimension.
• There appears to be room for improvement around
capabilities to predict events and conduct scenario
analyses and stress-tests to assess potential outcomes.
One-quarter of respondents say that they have no
foresight capabilities currently in place.
• Further only one-third of respondents say they have
effective crisis-management capabilities in place, a
possible insight from the pandemic.
Capabilities:
To what extent do you agree with the
following statement: "We have effective
capabilities and tools in place to manage
resilience in these areas”?
Source: Corporate Resilience Survey 2021
Agree
Strongly Agree Disagree Strongly disagree
52%
38%
40%
45%
56% 6%
48% 11%
33%
29% 56%
58% 6%
11%
11%
8%
41% 48% 10%
27%
33%
59%
24% 46% 25%
56%
Financial
Operational
Digital &
technological
Organizational
Market position
and M&A capabilities
Reputation, brand
& customer
Purpose &
ESG alignment
Foresight capabilities 2
Disruption & crisis
response capabilities
structural
factors
16
Scope:
To what extent is the risk function involved in these resilience areas?
RESILIENCE AND ITS CORE AREAS
The scope of involvement of risk and insurance management
in the different dimensions of resilience varies. Involvement is
highest in the areas of operations, digital and technological and
disruption & crisis response.
For more than 3 in 10 surveyed, risk and insurance management
is not at all involved in market position or reputation, brand and
customer dimensions of resilience.
Risk and insurance managers most often take a leading role
in disruption & crisis response—far more than in any other
resilience area.
Involved to
a large extent
Leading
Involved to
some extent
Not involved
7%
7%
6%
6%
12%
8%
24%
23%
49% 20%
22%
21%
10%
42%
31%
42% 8%
42%
42%
43% 24%
41% 8%
9%
14%
27%
41%
39%
20% 41%
19%
31%
10%
34%
37%
38%
Financial
Operational
Digital &
technological
Organizational
Market position
and M&A capabilities
Reputation, brand
& customer
Purpose &
ESG alignment
Foresight capabilities 2
Disruption & crisis
response capabilities
structural
factors
“In times of crisis, Risk plays an important role to foster res-
ponsible, quick decision making.”
17
Most participants identified the executive team and the risk
function as mainly responsible for resilience and related
coordination within their organisations. This suggests that risk
functions are taking a greater role in managing resilience more
holistically, especially in coordinating with other functions.
In your organisation, which group is primarily responsible for resilience, taking a coordinating role across
the relevant areas?
ORGANISING RESILIENCE
Source: Corporate Resilience Survey 2021
1. Board + Executive (C-level) + C-1 middle-mgmt.
Where does the responsibility for building resilience fall?
To an even greater extent, senior executives (top management)
believe that the executive team and the risk function are driving
resilience.Additionally,theseseniorleadersreportthatfinanceplays
moreofarolethanthebusinessunitsdoinbuildingtheresilienceof
the organisation (reversing the overall results on this point).
Strategy
Risk
Operations
Finance
Business Units
Executive team
Other
No dedicated
responsability
30%
33%
18%
44%
22%
48%
10%
9%
53%
9%
6%
Functions Overall Board, executive and senior leadership1
28%
34%
22%
55%
18%
18
ORGANISING RESILIENCE
Where does the responsibility for building resilience fall?
Most participants revealed broad cross-collaboration within
their organisation around resilience, involving operations,
business units, and finance; the involvement of strategy
remains low.
Top-level management (board, senior executives, and leaders),
Which areas of your organisation most often collaborate with risk on resilience?
collaborate around resilience more closely with finance teams
than other groups do (10% higher than overall collaboration).
The strong collaboration with operations is not surprising, given
the relevance of this aspect of resilience efforts.
1. Board + Executive (C-level) + C-1 middle-mgmt.
Strategy
Operations
Finance
Business Units
Other
59%
47%
49%
30%
10%
Functions Overall
19 Source: Corporate Resilience Survey 2021
The role of the risk function in managing resilience
“Risk Management needs to go beyond
lines of defense. If something happens,
decision lines can be unclear. Corporate
contingency plans need to be translated
into risk governance. How can we
become more proactive? Foresight
is another important dimension.
Companies often have siloed thinking”
“During the pandemic, the full
organisation adopted a risk approach.
Now there is a greater involvement
of the risk function and the mindset
of top management has changed.
The interaction with Operations has
been much more relevant than with
Strategy.”
“It is not enough for the CRO to be part
of the executive team. Relevant is the
CRO’s voice in the team. This depends
on how much the CRO is recognized as
a key collaborator with other functions.
The CRO’s job is to convene, challenge
and provide other perspectives.”
“Risk governance is key. Corporate
governance, board effectiveness,
and CEO's success success are
all linked to the risk governance
model. This means efficient decision
making, driving cultural change, and
developing the right tools.”
20
FUTURE OUTLOOK
Three-quarters of risk managers expect a greater emphasis
put in the near future on improving risk culture and integrating
resilience efforts more deeply in the strategy process.
They do not expect that interactions with external stakeholders,
including regulators, would play an important resilience-
strengthening role. This implies that their efforts at building
and managing resilience will be more inward-directed.
While almost half of the risk managers surveyed will place a
major emphasis on interactions with their board as part of
their efforts on resilience-strengthening going forward, more
than two in five only expect to place a minor emphasis on this
aspect.
At the same time, risk managers emphasize in interviews that
it is essential to educate the Board room about the value of risk
in providing meaningful risk reporting, performing scenario
analyses and challenges, etc. to improve decision-making.
Finally, the recent pandemic crisis produced different lessons,
e.g. in managing supply chain risks, improving fast and informed
decision-making by adapting the risk governance, building a
better data infrastructure etc.
Many risk managers are now using this opportunity to improve
their value proposition and profile across the organisations.
What do risk managers say about their future efforts to strengthen resilience?
“Reporting is an important improvement area. During crises, you
need to get reliable data quickly. Many boards lack oversight on
important risk topics. If companies lack appropriate risk data
systems, top management will make suboptimal decisions. In
our company, we launched an analytics project to combine data
across the group as a priority.”
21
Minor emphasis
Major enphasis No emphasis
In risk culture
In resilience as part of strategic
considerations and the strategy process
In your interactions with your board
In your interactions with regulators
and other external stakeholder
73%
71%
49%
24%
26%
7%
12%
43%
39% 49%
Source: Corporate Resilience Survey 2021
As the risk manager, where do you expect more emphasis to be placed on in the future to strengthen
resilience?
“We need to revisit risk governance. The risk function is on the
road to becoming better understood throughout the organisa-
tion. The board room is still missing out on why Risk has to be an
important contributor to decision making.”
Published in 2021, Brussels. © FERMA. All rights reserved.
Any reproduction in full or in part must mention the title and credit FERMA as the copyright owner.
Federation of European Risk
Management Associations
Federation of European Risk Management Associations Avenue de
Tervuren 273 B12 - 1150 Brussels (BELGIUM)
Tel: +32 2 761 94 32 - Email: enquiries@ferma.eu
www.ferma.eu
www.andromede.digital

