How Boards Can Understand Risk: An Interview with Charles .. GRC Articles » How Boards Can Understand Risk: An Interview with Charles Fishkin by The Corporate Board
Articles by Author
- November 2017
- October 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- January 2017
- December 2016
- November 2016
- October 2016
- August 2016
- June 2016
- April 2016
- March 2016
- February 2016
- January 2016
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- October 2014
- September 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
Tags: 2006). Fishkin Is an adjunct professor in the Masters Program in Financial Engineering at Bernard M. Baruch College of The City University of New York., allocating people and capital, An important starting point is to consider the wide range of decisions that companies have to make., checks, controls and scrutiny throughout an organization, Culture is important too. These are the fundamental values that are important in a company., designing products, Governance involves setting strategy, He is author of The Shape of Risk: A New Look at Risk Management (Palgrave, hiring, How can a board deal with this problem?, How do companies and their boards assure this risk governance change happens?, How does the board distinguish between reasonable risks and those the company shouldn’t take?, making investments, many oversights still occur. Charles Fishkin has an idea why, marketing and all the other activities that a company demands., paying, Process is structural. It involves approvals, What about the role of company culture?, While the economic crisis of 2008 - 2009 scared boards into focusing on risk, Why is “process” so important to effective governance?.
How Boards Can Understand Risk: An Interview with Charles Fishkin by The Corporate Board
Over a career extending more than 30 years, Fishkin has held senior roles across the spectrum of financial services. He was hired by SEC Chairman William Donaldson to create and lead the agency’s Office of Risk Assessment, serving as its director from 2004 to 2007.
He is author of The Shape of Risk: A New Look at Risk Management (Palgrave, 2006). Fishkin Is an adjunct professor in the Masters Program in Financial Engineering at Bernard M. Baruch College of The City University of New York.
The Corporate Board: Risk has become a major concern for corporate boards, but companies still seem to fumble their risk management. Why?
Charles Fishkin: A key reason is the dynamic nature of risk. Companies change and evolve, sometimes very rapidly. They enter new markets and new jurisdictions, develop and sell new products, and hire new staff. Markets and industries change rapidly too.
The ways companies approach governance also need to evolve. Governance is a dynamic activity. It needs to be durable, adaptable and flexible. Too often, companies continue along with a governance structure that’s inadequate, or that hasn’t evolved sufficiently to adapt to changes.
TCB: How do companies and their boards assure this risk governance change happens?
Fishkin: An important starting point is to consider the wide range of decisions that companies have to make. When directors describe their governance, they usually talk about an organization chart that shows the reporting relationships of senior executives, and various governance committees — a risk committee, compliance committee, conflicts committee and other governance committees. They also describe the roles of the chairman, CEO, the board and the various subcommittees of the board, such as audit, risk, compensation and others.
These components are important, but they only speak to a small subset of the decisions about risk that any company makes. It’s important to distinguish between an oversight function and the people who make most of the decisions on a daily basis.
A board of directors meets a limited number of times per year. A risk committee may formally meet monthly or quarterly. Many meetings may last an hour or two, or at most a day. This means that only a few topics are discussed, and in a broad manner.
TCB: How can a board deal with this problem?
Fishkin: The board should adopt an approach to governance that anticipates potential problems. Will an existing governance process be effective under changing conditions? If not, what needs to be done at the earliest stages?
Governance involves setting strategy, allocating people and capital, making investments, designing products, hiring, paying, marketing and all the other activities that a company demands. It relies on data, the use of models and the size of a company’s risk taking. A particularly important aspect of governance is the role of process, especially as it relates to how decisions are made and approved.
TCB: Why is “process” so important to effective governance?
Fishkin: Process is structural. It involves approvals, checks, controls and scrutiny throughout an organization. Effective governance means that decisions can be made in a flexible way, but at the same time have appropriate limits and oversight. Process provides consistency and structure for these decisions that are made every day. If designed properly, process brings scrutiny and challenge that should be applied so decisions are made in a thoughtful manner.
Every decision can’t be analyzed by the senior-most management, but it defines the scope of decisions that require additional attention. Process also helps organizations act with agility.
People know what decisions they can make, and do so freely.
TCB: What about the role of company culture?
Fishkin: Culture is important too. These are the fundamental values that are important in a company. They’re expressed in various written documents, but more importantly culture also informs decisions and actions.
TCB: How does the board distinguish between reasonable risks and those the company shouldn’t take?
Fishkin: Taking the right risks is crucial to sound management. This means that a company must carefully understand the risks it’s exposed to. A decision to manage one risk may give rise to another. You need to weigh the ramifications of every decision.
TCB: How do you ensure your risk oversight system can handle that?
Fishkin: That’s a complex question. You have to work at it, every day, across all company units. Organizations need strong controls and “checks and balances.” That means oversight processes that have their own identity and will, with strong cultures of compliance and risk management.
There has to be alignment between what management says and what management does. You need to continuously be asking, “Do we have the right staff, the right business model, the right balance between revenue creation and franchise protection?” Look at companies that stumble, and those that consistently succeed.
The difference is often found in the elements that comprise a governance program and governance-centric culture. This includes clear messages from senior management, well-defined processes, and excellent people at all levels, thoughtful pay programs and a well-resourced infrastructure.
THE CORPORATE BOARD
4440 Hagadorn Road, Okemos, MI 48864-2414,
2014 by Vanguard Publications, Inc.
For Reprints contact: firstname.lastname@example.org
Reprinted in TheGRCBlueBook with permission from The Corporate Board