The term Operational Risk Management (ORM) is not new. It has been tossed about in businesses across North America for the last several years. ORM and the oft associated term Enterprise Risk Management (ERM) have generally been used as corporate buzzwords, business culture idioms referenced in board meetings and articulated during presentations. Recent developments, such as the creation of the Sarbanes-Oxley (SOX) Act in 2002 in response to growing financial scandals in the U.S., have brought Operational Risk Management, Enterprise Risk Management and related concepts from the backrooms to the forefront of corporate America.
The inescapable reality is that every single day businesses incur losses and experience operational disruptions due to failures by employees, incorrect implementation of processes and technologies as well as wilful disobedience to internal controls. These losses may be manifest in the form of uncollectible receivables from disappointed clients, lost sales due to call centre failures or unproductive employee downtime when computer systems are unavailable, or a host of other potential problems. While most businesses have developed ad hoc methods of dealing with such losses in the past, legislation (such as SOX and the Basel Accord) has made standardized compliance procedures much more complex. Thankfully, just as these new rules have given rise to increased awareness of ORM/ERM, new tools (including Risk Management software) have been developed to aid compliance efforts.
The new regime of Sarbanes-Oxley, under the direction of the Public Company Accounting Oversight Board (PCAOB) which is in turn accountable to the Security and Exchange Commission (SEC), has undoubtedly benefited the business world by providing a foundation from which to decrease corporate fraud. However, the complexity and associated technical, labour and administrative costs posed to business is also considerable. The realities of both individually large and collectively mundane errors resulting in loss, as well as the newly regulated reporting of those losses, affect virtually all areas of every business each and every day. Therefore, it is in each company’s best interest to simultaneously find ways to cut losses while keeping regulatory compliance costs down. Hence the rebirth of Operational Risk Management/Enterprise Risk Management and the new demand for Risk Management software solutions.
Traditionally, few operational losses were measured in any accounting system, and rarely were the loss incidents tracked and analyzed in any way; the time and paperwork required to do so was simply daunting. Because there was no standard legislation in place, any Risk Management software tools were often proprietary and slightly more than electronic log books at best. New technologies and attitudes have allowed loss incidents to be seen as more predictable and able to be grouped into risk categories. Proper analysis of these incidents can result in attribution to root causes which aids in mitigation. Even this beginning leads to dramatically reduced costs while achieving huge gains and strategic advantages from well crafted Operational Risk Management policies and Enterprise Risk Management procedures.
Changes in legislation, technology and attitudes related to ORM/ERM have produced not just economic gains, they have led directly to re-invigorated business innovation and even created improvements in the quality of life. For example, safety, quality and environmental related loss incidents have proven to be not only manageable and avoidable, but sound management of these issues has conferred greater advantage on those who succeeded while driving many who did not adapt out of business. While large scale corruption may have brought about regulatory changes, these changes have spurred a re-visioning of Enterprise Risk Management. Advanced Risk Management software has allowed business to more directly mitigate losses. This has resulted in a cleaner, more efficient and more competitive business environment.
In the post-SOX environment, the same social and political pressures on organizations are present. Improved attitudes and tools have encouraged the proliferation of sound Operational Risk Management to the economic and strategic benefit of those properly prepared for the journey. To find out how Paisley Consulting can help your company on that journey, whether through the provision of powerful Risk Management software or expert consultation on Enterprise Risk Management, visit www.paisleyconsulting.com.