Risk management is still being neglected, says OECD

Despite having a greater awareness of risk, companies are still struggling with the practicalities of mitigating “catastrophic” threats, says a new report by the Organisation for Economic Co-Operation and Development (OECD).

The report, entitled Risk Management and Corporate Governance, analyses rules and risk management practices in 27 countries around the world, and concluded that insufficient steps are being taken to protect firms against threats. It warned that many companies are also heavily focussed on financial risk and have not considered broader issues that could put them in jeopardy.

“The review finds that, while risk-taking is a fundamental driving force in business and entrepreneurship, the cost of risk management failures is still often underestimated, both externally and internally, including the cost in terms of management time needed to rectify the situation, it said. “Corporate governance should therefore ensure that risks are understood, managed and, when appropriate, communicated.”

Following the financial crisis, many companies have started to pay more attention to risk management. This is, however, seldom reflected in changes to formal procedures, except in the financial sector and in companies that have suffered serious risk management failure in the recent past.”

To improve, companies are advised to develop incentive structures that reward both business success and the awareness and management of financial and non-financial risk, and to take into account strategic and operational risk. Boards and senior executives should also be more heavily involved in the issues, the report suggests.

Boards should be aware of the shortcomings of risk management models that rely on questionable probability assumptions,” it says. “More guidance may be provided on managing the risks that deserve particular attention, such as risks that will potentially have large negative impacts on investors, stakeholders, taxpayers, or the environment.”



Related reading