Rethinking corporate risk
A new risk typology is gradually decimating firm profitability amidst the ongoing economic crisis. Even though individual risks taken separately can be handled with a relative effectiveness, different risk management paradigms need be implemented to curb their cumulative adverse impact.
by Marquis Codjia
Lire en Français
An important staple in corporate affairs management lies not only in the intricacies of the external environment and its potential impacts – deleterious or favorable – on firm profitability but also in factors endogenous to the entity. A business entity has to panoramically gauge in permanence all elements that are part of its ‘quality chain’, that is, its supply chain and distribution channels taken in conjunction with its corporate brand rating within the market.
Uncertainty is at the heart of every business venture. The adventure of a venture is what epitomizes every undertaking that has profit seeking as its core ethos. Decision-makers are keen not only to seek the best ingredients for strategic success but to derive systemically the most cost-efficient modus operandi that will perennially heighten overall financial competitiveness and shareholder value.
Uncertainty can be viewed as the inherent dichotomy that exists in day-to-day decisions regarding core utility and chance; in other words, uncertainty is the big question mark that hangs on the shoulders of most corporate executives, asking them whether they’re making good decisions and whether these decisions will yield good outcomes.
Good outcomes are vital to immediate, short-term firm success in the marketplace; however, good decisions are preeminent in the long-run strategic standing of most corporations because a framework that structurally fosters the emergence of the best ideas and the most efficient and effective procedures uniquely positions these entities for a relatively perennial competitive dominance.
The current risk literature emphasizes that risk, that is, the unknown from uncertainty, can be construed in two ways: aleatory and epistemic. Aleatory risk refers to a situation of pure chance whereas epistemic risk is a conflict circumstance where the resolution depends on the experience level of the decision-maker and their judgment. The latter risk is customarily encountered in business dealings but the former is more a product of probability. For instance, Tony Merna and Faisal F. Al-Thani (2008, page 14) qualified the discovery of Viagra as aleatory because the drug was originally for angina but was found during clinical trials that it could be used to prevent erectile dysfunction syndromes in males.
Corporate risk officers need to continually devise a structured framework to systemically address risk at all levels of the strategic continuum, be it at the executive and project levels or lower echelons. Uncertainty is an indissoluble nexus in business; therefore, risk can never be integrally eradicated. This heightens considerably the criticality of a sound mode of operation that places due interest on the detection, the analysis and the mitigation of all risks across the firm.
Diverse risks but a single risk management framework
(Risk chart courtesy Astral Computing, Inc.)
Many types of risk are found in business entities nowadays, both exogenously and endogenously, depending on the economic sector, the market situation and position (monopoly vs. oligopoly, monopsony vs. oligopsony, or perfect competition) and the strategic direction corporate executives are disposed to spearhead.
To a majority of corporate leaders, the conventional risk typology addresses three key areas which are quintessential to business processes, firm profitability and monetary viability: operational, market and credit. These risk areas were redefined and enhanced through the Basel II banking regulation although the precepts of the latter regulatory corpus can be applied effectively to any business sector.
Operational risk lies in the execution of a company’s business functions and thus covers an incredibly large span of functions, from internal processes to human resources and IT systems. An example of such risk may be a theft of information or a loss due to internal fraud (asset misappropriation).
Credit risk refers to the unfavorable event when a debtor is unable to repay a loan or other line of credit due to bankruptcy or temporary liquidity problems (the epithet “country risk” is preferred when the defaulting party is a country or any other sovereign entity).
Market risk is the risk that market factors (stock prices, interest rates, foreign exchange rates, and commodity prices) may have individually or communally an unfavorable pecuniary effect on a corporate investment or trading portfolio.
Another risk – political risk – is present within a firm’s external environment and emerges concomitantly with a move into the international sphere. This relates to the financial peril that a country may suddenly change its policies and explains, in part, why many underdeveloped countries lack foreign direct investment.
