 Authored by: Jessica Knight, IRMSA Risk Intelligence Committee Member
The Fourth Industrial Revolution brings with it a fundamental shift in how we do business. Advances in technology and the increasing digitisation of many roles means that the conventional brick-and-mortar business model is quickly shifting towards a hybrid model of an international corporation with nuances of the exponentially popular gig economy. This hybrid is regularly defined by decentralised operations and autonomous employees. In this ever-transforming landscape, a key consideration for organisations is how to take advantage of the global marketplace to source top talent, through the use of digital nomads. Digital nomads are remote workers who typically travel to different locations while still fulfilling their professional obligations. They often work in coffee shops, co-working spaces, or public libraries, relying on devices with wireless internet capabilities like smartphones and mobile hotspots to do their work on the move. The average digital nomad is a Millennial between the ages of 22-35 who is tech-savvy and in hot pursuit of the optimal work-life balance. Rethink Productivity Measurement The rise of digital nomadism is causing companies to re-evaluate the traditional model of measuring productivity. Companies that are preoccupied with time spent working - as opposed to deliverables or results and the quality thereof - are focused on the wrong unit of measure. The number of hours a person works rarely equates to their productivity or achieved results. In a factory system you can achieve economies of scale through allocating and automating tasks that run on a time basis and can measure the cost/yield per hour of production. People are not machines and you cannot achieve the same utility by treating them as such, so why do we continue to use elements of the factory system in how we manage and govern businesses? Productivity and efficiency in humans should not be measured off the basis of hours worked. There is an ebb and flow that needs to be considered, differentiating human and machine elements. Enter the digital nomad, a role focused on results as "hours worked" becomes an almost ungovernable aspect of operations. The appeal of the 40 - 50 plus hours per week spent in a cubicle environment is dwindling in the face of defining your own operational environment through digital nomadism. Not all trends are relevant The integration of digital nomadism is not necessarily suitable to every organisation as it poses new risks stemming from hybrid business models, decentralisation and technological reliance. This refined form of freelancing is often ambiguous, lacks structure and is constantly adapting. Defining and managing your company’s risk becomes tricky when your workforce does not sit in the same place and operate using standardised methods. Controlling roles and responsibilities from a distance becomes a challenge when your team cannot be easily monitored. A business should be able to achieve the same or better results when considering the adoption of the digital nomad trend. Not all trends are relevant so adoption should always align to business objectives before pop-culture imperatives. The crux of governing digital nomads of the future is not to try and replicate a conventional business model for remote work, but rather to completely re-evaluate what a successful operational environment should look like. There are many metrics to gauge business success, but operational success - a holistic success factor for employees, their environment and the work that they do - is traditionally measured through a mishmash KPI structure with the occasional employee happiness/satisfaction survey sprinkled in-between. A company can still achieve good results with “sufficiently happy” or even unhappy employees. Effectively measuring and monitoring operations is not always a priority when the business is making money, but employee wellbeing is often the first to suffer when the business is not. Digital nomadism is an opportunity to completely overhaul this model of “average-at-best” operations by empowering employees with the ability to define their own operational environment. Making a success of digital nomadism requires providing employees with the autonomy to determine their working hours - companies must remain cognisant that not all employees perform best from 9am to 5pm, nor do all employees require 8 hours to execute the tasks expected of them. Further to this, productivity is likely to increase when employees are working in environments that make them work most efficiently. Leveraging the right technology for your business and maximising your human capital in the right way can be the difference between success and failure of the digital endeavour. Things to consider:
MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/
0 Comments
 In the run-up to the important national elections in May this year, people were hopeful and desperately anticipating a change in the leadership of the country.
Everybody knew that this election was such an important time for all South Africans, fully aware of the implications for the country and hoping for certain outcomes so that the business landscape would remain secure and bring positive growth, put a stop to the pervasive fraud and corruption and most importantly, create jobs! Several months later things are still unfolding and developing, with uncertainty creating new risks and opportunities. “We need political stability in the country as it is affecting the economy. There are big issues to concern ourselves with such as stopping the mismanagement of public funds, reducing unemployment, and especially youth unemployment,” says Gillian le Cordeur, CEO of the Institute of Risk Management South Africa (IRMSA). The results of Stats SA’s Quarterly Labour Force Survey for the second quarter of 2019 indicate that the official unemployment rate increased to 29%, up from 27.6% in the first quarter. The country now has 6.7 million unemployed people. Stability and confidence “We need confidence in our leaders. Stability is key for us to move forward,” says Le Cordeur. She says the internal political struggles within the country’s local, provincial and national leadership are eroding the stability and confidence needed in South Africa from its citizens and international community alike. Adding to this, is the uncertainty around land reform weighing heavily on business leaders, investors and risk professionals and whether or not it will be dealt with responsibly. “We need to be thinking ahead and to have a strategic purpose for what our country and our organisations need.” It is IRMSA’s conviction that the country needs stronger risk professionals and stronger private and public sector leaders to be able to make the right strategic moves as we head into the future. Risk professionals that are able to reflect on the political and economic factors right now and how they could potentially play out in the next few months and how we need to prepare our organisations. To be on the forefront of informing decision making and enabling transformation - not only within our organisations but in the country as well. Corporate governance and ethics Le Cordeur adds that as much as IRMSA is concerned about the political and economic landscape they are also concerned about corporate governance and ethics. There have been too many corporate failures in recent times. On top of that South Africans are being swamped with reports of corruption and state capture. It is all very well to wait for this landscape to change from a political point of view, but at the same time the foundation