A Fine Balancing Act: Managing Risk in the Age of Digitization
by Mike Infante May/June 2016
In the age of digital disruption, a company’s risk appetite and risk profile are constantly changing in response to the dynamic global environment. Cisco Systems Chief Credit and Risk Officer Mike Infante outlines new risk management considerations that are necessary in the age of digital transformation.
The digital era is upon us — there’s no denying it. Apps like Uber and Lyft have reimagined ground transportation and clothing companies like Nike and Under Armour are now in the business of connecting consumers through data generated on fitness trackers like Nike+ and MapMyRun.
As more becomes connected, this era of digitization continues to create significant market disruption globally and bring about unprecedented business opportunities that may have previously been considered high risk.
This shift is changing how many companies view risk, as they are unable to ignore this digital disruption. The question now becomes, how do companies evolve their risk management practices to turn market transitions into market opportunities?
State of the Industry
Let’s start by taking a look at the global business landscape as a whole. Technology is breaking down barriers and opening doors for change, but it isn’t the only thing affecting global businesses. In the past five to 10 years, there have been some fairly significant changes to the global environment with new influences emerging that affect global financial risk management practices:
Geopolitical: New security implications, active economic sanctions and new global trade proposals such as the Trans Pacific Partnership have presented new regulatory challenges and roadblocks.
Sovereignty-related: Affects how companies adapt to market transitions, yet manage risk on a global scale. Doing business with countries that have challenging political arenas or unstable economies makes risk management more critical than ever. Recent turmoil in Greece is an example of this type of risk.
Regulatory activities: New and expanded regulatory activities introduce additional risk into business operations. Additionally, growing concerns around privacy are amplifying at an exponential pace. Sweeping reforms to the EU’s data privacy laws are pending, which could have a significant impact on how foreign companies do business in this region.
There are many market forces at play that will affect companies in different ways. Before you begin developing a risk management strategy, understanding the implications is crucial in shaping your program.
Where to Start
Globally, customers need to be risk-intelligent and understand the opportunities and business impacts associated with risk management, as it’s not a one-size-fits-all model. An effective risk management process takes a multi-disciplinary, global approach spanning insurance, operational risks, financial risks and legal liability processes with the ultimate goal of balancing operational and economic costs with the company’s desired risk appetite.
With evolved market conditions, the digital era requires new considerations in risk management. Here is what businesses now need to consider when building out a strategic risk management approach:
Understand current risks: First, customers need to understand what risks they face and take full inventory of risks for exposure across all business units and support functions, from the top of the company to the most entry-level staff role. Senior leaders can often overlook the valuable insights gained from actively engaging all levels of an organization, not just the strategic levels.
Agree on risk appetite: Risk management doesn’t have to be reactionary, and the best risk programs develop processes for identifying and planning risk responses ahead of adverse events. Though risk management focuses significantly on adverse event avoidance, companies also need to exploit risks that bring opportunity and growth.
Keep it simple to start: Many companies try to boil the ocean. Build off what you already have, as there is likely a lot of existing information and processes that are already in place. Security, operations, HR and IT teams are good starting points. Insurance programs are a fundamental risk management tool that almost every company utilizes. Identify the risk resources you have before adding new ones.
Follow the three lines of defense: Operational Management, Risk Management and Compliance Functions and Internal Audit. The objective is for various team functions to work together, but the most critical line of defense is the business operations staff, as risk and audit functions lack the same insight possessed by the staff actively managing risk on a day-to-day basis.
Stay current: In the digital era, companies need to be aware of emerging trends in risk management. Data security, for example, is a critical topic undoubtedly top-of-mind for businesses worldwide given the fallout from hacks on Sony and U.S. government systems. New technologies and applications that collect data bring alongside new potential for data theft.
Once a business has examined the aforementioned considerations, it must develop a robust risk management approach and strategy, being mindful of market opportunities, costs and the dynamic nature of risk management.
Setting Parameters and Implementation
Companies need to determine what financial risk capacity they have, how much they are willing to undertake, where gaps may be and if it creates an opportunity they want to exploit. As such, it’s important to closely examine the global landscape when determining an appropriate risk strategy.
For example, in areas of the world experiencing heightened security, where companies may want to avoid operating risks, new markets may emerge. Businesses will find these growing areas to be a good opportunity to explore risk and look to capitalize on the region. Take Cisco’s commitment to digital transformation in emerging markets, for example. By embracing this transition and fostering an environment of innovation, India alone potentially stands to add $224 billion in economic value over the next decade.
Once an organization determines they can take on more risk, the next step is to weigh options with a critical eye on creating enough flexibility and balancing it to maintain a healthy risk appetite.
This is where financing comes in. There are a lot of options and resources available, but as technology proliferates and even the most traditional of industries and companies make major investments in their IT infrastructure, companies often discover that it is best to partner with a vendor financing organization. Equipment finance companies can act as trusted partners, working with their vendor partners to execute the company’s risk management plan. This can enable the vendor to streamline, simplify and improve customer experience, leverage balance sheets, develop an end-to-end lifecycle transaction, help determine risk capabilities, maximize cost savings and reduce revenue loss.
To maintain a strategic risk management approach, companies must review their programs — while considering global and market conditions — and make routine adjustments. A shift or utilization of risk capacity in one area of a business may have an impact on the risk capacity of another part of the business. Companies have to realize that risk appetite and a company’s risk profile are constantly changing as a result of the dynamic global environment.
One final, but very important factor is the need to balance long-term customer and partner relationships with global influences and possible market scenarios.
Risk management will always require a fine balancing act that may change because of factors out of an organization’s control. However, through consistent risk portfolio monitoring and risk capacity planning with a well thought-out vendor finance solution in place, customers can see around corners and proactively address risks versus constantly being reactive.
Whether you are a third-party originator or a funding source/bank, the responsibility lies with all parties to build partnerships based on mutual trust, mutual commitment, shared ideas and common goals.