Recognizing disruption, increasing the enterprise’s risk management capabilities and thinking strategically are becoming more important for financial executives.
A new report issued by Financial Executives Research Foundation (FERF), in partnership with Grant Thornton LLP, The Strategic Financial Executive: Managing Risk in a Disruptive World, highlights the growing role of the financial executive or CFO in managing an enterprise’s risk and creating corporate value, as well as the various ways finance executives can manage risk and add value to their organizations.
FEI Daily spoke with Dr. Paul L. Walker of St. John’s University; Dr. Mark L. Frigo of DePaul University, Michael P. Rose and Bailey Jordan, both partners in Risk Advisory Services at Grant Thornton, about the report’s findings and its implications for financial executives looking to play a more strategic role and enhance their organization’s risk management capabilities.
FEI Daily: Can you describe how the report came about?
Paul Walker: Mark and I are academics, and we’re constantly in touch with financial executives and learning about their concerns and their challenges. We also teach MBA classes and work with FEI and a variety of other organizations.
Mark Frigo: Paul and I both lead centers at business schools and universities that focus on risk management, and a part of that is strategic risk management. We think the themes in the report focus on the capabilities and the approach CFOs will need to have today, and in the future, to be able to proactively manage risk and to understand and manage disruptions.
Walker: I think another genesis of it is that financial executives need to get in this game. We’re in a strategically destructive, rapidly changing world, and the financial executive is absolutely critical.
FEI Daily: What did the report say about how the CFO’s role is evolving?
Walker: Whether that person’s a CFO or whatever title you want to use, there’s a need for someone to help companies navigate this disruptive world. Things are moving rapidly, and in some cases, people don’t even know who their competitors are anymore. Risk is growing. The pace is growing. There’s a need for a financial executive to be able to step in and solve this problem of not just doing things the old way, and not just being good at numbers or financial reporting.
Frigo: There’s also the evolution of risk management being integrated within companies and the CFO needs to be able to talk about the accounting results, and also be able to make the connection between the organization’s business strategy and how it’s going to drive value creation in the future.
Mike Rose: The business world is changing in many ways today, so the CFO must be able to adapt quickly to the changes they see. Demands are increasing on them for more comprehensive information, better understanding of risk and deeper market knowledge. And CFOs really need to have the ability to provide insights with regard to risk and understanding how disruptive risks may affect the organization.
They need to be able to focus on how risk affects them today. Are changes needed to the business model and strategy? Does it affect future value creation from an organizational standpoint? I see that as the driving force that’s evolving.
Bailey Jordan: There is a need for a CFO to be aware of an organization’s strategic direction and the risks of those strategies. And that’s obviously a big play on the new COSO ERM update. Does the strategy align with the mission and values of the organization?
I think the CFO can help, particularly when it comes to looking at some of the underlying assumptions behind some of those strategies. CFOs have to be part of the executive leadership team, weighing in on the vision, mission and strategy of the organization.
FEI Daily: What are some of the best ways financial executives can help promote risk management?
Walker: I think the first key is you have to pay attention. Some companies want to get more sophisticated than others, but you’ve got to have a method to bring this knowledge about emerging changes into the organization, then you’ve got to connect it to the business model.
Frigo: It begins with first understanding the strategy and then the strategic risks in the strategy. And from there moving onto understanding what the risk profile is and what the action plan is for managing that risk in a continuous fashion.
Organizations that adopt that type of approach have a continuous process where the risk IQ in the organization continues to get better. It’ll be analogous to total quality management, where TQM needed to be a continuous process. Similarly, risk management needs to be a continuous assessment and management needs to be a continuous process.
Rose: CFOs get questions from boards and CEOs because everybody knows risks are increasing. The pace of change is causing a lot of disruption and decreasing the amount of time to be able to identify change, to understand it and to turn the organization in a direction to address issues that affect their business. It’s really identifying and reacting to potential disruption within their industry, and understanding how disruption affects an organization’s business model.
Jordan: Assuming an organization has a formal ERM process, the CFO could be a change agent asking the executive leadership team to have a facilitated discussion about emerging risk and looking at what could potentially disrupt the business.
Rose: I think it’s also critical that the CFO and the risk team is aligned and connected with the leadership in the business units because they’re on the front lines, and a lot of times they may see risks or disruption in the marketplace, but not have a communication vehicle to bring it back into the ERM process.
FEI Daily: Is there a challenge in balancing that continuous risk assessment with more routine activities?
