Dr. Earl R. Smith II
Managing Partner, The Federal Circle
DrSmith@Dr-Smith.com
Dr-Smith.com
The board of directors plays an important role in managing corporate risk. Recent scandals have highlighted the horrific costs incurred when the board either ignores or mismanages this responsibility. Managing risk is at the heart of the fiduciary relationship that every sitting director has with the shareholders.
Successful compliance management requires boards of directors and senior corporate management to understand the issues surrounding risk and operational steps required to mitigate the risks or future occurrences. Boards must employ corporate management and external advisers to assist directors in understanding the specific issues surrounding various processes of operations. Once the board understands the root issues of risks, boards must adopt policies reflecting corporate values and show leadership in holding the CEO accountable for enforcing the policies.
The board must conduct a realistic assessment of the risks involved in the company’s operations. The board should establish a committee or advisory board with all the required resources and authority to conduct the assessment. The board of directors should establish a committee charter setting objectives for the committee. Some of the items the committee should address include:
- Identifying various risk factors
- Assigning probability to the risk
- Assessing the potential impact
- Quantifying costs of recovery
- Establishing mitigation policies
- Quantifying mitigation costs
- Documenting findings
The committee should review the corporate strategic plan in preparing for the task of building a compliance management program. The corporate strategic plan will identify the strategy the board has established to enhance shareholder value. Directors and corporate management should be familiar with the strategy and should be prepared to discuss the issues surrounding each goal and objective identified. Using the strategic plan and annual reports as a starting point and bringing corporate management, employees and external advisers into the process, quickly identifies and quantifies risk.
Directors should assign a probability to each risk. Industry standards assign risk factor between zero and one. A risk judged to have no possibility of occurring is assigned zero and risk considered likely to occur would be assigned a one. Risks assigned zero should not be included in a compliance management program.
Directors should seriously consider the input of senior corporate management when considering the potential impact various events would have on corporate operations. Disruption of operations should not be the only consideration directors should consider. Financial impacts, public relations concerns, litigation and recovery costs should all factor into the impact of an event on the corporation.
Directors should utilize corporate management, and outside advisers to assist in establishing mitigation plans to reduce the risk to the corporation from identified and probable risk events. The committee should assign realistic costs to each mitigation plan. A financial plan compares the reward expected to the operations generating the risk. Some corporate products or services create a larger risk to the company than the expected reward. Committees finding these results should recommend to the board to abolish the product or service.
Risk and mitigation plans are approved by the full board of directors. The CEO and corporate management not involved in the actual report should be present at the presentation to question and comment on the issues raised by the committee. Professional governance of risk dictates that all potential and likely risk issues have been considered and sufficient plans have been made to mitigate each risk. Directors should also make an assessment of the potential rewards form continuing with current operations or the new operation being considered. Good governance of risk is a major responsibility of the board of directors.
Regulations require corporate boards of directors to report to shareholders and investors on risk and compliance management issues. Annual reports will list significant risks directors and risk management committees have identified as serious threats to the continued operations of the company. Corporate strategies for mitigating risks will also be listed. Risk management is a serious business, and public companies are required to engage in assessing the risks to corporate investors
Board risk management is critical to preserving and extending shareholder value. Directors face significant liabilities – including possibly criminal liabilities – if the ignore this responsibility. If you would like to know more about risk management or other areas of board operations, send me an e-mail and we will arrange a time to talk.
© Dr. Earl R. Smith II
~~~~~~~~~~
Related Articles:
- Governance By Visionaries
- Business Ethics – A Function of Corporate Governance and Commitment
- Board Assessment – A Critical Part of Good Governance
- Board Governance – Engaging Leadership
- Board of Directors – Major Legal and Moral Responsibilities
- Lessons of Complacent Boards
~~~~~~~~~~
Sorry, the comment form is closed at this time.