More Related Content

What's hot

Sustainability & Risk Management
Sustainability & Risk ManagementSustainability & Risk Management
Sustainability & Risk Management
Turlough Guerin GAICD FGIA
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
FERMA
 

What's hot (20)

The European risk manager report 2020: webinar presentation
The European risk manager report 2020: webinar presentationThe European risk manager report 2020: webinar presentation
The European risk manager report 2020: webinar presentation
 
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
Ferma perspectives #2 - Cyber Risk Governance 09.10.2018
 
Sustainability as risk management
Sustainability as risk managementSustainability as risk management
Sustainability as risk management
 
Sustainability & Risk Management
Sustainability & Risk ManagementSustainability & Risk Management
Sustainability & Risk Management
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
Ferma European Risk Manager Report 2018
Ferma European Risk Manager Report 2018Ferma European Risk Manager Report 2018
Ferma European Risk Manager Report 2018
 
HBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
HBR - Zurich - FERMAZ - PRIMO Cyber Risks ReportHBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
HBR - Zurich - FERMAZ - PRIMO Cyber Risks Report
 
FERMA European Risk Manager Report 2020: full set of results
FERMA European Risk Manager Report 2020: full set of results  FERMA European Risk Manager Report 2020: full set of results
FERMA European Risk Manager Report 2020: full set of results
 
Ferma PwC European Risk Manager Report_ full set results 2018
Ferma PwC European Risk Manager Report_ full set results 2018Ferma PwC European Risk Manager Report_ full set results 2018
Ferma PwC European Risk Manager Report_ full set results 2018
 
Argo Group: entry for emerging risk initiative of the year Award 2020
Argo Group: entry for emerging risk initiative of the year Award 2020Argo Group: entry for emerging risk initiative of the year Award 2020
Argo Group: entry for emerging risk initiative of the year Award 2020
 
European Risk Management Seminar 2018 - Sustainability Report
European Risk Management Seminar 2018 - Sustainability ReportEuropean Risk Management Seminar 2018 - Sustainability Report
European Risk Management Seminar 2018 - Sustainability Report
 
GDPR & corporate governance: The Role of Internal Audit and Risk Management O...
GDPR & corporate governance: The Role of Internal Audit and Risk Management O...GDPR & corporate governance: The Role of Internal Audit and Risk Management O...
GDPR & corporate governance: The Role of Internal Audit and Risk Management O...
 
FERMA Survey Part 1 - The Maturity of Risk Management in Europe
FERMA Survey Part 1 - The Maturity of Risk Management in EuropeFERMA Survey Part 1 - The Maturity of Risk Management in Europe
FERMA Survey Part 1 - The Maturity of Risk Management in Europe
 
Risk Manager European Profile 2018
Risk Manager European Profile 2018Risk Manager European Profile 2018
Risk Manager European Profile 2018
 
Argo Group: operationalizing emerging risk 2020
Argo Group: operationalizing emerging risk 2020Argo Group: operationalizing emerging risk 2020
Argo Group: operationalizing emerging risk 2020
 
Webinar: Risk management in a global pandemic - Early lessons learned, EU – U...
Webinar: Risk management in a global pandemic - Early lessons learned, EU – U...Webinar: Risk management in a global pandemic - Early lessons learned, EU – U...
Webinar: Risk management in a global pandemic - Early lessons learned, EU – U...
 
FERMA ECIIA Cyber Risk Governance report 29 June 2017
FERMA ECIIA Cyber Risk Governance report 29 June 2017FERMA ECIIA Cyber Risk Governance report 29 June 2017
FERMA ECIIA Cyber Risk Governance report 29 June 2017
 
Facts and figures about our risk management associations in Europe 2019
Facts and figures about our risk management associations in Europe 2019Facts and figures about our risk management associations in Europe 2019
Facts and figures about our risk management associations in Europe 2019
 
Workers on the move, managing new risks
Workers on the move, managing new risks Workers on the move, managing new risks
Workers on the move, managing new risks
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self  Assessment - IRM India AffiliateRisk and Control Self  Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
 

Similar to The role of risk management in corporate resilience

Ace emerging-risks-barometer-2013
Ace emerging-risks-barometer-2013Ace emerging-risks-barometer-2013
Ace emerging-risks-barometer-2013
Factor-X
 
2014-09-multinational-research-report-final
2014-09-multinational-research-report-final2014-09-multinational-research-report-final
2014-09-multinational-research-report-final
Tomas Imrich
 
