Business Today

Impossible to be risk proof

Inge Boets, E&Y’s Global Head of Business Risks, talks about the importance of risk management groups.

Shalini S. Dagar        Print Edition: December 14, 2008

Inge Boets, E&Y’s Global Head
Inge Boets
I don’t think you can ever be completely covered for risk nor would you even want it,” says Inge Boets, Partner, Ernst & Young. “You wouldn’t want to be completely covered because the cost could be prohibitive,” she adds. So, why bother with risk management if one can never be completely covered? “It is good to be as well prepared as possible,” she says. As E&Y’s Global Head of Business Risk, she should know. “Sometimes it is just important to be aware of the potential risks that your business faces,” she adds. Risk management often requires a specific function. This is evident in the rise of the risk manager or a chief risk officer in organisations— a function which did not exist 5-10 years ago.

However, that is not to say that the entire responsibility of managing risks resides only with the risk officer. According to Boets, there are four lines of defence against risk—the operations team, the support team, the assurance team (an internal compliance team) and finally the executive team and the board.

“It is imperative that the concept of risk management gets integrated into strategic and operational planning at all levels,” she says.

In an era of turbulence, one of the key risks facing corporations is one of over-regulation. Boets cites the case of Sarbanes Oxley (SOX) Act, which was implemented in the US soon after a similar crisis. “However, SOX was reviewed two years after implementation to address concerns about over-regulation,” she points out.

For Boets, SOX, however, demonstrated that companies, which did more than merely comply with the law, benefited far more than their peers. Indian companies, which are reputed to mostly follow the law in letter, could take a leaf from this experience.

Four lines of defence against risk
The operations team
2. The support team
3. The assurance team
4. The top executive team

• The risk manager plays a key role in every organisation
• The concept should ideally get integrated across all levels
• Merely compliance with the law is often not enough
• One can never really be completely covered against risk

  • Print

A    A   A