Risk & Economy » CFOs must play a key role in risk mitigation

CFOs must play a key role in risk mitigation

Managing operational risks equally important as managing financial risks in a post-pandemic world

The myriad of macroeconomic headwinds is forcing businesses to evaluate, monitor and deal with a wide range of risks.

CFOs, as senior members of the management board, are well placed to coordinate efforts aimed at identifying and mitigating not only financial risks – but also operational ones too.

“Whilst the events of the last 18 months have been unprecedented, they have underlined the importance of modelling various risk scenarios and understanding the potential impacts on your business,” says David Carrick, CFO at Apex Group.

“By preparing for potential risk scenarios, as well as understanding the industry and macroeconomic trends and drivers, CFOs can help their organisation to be more robust and to adapt and manage these risks more effectively.”

It is also vital that CFOs understand that risk, regardless of whether it is operational or financial, is dynamic and can escalate rapidly, according to Shirine Khoury-Haq, Co-op CFO and CEO of Co-op Life Services.

“What might be neatly categorised as an operational risk at first, such as the nationwide HGV driver shortage, soon manifests as a financial risk and a reputational risk for many businesses,” she says. “Failing to recognise the scope of each risk leaves your brand and your bottom line in a vulnerable position.

“Some challenges may require more urgent attention, but a good CFO should never discount the importance of any risk and have the financial and operational expertise to take proactive action.”

Therefore, it is vital that CFOs understand, evaluate and measure the risks to which their companies are exposed to.

“A CFO must play an active role, as part of the wider management team, in evaluating and measuring the levels of risk facing their organisation,” says Carrick, pointing out that Apex has a clear monitoring system across several key areas to proactively identify risks.

“Financial risks are part of our overall risk framework and, as such, are subject to close monitoring, including the measurement of key performance indicators.”

Carrick identifies compliance and regulatory, digital and data privacy, transaction and computational errors, human resources and outsourcing as the main operational risks faced by Apex Group. Key financial risks include solvency and liquidity, interest rates and FX, as well as credit and inflation rates.

“The management team, including the CFO, must make the identification of potential risks a priority in the day-to-day operations of the business,” he adds, noting that for each risk category, Apex has appropriate procedures in place.

Khoury-Haq points out that working with the company’s management team, as well as its risk and audit committee, allows the risk management team to regular review and share details on principal risks, risk appetite and risk management/mitigation.

“Our internal audit function also provides independent third line assurance on key risks,” she says. “As a CFO, these teams and mechanisms are crucial to managing current and emerging risks and, therefore, the financial and operational decisions that must follow.”

Communication is vital

The next step is to ensure that communication across a business is fluid and open, enabling any potential challenges to be exposed and dealt with quickly.

“As well as reviewing risks and actions, I ensure my leadership team stays close and speak often to regularly uncover opportunities or challenges. Some of these may apply to just one business, but many apply across our portfolio,” says Khoury Haq.

“When we have a very solid understanding of the business, its environment and how it operates internally, we can take the right decisions along the way.”

When it comes to risk management, technology plays a major role in ensuring that key risk controls are maintained across an organisation.

“Technology and real-time data are critical tools at the disposal of the CFO to ensure an adequate risk control framework is implemented,” says Carrick.

While the role of technology plays is vital, Khoury-Haq stresses the importance of the human teams who develop, maintain and oversee risk management processes.

“Without the vigilance and response of trained professionals, risk mitigations are unlikely to be as effective as we would hope,” she says. “It’s also our senior leaders who can help keep things on track, when it comes to controls.

“A CFO and the board of directors need to set the right ‘tone at the top’ to ensure the organisation understands the necessity of a robust but flexible control environment, founded on integrity and ethics.”

Share
Was this article helpful?

Comments are closed.

Subscribe to get your daily business insights