Corporate Risk Management Issues - Essay Example

Corporate Risk Management I. Introduction Nearly every business organizations whether big or small have to face innumerable amount of risks while carrying out their operations. Of the various types of business risks, some risks are predictable and controllable by management where as some others are unpredictable and uncontrollable one by management. And at the same time degree of risks to be faced by organizations also may vary from one another depending upon their size, nature, diversity of business line and also their sources of capital to which they are depending upon. An organization is claimed to be risky when its liabilities exceeds than its assets or other way when they are seriously suffering from any physical dangerous while carrying out their operations. Unfortunately such high degree of risks can bring negative impact on the profitability as well as to the future success of the organizations. So to protect from such bad consequences it is essential for such organization as soon as possible to find an appropriate solution so that they could handle or manage risks in better way which in otherwise could bring catastrophe to them. So a desirable solution is through applying appropriate sets of procedures or policies at proper intervals. Risk management is one such effective strategy that to a great extent can minimize or reduce various types of risks that an organization has to face while carrying out its operations. By adopting such strategy an organization can ensure its better success and growth in the future. Viewing this importance the paper attempts to describe what is risk management or risk management decisions, the direct and indirect costs and benefits of risk management decisions to an organization and how they can be measured. II. Risk Management Decisions Risk management or risk management decisions are a logical process that aims at eliminating or minimizing the level of risk pertained to any business operations. In other words it can be told as a series of process that comprises of identifying, analyzing, and implementing necessary steps so as to minimize or eliminate the exposures to risk of loss that are to be faced by an organization. The practice of risk management makes use of number of tools and techniques, and also the concept of insurance, in order to manage the different types of risks. The duty of carrying out the process of risk management is entrusted to the concerned department of corporate risk management, who firstly identifies what are the various potential sources that cause to trouble, after identifying the corporate risk managers analyzes each of the sources carefully and then finally after analyzing they take precautionary measures or steps to overcome from such exposure of losses. The term risk management is known to be a "relatively a recent evolution of the concept to insurance management" (Sullivan, 2009, P. 452). The concept risk management that comprises of broader scope of activities and responsibilities than what the insurance management actually dealt with. The uses of Risk management was initially applied by the organizations to protect from various physical threats which occurs while carrying out their operations such as theft, fire, flood, legal liability, disability, employee injuries, car accidents, and many which otherwise took number of years to protect themselves from such risks and in turn which would bring barriers to their day-to-day operations and profitability. It was seen as the 20th century ended; the activities of risk management were much more expanded to the areas of financial risks such as interest rates, exchange rates, and now e-Commerce. As mentioned earlier risk management as a process risk management involves several series of steps where the concerned corporate risk management department of an organization identifies, analyzes, treats and monitors the risks which are involved in carry out their any business operations (Culp, 2001). These entire processes were carried out by the organization with the purpose to protect themselves from its bad impacts and to add up their value. But, however the actual process involved in risk management may vary differently from one organization to another organization. Though the process may vary but for an effective risk management it requires the need for active support from both the side of owners as well as the management team of an organization for the purpose to refine their overall operation and to reach maximum to its possible lowest level degree of risk. Thus risk management is often regarded as a multi-criteria decision making process in which the various forces such as economic, health, legal, environmental, social, geo-political and many other several forces gather together to play each other. It is already seen that responsibility to deal with the process of identifying, analyzing, evaluating and selecting the most appropriate feasible course of action for the purpose to minimize the level of risk of loss is vested in the hands of the corporate risk managers of the concerned organization. The decision making process is considered to be complex one; so it is need not necessary that only one decision criterion must be followed always. There can be several decision criteria that can be followed by an organization; however they may differ from each other in terms of some frequency. Essentially there are four kinds of decision criterions which include: cost-benefit analysis; cost effectiveness analysis; risk-benefit analysis; and, comparative risk analysis. Objectives of risk management Risk management is now considered as an integral part of every organization's strategic management. It is a process that enables the organization to approach systematically to various types of risks attached to their activities and there by facilitating to achieve sustained benefits from their each activity. The main objective of effective risk management is to identify and to treat the various risks that are attached to the activities of an organization. However, the following can also said to be as its objectives (Mehr, 1974): To add maximum sustainable value to all the business activities, To marshal the understanding of both the potential sides that is upside and downside of all the factors (internal and external) that can have greater impact on the organization, To ensure success of the organization and To reduce all the uncertainty that is acting as barriers in achieving the overall objectivities of an organization. An effective risk management is one which is continuous as well as a developing process that has the capacity to run throughout the organization's strategy and to the implementation of that strategy. And also which has the capacity to address all the risks systematically surrounding the organization's activities in past, present and in future times. Moreover it must be able to integrate organization's culture through adopting an effective policy and a programme followed by the senior manager. It must also find easy to convert the strategy into tactical and operational objectives through its proper assignment of responsibilities for each managers and employees those who are held responsible for managing risk as a part of their description of their job in an organization. Thereby doing so it can to a large extent can support an organizations accountability, performance measurement and reward that can facilitate in improving operational efficiency at all levels of an organization. Besides, the objectives mentioned above, the overall objectives of risk management are to safeguard and to increase further value of the organization and of its various stakeholders, which it achieves by supporting the various organizational objectives such as: By providing framework for an organization to carry out its future activity more in a consistent and controlled way. By further improving decision making planning and prioritization through proper understanding of the activity, volatility and threats/opportunities of project of a business By facilitating in better allocation of capital and other resources that are available within the organization. By reducing the level of volatility in the less concentrated areas of