Accenture-2015-Global-Risk-Management-Study-Insurance-Report
Accenture-2015-Global-Risk-Management-Study-Insurance-ReportAccenture-2015-Global-Risk-Management-Study-Insurance-Report
Accenture-2015-Global-Risk-Management-Study-Insurance-Report
Tomas Imrich
 
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica BarredaCase Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Anuj Kamble
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
Anu Damodaran
 

Similar to The role of risk management in corporate resilience (20)

Webinar: the role of risk management in corporate resilience
Webinar: the role of risk management in corporate resilience Webinar: the role of risk management in corporate resilience
Webinar: the role of risk management in corporate resilience
 
Ace emerging-risks-barometer-2013
Ace emerging-risks-barometer-2013Ace emerging-risks-barometer-2013
Ace emerging-risks-barometer-2013
 
FERMA presentation at the IIA Belgium Conference
FERMA presentation at the IIA Belgium ConferenceFERMA presentation at the IIA Belgium Conference
FERMA presentation at the IIA Belgium Conference
 
The State of Enterprise Resilience - Resilience Survey 2015
The State of Enterprise Resilience - Resilience Survey 2015The State of Enterprise Resilience - Resilience Survey 2015
The State of Enterprise Resilience - Resilience Survey 2015
 
Aon's Underrated Threats Report
Aon's Underrated Threats ReportAon's Underrated Threats Report
Aon's Underrated Threats Report
 
2014-09-multinational-research-report-final
2014-09-multinational-research-report-final2014-09-multinational-research-report-final
2014-09-multinational-research-report-final
 
Accenture-2015-Global-Risk-Management-Study-Insurance-Report
Accenture-2015-Global-Risk-Management-Study-Insurance-ReportAccenture-2015-Global-Risk-Management-Study-Insurance-Report
Accenture-2015-Global-Risk-Management-Study-Insurance-Report
 
FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016
 
FERMA European Risk Management Benchmarking Survey 2012 – Brochure
FERMA European Risk Management Benchmarking Survey 2012 – BrochureFERMA European Risk Management Benchmarking Survey 2012 – Brochure
FERMA European Risk Management Benchmarking Survey 2012 – Brochure
 
Fer008 ferma risk-mangmt_18_sem_sustainabiity_report_v15_07_nov18 (1)
Fer008 ferma risk-mangmt_18_sem_sustainabiity_report_v15_07_nov18 (1)Fer008 ferma risk-mangmt_18_sem_sustainabiity_report_v15_07_nov18 (1)
Fer008 ferma risk-mangmt_18_sem_sustainabiity_report_v15_07_nov18 (1)
 
European risk management sustainability seminar report
European risk management sustainability seminar reportEuropean risk management sustainability seminar report
European risk management sustainability seminar report
 
Value Engineering. Measuring and managing risks in the wind energy industry
Value Engineering. Measuring and managing risks in the wind energy industryValue Engineering. Measuring and managing risks in the wind energy industry
Value Engineering. Measuring and managing risks in the wind energy industry
 
Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry
 
BDO Global Risk Landscape
BDO Global Risk LandscapeBDO Global Risk Landscape
BDO Global Risk Landscape
 
RISK MANAGEMENT Essays
RISK MANAGEMENT EssaysRISK MANAGEMENT Essays
RISK MANAGEMENT Essays
 
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica BarredaCase Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
Case Study on Risk management in M&A_Anuj Kamble_Veronica Barreda
 
Risk Management Essay
Risk Management EssayRisk Management Essay
Risk Management Essay
 
View from the top. A board-level perspective of current business risks
View from the top. A board-level perspective of current business risksView from the top. A board-level perspective of current business risks
View from the top. A board-level perspective of current business risks
 
Crisis Preparedness Report 2019
Crisis Preparedness Report 2019Crisis Preparedness Report 2019
Crisis Preparedness Report 2019
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
 

More from FERMA

GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
FERMA
 
FERMA Webinar: At the Junction of Corporate Governance and Cyber Security
FERMA Webinar: At the Junction of Corporate Governance and Cyber SecurityFERMA Webinar: At the Junction of Corporate Governance and Cyber Security
FERMA Webinar: At the Junction of Corporate Governance and Cyber Security
FERMA
 

More from FERMA (12)

People, Planet & Performance: sustainability guide for risk and insurance man...
People, Planet & Performance: sustainability guide for risk and insurance man...People, Planet & Performance: sustainability guide for risk and insurance man...
People, Planet & Performance: sustainability guide for risk and insurance man...
 
Collaboration of the Year Award winner 2020: Pim Moerman and Rob van den Eijn...
Collaboration of the Year Award winner 2020: Pim Moerman and Rob van den Eijn...Collaboration of the Year Award winner 2020: Pim Moerman and Rob van den Eijn...
Collaboration of the Year Award winner 2020: Pim Moerman and Rob van den Eijn...
 
George Ong, Chief Risk Officer, Northern Ireland Water
George Ong, Chief Risk Officer, Northern Ireland WaterGeorge Ong, Chief Risk Officer, Northern Ireland Water
George Ong, Chief Risk Officer, Northern Ireland Water
 
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementationGDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
 
Webinar: Why risk managers should look at Artificial Intelligence now?
Webinar: Why risk managers should look at Artificial Intelligence now?Webinar: Why risk managers should look at Artificial Intelligence now?
Webinar: Why risk managers should look at Artificial Intelligence now?
 
GDPR & corporate governance: the role of risk management and internal audit o...
GDPR & corporate governance: the role of risk management and internal audit o...GDPR & corporate governance: the role of risk management and internal audit o...
GDPR & corporate governance: the role of risk management and internal audit o...
 
