“You’ve got to go out on a limb sometimes because that’s where the fruit is.” – Will Rogers
Lenders make money by taking risks. As Will Rogers said, “you’ve got to out on a limb sometimes, because that’s where the fruit is.” Risks can come from various sources including uncertainty in international markets, threats from project failures at any phase in design, development, production, or sustaining of life cycles, legal liabilities, credit risk, accidents, natural causes and disasters, deliberate attack from an adversary, or events of uncertain or unpredictable root-cause.[i] If we can manage risk, then we can make more money, but managing risk begins with identifying it quickly and accurately.
There are two types of risk events–negative events classified as risks and positive events classified as opportunities. Strategies to manage threats, uncertainties with negative consequences, typically include avoiding the threat, reducing the negative effect or probability of the threat, transferring all or part of the threat to another party, and even retaining some or all the potential or actual consequences of a particular threat. The opposite of these strategies can be used to respond to opportunities, uncertain future states with benefits.
In recent years, risk management has been shunted aside by enterprise risk management (ERM), but why should you care? Here is a hint—risk management tends to deal with mitigating past negative events to prevent them from occurring in the future, but enterprise risk management is forward-looking, enough so that risk management is increasingly referred to as traditional risk management (TRM).
Enterprise Risk Management vs Traditional Risk Management
“Twenty years from now you will be more disappointed by the things you didn’t do than by the ones you did.” – Mark Twain
The drawback to traditional risk management is that it tends to start with those things you did, not what you didn’t do. TRM tends to focus on risk avoidance, while ERM takes stock of potential risks and identifies which ones are worth taking, therefore focusing more on opportunity alongside pure risk. As noted above, ERM encompasses the entire enterprise; and is top-down, but traditional risk management may focus on only one area rather than ERM’s holistic view of the entire organization. Because TRM is well established and routinely practiced across business, it has become quite standardized. ERM is more dynamic, agile and adaptable to situations or organizations; it is more fluid, adaptable, and dynamic than TRM.
Therefore, TRM tends to be standardized, backward-looking, and risk averse, and its limitations include that it:
- Does not foster informed risk-taking
- Uses a siloed approach
- Is less able to adapt to changing scenarios
- Is harder to tailor to business risk profile or circumstances
- Restricts risk management to team or department level
Let’s summarize the differences between TRM and ERM:
By exploring some of the differences between TRM and ERM, now you understand why enterprise risk management elevates an organization’s approach to risk, delivering a degree of board understanding and oversight not seen in a traditional risk management strategy. As noted above, ERM encompasses the entire enterprise; and is top-down, but traditional risk management may focus on only one area rather than ERM’s holistic view of the entire organization. Because TRM is well established and routinely practiced across business, it has become quite standardized. ERM is more dynamic, agile and adaptable to situations or organizations.
Seeing Risk Clearly
Enterprise risk management helps lenders to more clearly see risks across the enterprise, and it may have evolved out of the shortcomings of traditional risk management’s reliance on the past to predict the future, especially during the Great Recession, as various historic-based models simply failed to identify risky borrowers. Individual risk policies now are usually grouped under ERM–credit risk, operational risk, liquidity risk, strategic risk, and so on, if only because of their close linkages. Approving credit incurs potential credit risk, booking and funding the borrower loan opens up operational risk and liquidity risk, so an enterprise risk regimen forces the organization to assess the collective risks in loan transactions. So, expand your horizons to move beyond yesterday’s traditional risk management to the wider world of enterprise risk management.
“Don’t let yesterday take up too much of today.” – Will Rogers
https://en.wikipedia.org/wiki/Risk_management , as of March 6, 2023