Managing new types of risks
Admitting that risks are inherently the Achilles’ heel in most corporate functions makes accordingly easier the argument that an effective risk management program is pivotal to avoiding potential financial losses or brand damage. Risk officers need to utilize an effective and efficient toolkit in order to detect, analyze and mitigate or eradicate potential risks at all levels of corporate strata, and risk modeling via computer simulation has proven relatively effectual at mapping organization “risk cloud”. Chapman and Ward (1997, page 169) also identify more exhaustively eight phases in the risk management process: define, focus, identify, structure, ownership, estimate, evaluate and plan.
There exists at the moment a complex panoply of methods and systems to address risks, and that list is correlatively associated with the magnitude of the underlying events when they occur (high, medium, low). It can also be affected by the extent to which the probability of the likelihood of occurrence of such events cannot be evaluated with a comfortable degree of accuracy (Lifson and Shaifer, 1982, page 133)
New types of preeminent risks have surfaced the past few years in the marketplace, and at the moment these areas of uncertainty are eerily ignored or underrated by risk specialists or academic experts. Although some of these threats have been tracked with a fluctuating degree of thoroughness over the years, their stratospheric increase in the last decade and the resulting financial havoc on corporate cash accounts have catapulted them into the “high risk” category.
Tony Merna and Faisal F. Al-Thani still posit that the entire risk universe can be divided into 3 sections: known risks, unknown risks, and unknown unknowns. The latter category is of preeminent import in the current analysis because it encompasses the emerging threats named earlier.
Shareholder activism, an erstwhile epiphenomenon, has metastasized lately into a increasingly frequent and potentially deleterious incident within the economic landscape. Of course, the nuisance here is gauged from the vantage point of a corporate executive whose position or policies can be potentially annulled by outside activists.
This type of activism utilizes the conduit of equity stake in a corporation to put pressure on its management and reach the goals and strategies at the core of activist shareholders’ mission. Although shareholder value creation is one momentous ethos for corporate leaders, shareholder activists do not necessarily pursue a community of interests with other shareholders or business leaders. The dichotomy arises because the former group customarily seek short-term goals that are of utmost importance only to them and usually of a pecuniary nature, while the latter aspire to longer-term strategic goals that will enhance firm market standing and competitive status.
Magnifying investor activism risk is the economic observation that it is relatively cheap from the investor’s standpoint – a small ownership of 5 – 10% is sufficient to launch a fruitful campaign – compared to other more costly takeover undertakings within the economic sphere. In practice, stockholder activism can be found in several circumstances: proxy battles, publicity campaigns, shareholder resolutions, litigation, and negotiations with management.
Carl Icahn and T. Boone Pickens, both billionaire US investors, have proven very adept at successfully bringing about change within their target companies and in that process amass gargantuan profits once the desired restructuring, merger or takeover is completed. Mr. Icahn has parlayed his unique business acumen, strategic thinking and huge checkbook into The Icahn Report, an effective pedagogic resource that fosters his views on governance and economic matters.
From a corporate perspective, risks of this category can be extremely prejudicial because a takeover or board turnover can beyond a shadow of a doubt derail the medium- to long-term goals that managers set, which in turn can affect profitability and market leadership while costing the firm unnecessarily millions of dollars in litigation and public relations campaigns.
Reputational risk arises when adverse events affect the brand or social standing and image of a business concern as a result of actions undertaken by the media, firm employees, senior management, and government bodies or industry overseers (the latter group is the source of regulatory risk).
Corporate managers need to heed the aforementioned new risks in a different manner than ordinary risks due to their intense asymmetry (low cost vs. sizeable financial damage). Obviously they must apply the best practices dogma of good financial decision making in corporate finance to this risk typology: present value, financial statement analysis, and risk and return but also option pricing and governance code (Damodaran 2006).
In addition to a solid IT infrastructure aimed at capturing these risks, corporations need to create a new consolidated function, working under the aegis of the Chief Risk Officer, to synergistically address these areas of uncertainty. This role must have overall responsibility for the development and implementation of a detailed business risk management framework and advise senior leaders on sound corporate governance practices. The future of solid firm profitability is at stake.