Ferma report: Artificial Intelligence applied to Risk Management
Ferma report: Artificial Intelligence applied to Risk Management Ferma report: Artificial Intelligence applied to Risk Management
Ferma report: Artificial Intelligence applied to Risk Management
 
Webinar: how risk management can contribute to sustainable growth?
Webinar: how risk management can contribute to sustainable growth?Webinar: how risk management can contribute to sustainable growth?
Webinar: how risk management can contribute to sustainable growth?
 
FERMA Webinar: At the Junction of Corporate Governance and Cyber Security
FERMA Webinar: At the Junction of Corporate Governance and Cyber SecurityFERMA Webinar: At the Junction of Corporate Governance and Cyber Security
FERMA Webinar: At the Junction of Corporate Governance and Cyber Security
 
Preparing for cyber insurance - FERMA - Insurance Europe - BIPAR
Preparing for cyber insurance - FERMA - Insurance Europe - BIPARPreparing for cyber insurance - FERMA - Insurance Europe - BIPAR
Preparing for cyber insurance - FERMA - Insurance Europe - BIPAR
 
1st international edition of the RMIS Panorama with the support of FERMA network
1st international edition of the RMIS Panorama with the support of FERMA network1st international edition of the RMIS Panorama with the support of FERMA network
1st international edition of the RMIS Panorama with the support of FERMA network
 
FERMA Network: facts and figures about risk management associations in Europe
FERMA Network: facts and figures about risk management associations in EuropeFERMA Network: facts and figures about risk management associations in Europe
FERMA Network: facts and figures about risk management associations in Europe
 

Recently uploaded

Constitution of Company Article of Association
Constitution of Company Article of AssociationConstitution of Company Article of Association
Constitution of Company Article of Association
seri bangash
 
ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...
ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...
ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...
brennadilys816
 
NewBase 17 May 2024 Energy News issue - 1725 by Khaled Al Awadi_compresse...
NewBase   17 May  2024  Energy News issue - 1725 by Khaled Al Awadi_compresse...NewBase   17 May  2024  Energy News issue - 1725 by Khaled Al Awadi_compresse...
NewBase 17 May 2024 Energy News issue - 1725 by Khaled Al Awadi_compresse...
Khaled Al Awadi
 
Jual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg Pfizer
Jual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg PfizerJual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg Pfizer
Jual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg Pfizer
Pusat Herbal Resmi BPOM
 
Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312
LR1709MUSIC
 

Recently uploaded (20)

Constitution of Company Article of Association
Constitution of Company Article of AssociationConstitution of Company Article of Association
Constitution of Company Article of Association
 
MEANING AND CHARACTERISTICS OF TAXATION.
MEANING AND CHARACTERISTICS OF TAXATION.MEANING AND CHARACTERISTICS OF TAXATION.
MEANING AND CHARACTERISTICS OF TAXATION.
 
ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...
ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...
ابو ظبي اعلان | - سايتوتك في الامارات حبوب الاجهاض للبيع ف حبوب الإجهاض ... ا...
 
How Do Venture Capitalists Make Decisions?
How Do Venture Capitalists Make Decisions?How Do Venture Capitalists Make Decisions?
How Do Venture Capitalists Make Decisions?
 
WAM Corporate Presentation May 2024_w.pdf
WAM Corporate Presentation May 2024_w.pdfWAM Corporate Presentation May 2024_w.pdf
WAM Corporate Presentation May 2024_w.pdf
 
hyundai capital 2023 consolidated financial statements
hyundai capital 2023 consolidated financial statementshyundai capital 2023 consolidated financial statements
hyundai capital 2023 consolidated financial statements
 
Inside the Black Box of Venture Capital (VC)
Inside the Black Box of Venture Capital (VC)Inside the Black Box of Venture Capital (VC)
Inside the Black Box of Venture Capital (VC)
 
NewBase 17 May 2024 Energy News issue - 1725 by Khaled Al Awadi_compresse...
NewBase   17 May  2024  Energy News issue - 1725 by Khaled Al Awadi_compresse...NewBase   17 May  2024  Energy News issue - 1725 by Khaled Al Awadi_compresse...
NewBase 17 May 2024 Energy News issue - 1725 by Khaled Al Awadi_compresse...
 
Toyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & TransformationsToyota Kata Coaching for Agile Teams & Transformations
Toyota Kata Coaching for Agile Teams & Transformations
 
Jual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg Pfizer
Jual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg PfizerJual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg Pfizer
Jual Obat Aborsi Di Sibolga wa 0851/7541/5434 Cytotec Misoprostol 200mcg Pfizer
 
Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312Shots fired Budget Presentation.pdf12312
Shots fired Budget Presentation.pdf12312
 
wagamamaLab presentation @MIT 20240509 IRODORI
wagamamaLab presentation @MIT 20240509 IRODORIwagamamaLab presentation @MIT 20240509 IRODORI
wagamamaLab presentation @MIT 20240509 IRODORI
 
Raising Seed Capital by Steve Schlafman at RRE Ventures
Raising Seed Capital by Steve Schlafman at RRE VenturesRaising Seed Capital by Steve Schlafman at RRE Ventures
Raising Seed Capital by Steve Schlafman at RRE Ventures
 
Should Law Firms Outsource their Bookkeeping
Should Law Firms Outsource their BookkeepingShould Law Firms Outsource their Bookkeeping
Should Law Firms Outsource their Bookkeeping
 
HAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future ProspectsHAL Financial Performance Analysis and Future Prospects
HAL Financial Performance Analysis and Future Prospects
 
