CEB Blogs


Risk Management

3 Ways to Ensure Business Decisions Align with Risk Appetite

Drafting a risk appetite statement is a good first step to help line managers make decisions that aren't too risky or too conservative but it's not enough; ERM's guidance must also be consistent and sufficiently precise

Much too often, business leaders make decisions with a significant effect on revenue or operations that are too risky or too cautious, and go against what corporate officers or board members would want them to do in that situation.

Indeed, more than 1 in 3 of 221 risk liaisons – employees in the line that help translate risk management practice for the ERM team – surveyed say they observe material choices that stray from the company’s “risk appetite.”

Examples abound on both sides, and risk managers in CEB’s member network have witnessed many. On the overly risky side, one saw a business unit launch a product that exposed the firm to one of the exact geopolitical risks the CEO had decided to avoid, while another saw the procurement team source a critical component from a single supplier that happened to charge lower prices but was also unreliable and so put the company at more risk of interruption than the senior corporate team would tolerate.

In the overly cautious column, risk managers have seen a business unit invest much less in “transformational innovation” than the executive committee had spent hours discussing – and agreeing – was necessary to achieve the firm’s long-term goals. And another watched a regional head make the decision to only provide marketing support for the business’s sure bets, and then watched the region fall short of its growth targets.

Three Things to Keep in Mind

Many enterprise risk management (ERM) teams try to address this issue by making the firm’s stance on risk-taking more explicit. And at most companies (65%), this means drafting a formal risk appetite statement.

Yet far fewer take the extra step of communicating the agreed-upon levels beyond the leadership team, according to CEB data. While it’s certainly important to do this, it’s also important to do it in the right way. Interviews and surveys of both risk executives and the risk liaisons, who are ERM’s eyes and ears on the ground, show three things to keep in mind when trying to strengthen the link between risk appetite and business decision-making.

  1. Consistent guidance Is most important: More than 6 in 10 (62%) risk liaisons surveyed say that risk appetite guidance at their firm isn’t consistent with other management guidance.

    For example, as the quarter end draws near, the pressures to hit targets increase. Or a push to cut costs can dissuade managers from pursuing opportunities. Mixed messages confuse business leaders about how to move forward and lessen the likelihood that they’ll consider the risk appetite in the future.

    ERM teams will profit greatly from asking business managers about where they get conflicting messages and then working to identify and resolve the root causes of this inconsistency.

  2. Provide a precise understanding of risk appetite: Only 32% of ERM leaders say they communicate the risk appetite to the business at large. In fact, some leadership teams believe that these threshold articulations should remain a secret within that small group.

    This is a mistake: business leaders won’t be equipped to make the correct choices if they aren’t aware of how their decisions fit within the organization’s risk framework.

    Make sure that you describe appetite statements in a way that makes sense for the specific kinds of decisions business leaders make regularly. Ultimately, it’s about communicating the risk appetite in a language that they can understand.

  3. Don’t waste time on what doesn’t matter: Improving the ERM team’s support for the line’s decision-making or making business leaders more accountable for the decisions they make are not helpful ways to ensure that business decisions align with risk appetite, when compared to being given consistent guidance or having that risk appetite translated into a precise understanding about what it means for the kinds of decisions they have to make (see chart 1).

    Relative impact of drivers on decision alignment

    Chart 1: Relative impact of drivers on decision alignment  Multiple regression results; n=162  Source: CEB 2016 Risk Liaison Survey

    Note: Dependent variable = Decision Alignment; R²=0.27. Results for Decision Support and Accountability were statistically insignificant and so depicted as zero.

    Click chart to expand

More On…

  • Risk Assessment & Audit Planning

    The size and complexity of many organizations, and the constantly changing risk environment, means there is now often insufficient information to make good decisions. Learn how to change that with these resources.

Leave a Reply



Recommended For You

Risk Management: The Profile of a Risk Liaison

Although not employed directly by the often tiny enterprise risk management function, risk liaisons work...