Career Opportunities
Events
Career Forum
News & Articles
Recruiters
Register For Our Weekly Newsletter
Catch Up On The Latest Headlines
Thought Leadership Articles
Submit Thought Leadership
 
<< Back

The multi-billion dollar black hole?

Ernst & Young

Investors and stakeholders look to risk management spending as measure of corporate stability.

Almost half (41%) of global companies plan to increase their spending on governance, risk management and compliance (GRC) in the next 12-18 months, but around the same number (44%) admit they find implementing these measures difficult, according to new research by Ernst & Young¹. Without proper focus, this investment is potentially being poured into a multi-billion dollar black hole.

Paul Kennard, Ernst & Young risk leader in the UK says, “In the aftermath of the most severe economic crisis in a generation, it is not surprising that companies are looking to demonstrate sound risk management and are upping spend. In many cases this is a direct response to demonstrate to customers and stakeholders alike that the business is sound.”

Risk – top priority for investors

It is not just high risk industries, such as oil and gas, that have seen their reputation and market capitalisation damaged by controversy in recent years. Consumer goods companies, food, automobile and even toy manufacturers have all felt investors’ wrath.

The research indicates that being seen to invest in risk management is one way of communicating to stakeholders about the perceived safety and reliability of investments, with 69% of companies stating that investors and shareholders look to GRC as a measure of their corporate stability.

Kennard adds, “Risk and managing risk effectively is a serious consideration for all businesses – not only in protecting businesses from external threats and controversy but by reassuring investors and stakeholders that the businesses are sufficiently protected.”

External pressure is rising

But questions remain from an external stakeholder perspective about whether companies’ GRC is robust enough in a post-crisis environment.

What is concerning is that the research shows that external stakeholders are more dissatisfied with the quality of GRC than companies’ own operational management and business leaders, with nearly 80% stating they believe that companies’ GRC functions need to be enhanced.

Kennard comments, “This shows a clear misalignment between some companies’ perception of their GRC function and their stakeholders’ perception. Stakeholder relations could become very fraught if this is ignored and they are not suitably reassured about the robustness of the risk function.”

Money to spend but lacking know-how

Although many businesses recognise the need to invest and get more value from their GRC capabilities and risk functions, some are faced with the uncertainty about how to design and implement the most appropriate GRC model for their specific circumstance.

The research supports this, revealing two out of three respondents acknowledge the need to enhance their risk management capabilities, while nearly half the companies surveyed said that implementation of GRC is difficult.

Knee-jerk spending is risky business

Despite this, some companies continue to spend, but in some cases attempt to bridge gaps resulting in uncoordinated GRC initiatives that are bolted together, rather than being clearly focused or integrated.

Kennard adds, “Scandals, wrong-doings and risk management failures have all conspired to make companies nervous, resulting in more money being spent on risk management as a knee-jerk reaction. This has a led to a haphazard approach, disconnected from the wider business strategy which has led to gaps in risk coverage.

“What businesses need to recognise is that reinvention of their risk approach cannot be achieved with incremental improvements. Risk expenditure needs to be treated as a strategic investment or business enabler. It should be capable of protecting and delivering value by way of improved business performance and offering an acceptable return on investment.”

Concluding, he said, “Without a well thought out risk strategy money spent on GRC is potentially being poured into a black hole and will not deliver the value investors and other key stakeholders demand.”



__________________________________________
¹ Findings taken from an Ernst & Young global survey of senior executives in large companies, examining the general understanding of the term GRC (governance, risk and compliance) and the need to enhance the GRC function.
567 telephone interviews conducted in 13 countries in June 2010. Countries covered: France, Germany, India, Italy, Netherlands, Poland, Russia, South Africa, Spain, Switzerland, Turkey, UAE, UK.