The latest risk management survey from Deloitte shows that 65% of financial institutions have increased their spending on risk management and compliance this year. 58% expect to further increase their risk management budgets in the next three years, and 17% report plans to boost this element of their annual spending by at least 25%.
But financial allocation is just a small component of a comprehensive enterprise risk management strategy. The biggest change identified by the survey is resource investment in risk assessment and mitigation. 98% of the chief risk officers polled said their companies regularly review risk management reports, while 94% devote more time to identifying risks and rolling out company-wide risk-reduction strategies.
“Risk management shouldn’t be viewed as either a regulatory burden or a report destined to gather dust on a shelf,” said Edward Hida, editor of the survey and partner of Deloitte & Touche LLP. “Instead, it should be embedded in an institution’s framework, philosophy and culture for managing risk exposures across the financial institution.”
Of course, financial institutions aren’t the only one with a responsibility to take a concerted approach to its enterprise risk management policies. Ashley Almanza, the new chief executive to G4S, is the first to acknowledge that poor risk management is behind everything from the security giant’s shortage of security guards at the London Olympics to recent fraud investigations over allegations of overcharging for its electronic suspect tagging service.
“We need to invest more in risk management systems and processes,” he said. “G4S is not the first company that has found that when you grow quickly one of the difficult things to achieve is to ensure that you’re investing in systems, processes and people that give you adequate control over your business.”
G4S will be among a host of growing SMEs and other developing organisations to focus on the link between risk management and service excellence in the coming years.