Progress Report - UKG Analyst Summit 2024 - A lot to do - Good Progress1-1.pdf
Progress Report - UKG Analyst Summit 2024 - A lot to do - Good Progress1-1.pdfProgress Report - UKG Analyst Summit 2024 - A lot to do - Good Progress1-1.pdf
Progress Report - UKG Analyst Summit 2024 - A lot to do - Good Progress1-1.pdf
 
Elevate Your Online Presence with SEO Services
Elevate Your Online Presence with SEO ServicesElevate Your Online Presence with SEO Services
Elevate Your Online Presence with SEO Services
 
How to refresh to be fit for the future world
How to refresh to be fit for the future worldHow to refresh to be fit for the future world
How to refresh to be fit for the future world
 
MichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdfMichaelStarkes_UncutGemsProjectSummary.pdf
MichaelStarkes_UncutGemsProjectSummary.pdf
 
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptxGoal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
Goal Presentation_NEW EMPLOYEE_NETAPS FOUNDATION.pptx
 

The role of risk management in corporate resilience

  • 1. 2021 Survey Report 21 COUNTRIES 5000 RISK MANAGERS IN EUROPE 22 MEMBER ASSOCIATIONS 40+ YEARS As the single recognised voice of European risk managers www.ferma.eu THE ROLE OF RISK MANAGEMENT IN CORPORATE RESILIENCE
  • 2. 02 About FERMA The Federation of European Risk Management Associations brings together 22 national risk management associations in 21 European countries. FERMA represents the interests of nearly 5000 risk and insurance managers in Europe active in a wide range of business sectors from major industrial and commercial companies to financial institutions and local government bodies. More information can be found at www.ferma.eu
  • 3. 03 On behalf of FERMA, I am pleased to present this report that we have produced with McKinsey & Company. It explores the contribution of risk management to corporate resilience as we move forward from the immediate impact of the pandemic crisis. Before the pandemic, we knew that risk management and risk managers had an important role in keeping shocks from destabilising their companies. The pandemic proved that. Until this report, however, we had little data on this contribution. Against this backdrop, FERMA and McKinsey & Company surveyed risk and insurance professionals and senior executives across sectors globally in the summer of 2021. Our aim was to establish a current view of the role of risk and insurance management in fostering resilience for their organisations. Today, we see from the report that the majority of participants feel their organisations are well equipped to manage resilience overall. At the same time, more can be done. In particular, these results give the impression that there is work to be done on improving organisational risk culture, as well as making resilience more of a strategic priority. Risk and insurance managers are already involved in this process in a meaningful way. The findings give us a great incentive to maintain momentum. We must continue to underline our worth to our organisations. They also show us where we can take the initiative by developing in areas such as foresight capabilities and sustainability. This survey gives us a foundation for our future work on resilience. We will also embed resilience into our advocacy work when we contribute to European projects, across a range of topics linked to the green and digital recovery, and beyond. The pandemic has highlighted the importance of good risk and crisis management and its contribution to resilience, but we must not be complacent. We continue to face other, potentially disruptive shocks, for example, from climate change and cyber risks. Resilience is essential for the success of European business, and as this survey shows, in this, risk and insurance managers can be leaders. Dirk Wegener, President of FERMA FOREWORD Dirk Wegener, President of FERMA
  • 4. 04 EXECUTIVE SUMMARY The COVID-19 pandemic has put a spotlight on organisational resilience. As catastrophic events grow more frequent but less predictable, the need for resilience grows. This need is further highlighted against the backdrop of increasingly interconnected and complex risks. In this context, FERMA and McKinsey & Company surveyed risk and insurance professionals and senior executives across sectors globally in the summer of 2021 to collect a current view of the role of risk and insurance management in fostering resilience for their organisations. The responses show that : • The Coronavirus pandemic accelerated the push for corporate resilience, though in varying degrees across sectors and resilience pillars. • More than 60% of the participants acknowledge resilience as a top priority or very relevant in strategic decision- making. • Risk and insurance managers are involved in resilience in a meaningful way with further room to lead initiatives. • 57% of those that responded to the survey feel their organisations are well equipped to manage resilience overall. Financial, operational, digital and technological resilience are considered the most relevant areas across companies. Foresight capabilities (scenarios and stress testing) emerge as a core area to strengthen corporate resilience. • The risk function and executive teams play a leading role in building resilient organisations, more than strategy teams. • Looking forward, almost three-quarters of the risk managers surveyed see a clear need for both improving risk culture and more strongly integrating resilience in their organisations’ strategy.
  • 5. 05 SURVEY METHODOLOGY AND RESPONDENTS ACROSS FUNCTIONS ACROSS ROLES GLOBAL FOOTPRINT COMPANY SIZE Revenue in 2020 in euro Source: Corporate Resilience Survey 2021 1. Some questions were not answered by all participants, thus n can be different per question 2. N = 16 for Other in Functions 3. N = 22 for Other in Positions 9% 23% 30% 38% Other 2 Both Risk Manager Insurance Manager 64% 23% 5% 8% 2 continents 1 continent Global National 11% 21% 14% 26% 28% 5-10bn >50 bn 1-5 bn <1bn 10-50bn 12% 31% 38% 10% 8% Board Executive Committee (C-level) Other 3 Middle Mgmt. (C-2 & below) Senior Leadership (C-1) In 2021, the Federation of European Risk Management Associations (FERMA) and McKinsey & Company surveyed risk professionals from a range of industries and countries, about corporate resilience and the impact of the pandemic. The survey probed for views on the risk function, as well as the present and future status of resilience in their organisations. Results reveal the growing importance of risk management and resilience in long-term strategy development. The results also provide valuable insights on some of the measures needed to further strengthen corporate resilience.
