printer friendly version

King II's take on risk management

The recently published King II Code on corporate governance advocates that companies develop risk management and internal control systems.

Effective corporate governance must, therefore, incorporate formalised risk management strategies aimed at safeguarding stakeholder interests.

The new Code on corporate governance, commonly known as 'King II', entrenches the principles of sound risk management and outlines a number of risk management-related requirements for South African organisations (including the appointment of a board committee to review the risk management process, the completion of an annual risk assessment and a number of disclosure requirements).

"The majority of companies, however, are still grappling with the mechanics involved in implementing these principles, including how to integrate the various recommended risk management functions (eg, internal audit, insurance, treasury risk management, etc), which methodologies to utilise, how to manage their information reporting systems and how to respond to identified business risks," says Dr Steven Briers of Alexander Forbes Risk Services.

Noninsurable risk

"Risk identification and evaluation methodologies must be consistent and effective. In our experience, only 10 to 15% of enterprise risks are insurable and utilising risk management specialists is therefore a prudent option when expediting this requirement.

"The roles and responsibilities of the various risk practitioners within an organisation, eg, risk managers, internal auditors, etc, is another much-debated concern. King II, however, stipulates that a company's board of directors is responsible for the risk management process, making the role of in-house risk management specialists one of facilitation. A company's board must, as a minimum, ensure that internal systems of control are developed, that risk management is an on-going process and that procedures are in place to regularly review control system compliance and efficacy. Directors are responsible, and being held accountable, for any company failures or losses," adds Briers.

Identifying risk

"Responding to the findings of 'enterprise-wide' risk assessments is, for many companies, proving difficult as there are no ready-made or off-the-shelf solutions to managing identified risks. Many risk professionals, accustomed to utilising technical, textbook solutions to risk management, are no longer able to apply such an approach as they cannot be applied to 80 to 90% of enterprise risks. Risk management professionals now need to collaborate in order to provide the most appropriate and effective solutions to a company's business risks.

"South Africa (as with any other emerging economy) is competing for foreign investment. Sound risk management and financing programmes are increasingly being viewed as 'strategic weapons' in the battle for shareholder value as fund managers and local and international investors are now demanding that companies evidence good corporate governance before committing funds.

"The limited capacity of the world insurance market, and resultant high prices, have led many clients to question the benefits of insurance and risk management which have, historically, been viewed as an expense with no obvious returns. Enterprise-wide risk management and King II, however, further advocate that risks, if understood and effectively managed, can be associated with opportunity, again contributing significantly towards the sustainability of businesses and market development.

"The new Code of corporate governance should not be viewed as a set of rules to be obeyed but rather as an opportunity to address the issues surrounding business sustainability, investor confidence and shareholder equity," concludes Briers.

Share this article:

Further reading: