All business involves risk. Management’s principal task is to navigate through the risks it perceives to deliver value to business. Directors and executives across the planet have different views on what risks are posed to their businesses, and the size of those risks. Global accounting and advisory firm, BDO, has synthesised those views into its Global Risk Landscape 2017 report. In it, the results of a survey taken by over 500 C-suite and senior managers (and some directors) in over 55 countries have been analysed and commented upon by some of the world’s leading risk experts.
Risk is familiar to all businesspeople. Some risks are new – Brexit, Trump, and ransomware – while others are all too familiar. The three highest ranking risks identified by BDO survey respondents were regulatory risk (35 per cent), macroeconomic sluggishness and slowdown (read: recession) (30 per cent), and increasing competition (29 per cent). None of these are novel. The responses demonstrate that the biggest risk to businesses – in the eyes of these respondents – are part and parcel of running any business, and these challenges will remain. Regionally, the results were very similar – respondents from the Americas, the Asia Pacific region (APAC), and European Middle East and Africa (EMEA) all identified one of these three as the leading risks to their business.
Some risks are impossible to predict – not only in terms of the likelihood that they will occur, but that they are risks at all. Apparently innocuous events can be exacerbated and globally transmitted by social media, causing them to spiral out of a business’ control. Ejecting a passenger from an airline – for whatever reason – is a fairly common occurrence, but the financial detriment and reputational damage it can cause a company is a risk which cannot be foreseen. The only weapon against these intangible risks (Nicholas Taleb’s “black swans”) is to implement robust crisis management strategies which will respond effectively to protect the business’ reputation and ongoing viability. This is a key board responsibility: directors should ensure their organisations have such strategies to preserve value and position.
Respondents were almost uniform in identifying technology as the source from which future or emerging risks will come. Whether it be disruptive technologies or cybersecurity, businesses need to be better prepared for these types of risks. The average data breach costs a business $4 million, for example. Additionally, 92 per cent of those surveyed by BDO said that technological changes are the biggest risk for which businesses are unprepared. Boards are responsible for creating long-term value in their companies. Technological change and cybersecurity are long-term risks which will affect business for many more decades. Therefore directors are responsible in ensuring that management is addressing this risk, and that strategic decisions taken at board level will navigate these choppy e-waters.
Risks facing APAC
APAC business are confronted with nuclear proliferation in North Asia, the possible collapse of shadow banking in the People’s Republic, and the global uncertainty surrounding the Trump Administration. The realisation of any one of these risks will have flow-on effects to the entire APAC region, given how globalised and interconnected the world is in 2017. No business will be insulated from any of these regional shocks. Conversely, there is not much that business can do to prevent these risks coming to fruition – all that managers and directors can do is put in place strategies to mitigate the effects.
Risk – as insurers will tell us – is all around us. It is incumbent on boards and executives to protect their business from these risks to the extent possible.