Walker: Financial executives told us yes, it is a challenge, but I think a couple of them also mentioned to us that, “You have to look at it as an investment in the future.” Perhaps another way of thinking about it is if you don’t do this, you’re going to get run over. It’s maybe the most important thing you can do.
Frigo: We try to address the idea that the rapid pace of change places all organizations and executives at risk of identifying disruptions too late, when it’s too late to do anything about it. We see this day-in and day-out with companies that fail to change.
Jordan: It’s just like what the audit committee is experiencing, and that’s having things added to their plate. But strategic risk is so critical that it needs every member of the executive leadership team, including the CFO, to weigh in on it. I don’t think the CFO has to bear the burden of this on their own, but I think it’s their responsibility to be aware of where in the organization someone is taking point on it. It depends on the organization’s size and complexity on what the role of the CFO might be in risk.
FEI Daily: How important is collaboration between financial leaders and other business unit leaders?
Frigo: I think it’s critical that CFOs interact with business unit leaders within the organization, to share information as well as to obtain information.
Walker: There’s no question that collaboration plays an important role in risk management. The one thing I would ask people to look at the study and read where we quote one CFO who says, “You don’t always want to be the no guy.” Instead, you want to be the guy that works with the CEO that says, “All right. Let’s think about the risk as we do this.” I felt that was very wise of that CFO to talk about working together, but doing it with the right attitude. You want to make sure you know the risk, instead of being a no man.
Rose: It really comes down to building an ERM process that gets everyone involved within the organization and has the ability to capture information from various sources. Management has to think through these trends or events so they’re capturing this at the earliest stage possible.
Jordan: Hopefully they’re identifying those types of risks so they can evaluate the implications, particularly if they have an ERM process in place. If they don’t, the CFO can simply bring the risk to the attention of the executive leadership team or the risk owner to collaboratively evaluate the implications.
FEI Daily: How should financial executives be thinking about their own skill sets and potentially expanding or updating them?
Frigo: One of the things CFOs should do is do an assessment of the gaps in their skills, as well as their team’s. Identifying the top priority areas in which additional expertise, capabilities, training would be valuable.
That can be done with executive education programs within the company, or by partnering inside or outside the company to achieve that expertise and capabilities. Basically, it requires understanding or assessing the needs of the CFO organization within the company, and identifying what is needed to get its capabilities up to speed.
Rose: From a financial executive standpoint, it’s understanding what skill sets they need to manage risks. It’s taking a personal review of the skill sets you need. Take a look at some of the frameworks out there, how they could leverage those within the organization, understanding their own view of risks within the organization, bringing in subject matter experts where needed to help them understand better where their skill sets and to assist in supporting possible gaps..
A key that we see a now is that financial executives need to spend more time outside of their office, interacting with others within the business, building relationships with their customers and spending more time with industry associations to understand what’s affecting the company and the industry.
Another key item is for the CFO or the financial executive to be able to ask the right questions. To ask the right questions of all those individuals, whether they’re customers or business folks. Asking the right questions to get the right information is a big plus with regard to the overall communication process.
FEI Daily: How should financial leaders be thinking about or preparing for the COSO ERM framework?
Frigo: The framework outlined in the exposure draft is going to provide a great opportunity for CFOs in that it has a more strategic and performance driven orientation.
Walker: I completely agree. I think opportunity or opportunistic is the word because it gives you the chance to raise the conversation once again. COSO, whether you agree with the entire framework word for word, has the brand recognition and board members are going to look at it and they’re probably going to go to their executives and say, “Hey, COSO just released this new thing about risk. Are we doing this?”
This gives the CFO the opportunity to say, “I’ve been thinking about that and here’s some new things that we could do.” It’s a great chance to have that conversation, but the financial executive’s got to be ready to have that conversation.
Jordan: There’s an executive summary that was part of the exposure draft, and that would be the place to start. It’s going to hit the critical points around strategy and culture, which are two essential elements to a successful ERM process or to make sure ERM is really adding value. I expect there’s going to be a number of opportunities to learn more when the framework is released.
Rose: It’s a different approach to ERM that aligns risk with strategy and performance, which I think is key. It’s important to take the new framework and compare it to the processes in an organization today, and start highlighting where differences exist or where we can improve the methodology within the organization’s framework.
Because I think it’s going to be a much stronger framework going forward and it will initiate discussions within the organization about those differences, about those gaps, and how they’re going to utilize the new tools that the framework is suggesting. For organizations that haven’t linked their ERM to strategy, it’s critical to start getting that mindset embedded in the organization.