Risk Technology – the use of technology in Risk Management. Well, ten years back, if I had spoken of Risk Management, it was almost synonymous with Internal audit management. Two years back, the pandemic changed the perception. “Risk management “ as a term was used in every board room (thankfully so! Though we, as risk professionals, wanted the much-awaited outcome, but not at the cost of Covid!) Fundamental, to this understanding is the fact that Risks exist and need to be managed
The Dreaded “Delta Variant” And What We Did Right
Let’s take the Covid example. The mild first wave made India declare a premature victory of sorts and Actions by the Government and the citizens led to the virus spreading to dangerous levels. Organisations focused on Continuity of business. Could we have used DATA ANALYSIS to drive decision making? Absolutely. India was hit hard by the second wave, with many of us, reading this, losing our loved ones, due to incapacitated infrastructure. And then, there was the WHO prediction of a much dreaded third wave. But lo and behold, India emerged stronger. Scientists at IIT(and other institutions leveraged the power of technology to predict infection rates, allowing Governments, healthcare systems and organisations to take anticipatory measures in preparation for the third wave. Oxygen cylinders, ban on large gatherings, bed availability and so on. Outcome: faster Inoculation drive, Less severity, a lesser rate of infection, lesser deaths.
This is a fantastic example of data analytics using technology to proactively manage risk. Again, one of my favourites, could we prevent Covid-19 from hitting us, No. But could we have leveraged technology to manage these risks better, of course, yes, and the results could be seen in the third wave. So yes, risk technology plays a pivotal role in Risk management, if used right.
I have consistently seen organisations resistant to the use of technology and data analytics to predict emerging risks or even to monitor the existing risks. I am a firm believer in the adage “What gets measured gets done”. To measure, we need Data collection, analytics mechanisms and strong governance. I have seen both ends of the spectrum. Organisations that leverage the power of technology to assess and most importantly monitor the risks, manage to avert most risks from turning into unpleasant events. One of the organisations, I was associated with in the past, did a fantastic job, of leveraging data from the internal systems to drive business outcomes.
What Needs To Change?
For Risk Management to be driven effectively, technology needs to be an integral part of the ecosystem. In my experience, I have seen tools /technologies that promise a lot but have poor user experiences and hence organisations fail to adopt technology for Risk management. In my view, a bunch of things need to happen across levels
- Risk to become a performance enabler – Organisations don’t need vast, tedious platforms to input, assess and monitor risks. The need of the hour is a smarter simple interface that can throw customised outputs to encourage the appropriate value of risk-taking.
- Cognitive Technologies to augment human intelligence – Today, most organisations are invested hugely in ERPs. Hence, there is the availability of huge amounts of data. Are Risk tech platforms truly harnessing the power of data?
- “Real-time” risk monitoring- In a hyper-connected environment, with pervasive controls, there is a need for real-time monitoring, hence leading to improved decision making.
- Better Detection & resilience mechanism – As I said before, we cannot prevent risk 100%, but we do need tech-enabled solutions to DETECT BETTER and CONTAIN and REDUCE THE IMPACT of the risk event.
- Integrated view of Risks Interdependency- tech-enabled solutions need to be able to assess the impact of risk across multiple stakeholders to drive better decision making. While tech platforms need to be enhanced, there are organisational actions that need to be orchestrated.
- Boards /Risk Committees to strengthen the Governance pillar – Right questions around Risk management will force organisations to start investing in the right platforms. Any KRI (Key Risk indicator) is as good as the data behind it.
- Risk Management needs to be the CEO’s agenda – “Tone at the top” drives behaviour…absolutely! My belief, if Risk management becomes as important an agenda, as Financial health for the organisation, we will see a sea change not just in the role of technology in risk management but also in the Risk culture.
In my view, a lot needs to be done in this sector to create a sustainable long-term impact for organisations and aid Risk professionals to become “True Enablers in driving shareholder value” vs. “Necessary cost to meet regulatory requirements”.
Blog Author – Jyoti Ruparel, Governance, Risk and Compliance Strategist, Former CRO, Genpact