  • 6. 06 LOCATION1 INDUSTRY 7% 7% 8% 22% 7% 20% 18% 10% Telecoms, Media Technology Travel, Logistics & Infrastructure Social, Healthcare (incl. pharma) & Public Entities Advanced industries 3 Banking Insurance & PE Global Energy & Materials Professional Services Consumer & Packaged Goods 4 SURVEY METHODOLOGY AND RESPONDENTS 1. These locations are the headquarters but all participants are from Europe 2. EU and others include Luxembourg, Austria, Belgium, Denmark, Norway, Portugal, Spain, Sweden, Switzerland, United States of America, Nepal, Angola, Japan, China, Brazil, and Argentina 3. Advanced Industries include Advanced Electronics, Semiconductors, Automotive & Assembly, and Aerospace & Defense 4. GEM includes Basic Materials, Chemicals & Agriculture, Power, Oil & Gas 8% 9% 9% 21% 25% 28% Others 2 France Italy Germany Finland Netherlands
  • 7. 07 Source: Corporate Resilience Survey 2021 RESILIENCE DEFINITION HOW DO YOU DEFINE RESILIENCE FOR YOUR ORGANISATION? We asked survey participants to define resilience as it relates to their organisation. The respondents expressed diverse views, revealing that resilience is a term used to cover a wide range of elements, action areas, capabilities and objectives. “Finding opportunities from crises and threats” “Advancedcapabilitiesonbusiness continuity and crisis management, dynamic scenario analysis and planning, balance-sheet strength and operational agility” “The natural capacity to respond decisively to crises and potential disruptive events, minimising damages and enhancing opportunities” “Ability and strength to continue the vision of the company despite setbacks; go from reactive to proactive; move from post-strategy to pre-strategy” “The underwater portion of the iceberg of our risk management organisation; the capacity of the company to sustain the impact of events after applying emergency measures; our culture, our team sense, our leadership, and our feeling that our organisation is among the best.” “The readiness to continue to provide products and services to our customers no matter how much the external context changes or worsens.” “To execute our strategy, we need to make sure that we adapt to real-life changes—including the pandemic, energy transition, etc.” “The ability to resist the impact of crises and big events; meeting objectives and goals; providing business continuity and service customers”
  • 8. 08 RESILIENCE AND THE IMPACT OF THE PANDEMIC The coronavirus pandemic has raised the profile of risk and insurance management, and corporate resilience. 90% stated that the pandemic made risk and insurance management more important to their organisations. Of these, more than 50% said it was to a considerable or great extent. Only 10% found no direct impact. The impact of the Coronavirus pandemic on risk and insurance management To what extent has the pandemic made risk and insurance management more important to your organisation? 36% 39% 16% 10% Not at all To some extent To a considerable extent To a great extent “The pandemic caused us to look beyond one risk area and toward a corporate-wide view. It forced us to understand the advantages in moving our stance from risk management to resilience.”
  • 9. 09 Source: Corporate Resilience Survey 2021 Perhaps unsurprisingly, the areas where most organisations have taken action during the pandemic are workplace safety and remote working. Around three-quarters of respondents have fully implemented changes already in these areas. Only a handful of organisations have not planned any changes in these areas. To what degree has your organisation taken action in these areas of resilience since the pandemic? Implementation started Planned and budgeted Implementation completed Not planned Workplace safety Remote working Supply chain Insurance strategy Others1 11% 18% 3% 4% 21% 14% 36% 5% 30% 25% 8% 21% 30% 42% 11% 26% 75% 5% 5% 78% Managing business operations and the supply chain emerged as key vulnerabilities during the pandemic. While over a quarter of respondents have already made changes to their supply chain, over half of the organisations covered in this survey have either planned or begun implementation of supply chain changes. Almost two-thirds of respondents plan to make changes in their insurance strategy or have made them already. This is likely linked to hard-market conditions that began to appear 6–8 months before the pandemic. The pandemic worsened these conditions, and could have led some commercial customers to consider self-insurance or captives, for example. 1. Other focus areas: Threat intelligence, Controls update, Supervisory Board activities, Higher self insurance/deductibles, Emerging risk scenarios and corporate contingency planning; N = 20 “We are learning from the crisis, reviewing, for example, our evaluation process for suppliers. In the past we focused mainly on financial impact but have since adopted a holistic view, looking at the geographic footprint, compliance issues, among other factors.”
  • 10. 10 A simplified overview of the stages of actions relating to resilience in the pandemic: RESILIENCE AND THE IMPACT OF THE PANDEMIC In this stage our respondents were working on workplace safety, remote work planning and HR/ staff issues. In addition, many risk managers and Risk Committees began to have more frequent and direct interaction with the Board of Executive Committees. As organisations spent more time dealing with the consequences of the pandemic, changes or modifications began to be made to the supply chain, risk transfer/ insurance strategy, as well as on controls. This is the stage where some organisations are now asking the questions of how to move forward or how to move to a resilience path. Work in this area is around scenario analysis, gathering and disseminating threat intelligence and working on contingency plans and stress tests. CRISIS MANAGEMENT AND RESPONSE CORE ENTERPRISE RISK MANAGEMENT ACTIONS FROM RISK TO RESILIENCE “ We have established a 5-year scenario as an annual exercise. This is an input for strategy setting to be linked to the en- terprise performance plan. We develop mitigation actions for scenarios as part of our strategic objectives. This way, risk is involved, speaking the same language as strategy.” “ During the crisis, we led a Risk Committee, sitting with the Executive committee every week over 3 months. This was an opportunity for us to demonstrate the value of the risk function over the longer term.” Based on the input from risk managers we have illustrated in the simplified graphic below the stages of actions on resilience, with a selection of examples of actions taken. In practice, it is very likely that these stages are overlapping.
  • 11. 11 Source: Corporate Resilience Survey 2021 To what extent is resilience considered in your organisation's strategy? For almost one in six resilience is a top strategic priority. Further, almost two-thirds of organisations make resilience a strong focus in their organisation’s strategy. Only 6% of respondents do not place any specific focus on resilience in the context of their strategy. Resilience as part of the strategic process 2 in 5 surveyed are in organisations where risk and insurance management are a regular feature of strategic discussions. While there is already strong involvement of the risk function in strategic discussions there is also room to grow with 13% not at all involved in these discussions in their organisations. How much is your risk function involved in strategy discussions in your organisation? Results on the use of scenarios and stress-testing techniques are split. More than half (53%) of executives rarely (or never) use them in strategic decision making, while 47% do. 12% use stress testing in every risk and resilience exercise as part of their strategic process. How often do you run scenario analysis or stress tests on key risks as part of your company’s strategy process or in preparation for strategic decision making? ROLE OF RESILIENCE IN STRATEGIC DECISION MAKING Often Every time Rarely Never 12% 35% 47% 6% Mostly Fully Partially Not at all 10% 30% 47% 13% To a large extent Is one of the top priorities To some extent Not at all 16% 46% 32% 6%
  • 12. 12 The survey sought to assess the robustness of structures and processes in each organisation using nine resilience categories. These included foresight capabilities (scenarios and stress-testing), which enable organisations to simulate and quantify the impact on business of a general or industry-specific scenario. Results are used to identify resilience areas for reducing potential adverse impact. Response capabilities to disruptions and crises were also assessed, to discover insights into the ability of organisations to react to and bounce back from unanticipated shocks. RESILIENCE AND ITS CORE AREAS A. Financial resilience High margins, low fixed costs, strong balance sheet, cash reserves, access to capital market, hedging capabilities B. Operational resilience Business continuity management, flexible workforce and production, diversity and the transparency of the supply chain C. Digital & technological resilience Digital strategy and risk management, cyber security, and invention capabilities D. Organisational resilience Purpose-driven mindset, openness to change, reskilling capabilities, lean and agile setup E. Market position and M&A capabilities Strong market position, diverse revenue portfolio, M&A capabilities, capability edge F. Reputation, brand, & customer Authentic reputation, brand value, stakeholder trust, social media savviness G. Purpose & ESG alignment Environmental, social, and governance criteria embedded in purpose, vision and strategy; environmental targets; social and ethical standards; robust governance H. Foresight capabilities Systematic internal and external information gathering; scenario- based simulations and stress-testing I. Disruption & crisis response capabilities Criteria to trigger task force setup, crisis response protocols, strategic adaptation
  • 13. 13 How would you rate your company’s capabilities and the effectiveness of its tools in managing resilience? Source: Corporate Resilience Survey 2021 10% 32% 48% 9% Poor Excellent Very Good Fair “The crisis demonstrated that updating contingency plans was useful. Though we had no specific plans for a pandemic in place, existing plans and protocols were helpful in managing the crisis.”
  • 14. 14 The survey probed the dimensions of resilience using three lenses: the relevance of resilience for organisations, their ability to manage resilience (capabilities), and the extent of the risk function’s involvement (scope). In terms of the areas of resilience that organisations find the most relevant to them: • Financial, operational and digital/technological resilience are considered the most relevant areas of resilience across most industries. Over 60% of risk managers consider these three areas of resilience very relevant. • Foresight capabilities is the area that is ‘least’ relevant in terms of organisational resilience. • Disruption and crisis-response capabilities are seen as more relevant than foresight capabilities, which possibly reflects the situation most organisations find themselves in in the context of the pandemic. This finding could reasonably be expected to change over time. Relevance: Which areas1 are most relevant for your organisation’s resilience? RESILIENCE AND ITS CORE AREAS Relevant Very relevant Somewhat relevant Not relevant Financial Operational Digital & technological Organizational Market position and M&A capabilities Reputation, brand & customer Purpose & ESG alignment Foresight capabilities 2 Disruption & crisis response capabilities 68% 23% 6% 66% 27% 6% 62% 31% 8% 38% 44% 15% 38% 38% 19% 46% 40% 12% 17% 42% 37% 25% 40% 29% 18% 43% 35% structural factors 1. For definitions, refer to page 2. 2. Foresight capabilities refer to stress-testing resilience capabilities, which allows companies to quantitatively assess the impact on business of a general or industry-specific scenario by simulating reactions under each. This can then be used to identify resilience levers to reduce potential adverse impacts.
  • 15. 15 Overall, the majority of risk managers (57%) rate their organisation’s capabilities and effectiveness of its tools in managing resilience highly. Only 10% rate their company’s capabilities at managing resilience as poor. In terms of the different areas of resilience: • Over half of those surveyed believe their organisations currently have effective capabilities to manage resilience from a financial dimension. • There appears to be room for improvement around capabilities to predict events and conduct scenario analyses and stress-tests to assess potential outcomes. One-quarter of respondents say that they have no foresight capabilities currently in place. • Further only one-third of respondents say they have effective crisis-management capabilities in place, a possible insight from the pandemic. Capabilities: To what extent do you agree with the following statement: "We have effective capabilities and tools in place to manage resilience in these areas”? Source: Corporate Resilience Survey 2021 Agree Strongly Agree Disagree Strongly disagree 52% 38% 40% 45% 56% 6% 48% 11% 33% 29% 56% 58% 6% 11% 11% 8% 41% 48% 10% 27% 33% 59% 24% 46% 25% 56% Financial Operational Digital & technological Organizational Market position and M&A capabilities Reputation, brand & customer Purpose & ESG alignment Foresight capabilities 2 Disruption & crisis response capabilities structural factors