business. By protecting as well as improving the belonging assets and image of organization. By developing and supporting people and the organization's knowledge base. By optimizing operational efficiency of an organization Steps in Risk Management Process Basically there are seven steps involved in risk management process. These steps act as a generic guide to every organization irrespective of the type of business, activity or function. The seven steps are briefly explained below ( Kavaler, 1997): Establishment of the context: The first step involved is to establish the strategic and organizational context in which the risk management will be going to take place. To say the type of nature of business, the type of risk existing in the business and what are the organization's priorities are to be considered here. Risk Identification: The second step involved is risk identification. It is referred to as the process of identifying organization's exposure to uncertainty. The essential feature that a corporate risk manager must possess is that he must have deep knowledge of the organization such as market in which it operates, the legal, political, social and cultural environment in which the organization exists, and also the sound understanding of strategic and operational objectives, factors that play as a critical factor to its success and what are the threats and opportunities related to the achievement of those objectives. In addition to these manager must also try to identify who are the different stakeholders involved in an organization and what are the past events and future developments of organization. Risk Analysis: After establishment of the context and identification the next step is to go through risk analysis. The risk analysis quantifies the identified risk in terms of its probability and frequency of occurrence and also their possibilities of consequences. That is more precisely the manager analyzes how likely the risk event is going to happen and what would be its overall impact in terms of political, economic, social and cultural if such events happen. Risk Evaluation: After the risk analysis process is completed it becomes necessary for a manager to compare the estimated risks against certain risk criteria which the organization has established. The risk criteria's may be associated costs and benefits, legal requirements, socio-economic and environmental factors, concerns of stakeholders and many. The main purpose of this step is to make out decision about the significance of risks to organization and whether such risk must be further accepted or treated. Risk reporting and communication: Immediately after risk evaluation procedure is completed, it becomes the duty of the manager to report and communicate on risk to different levels within as well as outside an organization those who are in need of different information from the risk management process. Risk Treatment: If the decision is take that risk must be further treated then manager go through risk treatment process. It is referred to as the process of selecting and implementing measures in order to make necessary changes in the risk. Though the risk control or mitigation is its major elements the risk treatment also includes risk avoidance, risk transfer, risk financing, etc. Monitoring and review of the risk management process: Finally after implementing risks it is necessary to monitor and review the risk management process. That is for effective risk management it is necessary to report and review structure in order to ensure that risk are identified and assessed properly and that the appropriate controls and responses are in place. In addition to these the manager must conduct regular audits of policy and see standards compliance are carried out and the standards performance are reviewed in order to identify opportunities for improvement. As the organization exists and operates in dynamic environment, it is essential to identify the changes taking place and accordingly modification must be done. Overall the aim of the monitoring process must be to provide assurance with regard that there are appropriate controls in place for carrying out the activities of an organization and also that the all the procedures are duly understood and followed. III. Cost and Benefits of Risk Management The ultimate aim of risk management is to safeguard and increase the shareholder's value of an organization. The ability to minimize risk does not indicate that the firm must reduce risk. The reason is benefits and costs of the risk management may vary from one organization to another; as a result the risk management strategy must be tailored to each business organization. Therefore it is found that those firms who are pointing to particular level of earnings or cash flow fluctuations, they have the potential to increase the value of their firm. And those firms where their value maximizing strategy is to point a particular range of fluctuation in market value of the firm. Therefore to determine optimal risk management policy the manager of the concerned organization must try to understand that how the degree of uncertainty regards to future earnings and firms value will affect the current market value of the firm. This necessitates understanding of the critical underpinnings of risk management strategy. And there by evaluate the costs and benefits of risk management within the context of a particular firm. Corporate risk management can help in a better way to enhance the value of shareholder through eliminating direct and indirect costs. Direct costs are in terms of increasing firm's average tax bill, increasing transaction costs of hedging and financial distress. While indirect costs are the consequences of the less favorable contracting terms with corporate stakeholders who are in need of premium for their relationship rents being exposed to default risk. At the same time it is understood that if the risks are not properly assessed and prioritized, there can be a greater chance of wasting time for an organization on dealing with risk which are probably unlikely to occur. Therefore over spending of time on assessment and managing on such unlikely risks can divert resources which in otherwise could be effectively and profitably utilized. In addition the above costs the risk management also benefits the organization in terms of reducing its financial distress cost; reducing the risks which are to be faced by the undiversified investors; reducing taxes and monitoring costs through improvements in performance evaluation and finally facilitating in providing internal funds of investment. IV. Conclusion Today the need for risk management was especially felt because of extremely volatile financial environment, as it can concentrate every much on insurance matters and also it is dealt with identifying of potential risks which may result to severe impact on the organization. Every organization applies risk management as a tool to find out new innovative ways of where by which they can protect their assets against sharp market fluctuations. As it is already seen that risk management was to protect from various physical threats so as to cover the cost incurred by fire, theft and liability losses. But as the time passed, globalization and the high volatility of financial markets have prone to number of risks that can have adverse affect on organizations. This facilitated to change the concept of risk management radically that is making it more increasingly important. Thus a modern organization applies risk management as a common practice, mainly for any operation, which is associated with financial or facilities management. However, risk management is not paying attention only to financial risks, but on a large number of risks that may impose potential threats on a firm. References Culp, L. Christopher (2001), The risk management process: business strategy and tactics, John Wiley and Sons Kavaler, Florence and Allen D. Spiegel (1997), Risk Management In Health Care Institutions: A Strategic Approach, Jones & Bartlett Publishers Mehr, I. Robert and Bob A. Hedges (1974), Risk management: concepts and applications, R.D. Irwin Sullivan, Larry (2009), The SAGE Glossary of the Social and Behavioral Sciences, SAGE Read More