  • 16. 16 Scope: To what extent is the risk function involved in these resilience areas? RESILIENCE AND ITS CORE AREAS The scope of involvement of risk and insurance management in the different dimensions of resilience varies. Involvement is highest in the areas of operations, digital and technological and disruption & crisis response. For more than 3 in 10 surveyed, risk and insurance management is not at all involved in market position or reputation, brand and customer dimensions of resilience. Risk and insurance managers most often take a leading role in disruption & crisis response—far more than in any other resilience area. Involved to a large extent Leading Involved to some extent Not involved 7% 7% 6% 6% 12% 8% 24% 23% 49% 20% 22% 21% 10% 42% 31% 42% 8% 42% 42% 43% 24% 41% 8% 9% 14% 27% 41% 39% 20% 41% 19% 31% 10% 34% 37% 38% Financial Operational Digital & technological Organizational Market position and M&A capabilities Reputation, brand & customer Purpose & ESG alignment Foresight capabilities 2 Disruption & crisis response capabilities structural factors “In times of crisis, Risk plays an important role to foster res- ponsible, quick decision making.”
  • 17. 17 Most participants identified the executive team and the risk function as mainly responsible for resilience and related coordination within their organisations. This suggests that risk functions are taking a greater role in managing resilience more holistically, especially in coordinating with other functions. In your organisation, which group is primarily responsible for resilience, taking a coordinating role across the relevant areas? ORGANISING RESILIENCE Source: Corporate Resilience Survey 2021 1. Board + Executive (C-level) + C-1 middle-mgmt. Where does the responsibility for building resilience fall? To an even greater extent, senior executives (top management) believe that the executive team and the risk function are driving resilience.Additionally,theseseniorleadersreportthatfinanceplays moreofarolethanthebusinessunitsdoinbuildingtheresilienceof the organisation (reversing the overall results on this point). Strategy Risk Operations Finance Business Units Executive team Other No dedicated responsability 30% 33% 18% 44% 22% 48% 10% 9% 53% 9% 6% Functions Overall Board, executive and senior leadership1 28% 34% 22% 55% 18%
  • 18. 18 ORGANISING RESILIENCE Where does the responsibility for building resilience fall? Most participants revealed broad cross-collaboration within their organisation around resilience, involving operations, business units, and finance; the involvement of strategy remains low. Top-level management (board, senior executives, and leaders), Which areas of your organisation most often collaborate with risk on resilience? collaborate around resilience more closely with finance teams than other groups do (10% higher than overall collaboration). The strong collaboration with operations is not surprising, given the relevance of this aspect of resilience efforts. 1. Board + Executive (C-level) + C-1 middle-mgmt. Strategy Operations Finance Business Units Other 59% 47% 49% 30% 10% Functions Overall
  • 19. 19 Source: Corporate Resilience Survey 2021 The role of the risk function in managing resilience “Risk Management needs to go beyond lines of defense. If something happens, decision lines can be unclear. Corporate contingency plans need to be translated into risk governance. How can we become more proactive? Foresight is another important dimension. Companies often have siloed thinking” “During the pandemic, the full organisation adopted a risk approach. Now there is a greater involvement of the risk function and the mindset of top management has changed. The interaction with Operations has been much more relevant than with Strategy.” “It is not enough for the CRO to be part of the executive team. Relevant is the CRO’s voice in the team. This depends on how much the CRO is recognized as a key collaborator with other functions. The CRO’s job is to convene, challenge and provide other perspectives.” “Risk governance is key. Corporate governance, board effectiveness, and CEO's success success are all linked to the risk governance model. This means efficient decision making, driving cultural change, and developing the right tools.”
  • 20. 20 FUTURE OUTLOOK Three-quarters of risk managers expect a greater emphasis put in the near future on improving risk culture and integrating resilience efforts more deeply in the strategy process. They do not expect that interactions with external stakeholders, including regulators, would play an important resilience- strengthening role. This implies that their efforts at building and managing resilience will be more inward-directed. While almost half of the risk managers surveyed will place a major emphasis on interactions with their board as part of their efforts on resilience-strengthening going forward, more than two in five only expect to place a minor emphasis on this aspect. At the same time, risk managers emphasize in interviews that it is essential to educate the Board room about the value of risk in providing meaningful risk reporting, performing scenario analyses and challenges, etc. to improve decision-making. Finally, the recent pandemic crisis produced different lessons, e.g. in managing supply chain risks, improving fast and informed decision-making by adapting the risk governance, building a better data infrastructure etc. Many risk managers are now using this opportunity to improve their value proposition and profile across the organisations. What do risk managers say about their future efforts to strengthen resilience? “Reporting is an important improvement area. During crises, you need to get reliable data quickly. Many boards lack oversight on important risk topics. If companies lack appropriate risk data systems, top management will make suboptimal decisions. In our company, we launched an analytics project to combine data across the group as a priority.”
  • 21. 21 Minor emphasis Major enphasis No emphasis In risk culture In resilience as part of strategic considerations and the strategy process In your interactions with your board In your interactions with regulators and other external stakeholder 73% 71% 49% 24% 26% 7% 12% 43% 39% 49% Source: Corporate Resilience Survey 2021 As the risk manager, where do you expect more emphasis to be placed on in the future to strengthen resilience? “We need to revisit risk governance. The risk function is on the road to becoming better understood throughout the organisa- tion. The board room is still missing out on why Risk has to be an important contributor to decision making.”
  • 22. Published in 2021, Brussels. © FERMA. All rights reserved. Any reproduction in full or in part must mention the title and credit FERMA as the copyright owner. Federation of European Risk Management Associations Federation of European Risk Management Associations Avenue de Tervuren 273 B12 - 1150 Brussels (BELGIUM) Tel: +32 2 761 94 32 - Email: enquiries@ferma.eu www.ferma.eu www.andromede.digital