of our society remains weak. “As risk professionals and business leaders we must make sure that our house is in order so that there can be no finger-pointing. It will be such a pity that you could not make an impact, because your house was not in order.” Post-election landscape IRMSA will be tackling pressing issues during its post-election event in Johannesburg later this month (August). Christopher Palm, Chief Risk Advisor at IRMSA says that linking risk to strategy, applying a systems-thinking approach to risk management and making sure that risk influences decision making through the development of predictive capabilities are critical success factors to build robust alternative futures over the short, medium and long term landscapes for South Africa and South African business. “Once you know how the landscape will unfold in the next few years, you are able to align your own activities and strategies to be able to deal with those risks,” says Le Cordeur. “We need to pull everything together to act pro-actively on the risks facing us on all fronts.” ENDS MEDIA CONTACT: Rosa-Mari, 060 9956277,rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  Authored by: John Linden, IRMSA Risk Intelligence Committee Member
At any given moment, there are about 1.2 million people on board 9 700 aircrafts travelling to destinations worldwide, for business or leisure. Part of the ‘global economy phenomenon’ is the reality that international business travel is unavoidable, particularly as businesses establish operations in foreign markets. This is however good for us. It means greater opportunities, long-term market growth, access to new talent and diversification. The World Economic Forum refers to this as flexible work and regards it as, “one of the biggest drivers of transformation.” To maintain a competitive advantage and to foster foreign investment opportunities, we need to compete at this level. The life of the business jetsetter is interesting and rewarding, but it is also physically and psychologically demanding. The landscape has changed over the last decade and the modern traveler faces unique challenges as acknowledged in the opening remark of the executive summary for the Global Risk Report 2019 (14th Edition): “Is the world sleepwalking into a crisis? Risks are intensifying but the collective will to tackle them is lacking.” What are travel risks? To be frank, no matter where our business Travelers direct their gaze, they will face risk. The global economy, unpredictable schedule changes, exposure to infectious diseases, adverse weather patterns, new technologies, country-specific compliance regulations, the global crack-down on tax evasion, the ever-changing security landscape, political unrest and communication across different language barriers. These trials test them emotionally, psychologically and behaviorally. Business Travelers become targets by the very nature of their being in a foreign land in possession of valuables, and often with little experience of the customs and security landscape of their temporary host country. We need to protect against our business Travelers being injured, or even becoming the victim of a kidnapping for ransom or worse. What causes these risks? Corporate ethos tends to focus more on business and less on the human aspect. As a result, unintentionally, companies sometimes neglect their Duty of Care by not embracing an organised programme to brief and train employees prior to international travel. Furthermore, formal policies and guidelines, particularly as relates to restricted travel during security alerts, may not be in place to regulate trips. If we are honest, business Travelers rarely take the initiative to familiarise themselves with prospective travel destinations, the security situation, customs and cultures. This leads to unnecessary stress and even to avoidable incidents. Business Travelers who frequently travel to particular destinations, also tend to become complacent and resist security updates believing that they are familiar with any potential threat. Another issue is lack of reporting of incidents. Travelers involved in incidents may experience embarrassment or may fear disciplinary action due to negligence. How to respond to travel risks? Businesses with global operations should invest in a travel management programme administered by a travel security specialist. This portfolio would be responsible to implement policies and practices governing travel security and ensure that the business takes accountability and acknowledges its Duty of Care. The onus is however not exclusively on the business. Travelers should also empower themselves through knowledge and awareness as, ultimately, being responsible for your personal and professional safety can only count in your favor. Things to consider:
MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  Provided by Wilna Meiring, IRMSA Risk Intelligence Committee Member
From online transactions and banking to shopping and gaming, cyber attackers are methodically finding new ways of using your devices against you, making each one of us increasingly vulnerable. In order to have a positive and safe experience in the digital world, we need to understand the ever-increasing diversity of digital threats and equip ourselves with the necessary knowledge and skills. Unfortunately, too many users/consumers are oblivious to the threats and how quickly cybercrime is evolving. Hackers are no longer as interested in breaking through firewalls or systems just to show they can. Their focus has shifted to theft of personal information and identity theft for financial gain with phishing being the most common method used to trick/deceive you into disclosing your data. According to the 2018 Norton Cyber Safety Insights Report, 37% of consumers globally experienced cybercrime with malicious software being the most common cyber related crime experienced.The report further highlights that less than half of consumers globally have taken any measure(s) to protect their personal information and online activities. The information below will assist to stay abreast of the risks and to anticipate and safeguard us against some of these threats. Protecting information online Companies learn a lot about consumers/users through the data they collect from online activities which assists them in understanding consumer behaviour and developing personalised offerings for targeted advertising. This includes data on preferences when shopping online, social pages that are liked or followed, media channels that are used and the personal information included on social profiles. Another dimension to the digital world and online activities is sharing - users share news, information, events, pictures, experiences and a lot more to build and maintain relationships as well as create new ones. Staying safe and secure in a digital world can be difficult. Not all hope is lost though, and there are some simple measures you can take to protect yourself and your information online:
We have all seen the message “This website stores cookies on your computer” while browsing the internet. So what are cookies? These are essentially a mechanism to how the internet (web) works. An HTTP cookie is a small piece of data sent from a website and stored on the user's computer by the web browser while the user is browsing. Cookies were designed to be a reliable mechanism for websites to remember a record of interaction information or to record the user's browsing activity. While cookies cannot infect computers with viruses or other malware, the danger with cookies are that cyber attackers can hijack cookies and, therefore, browsing sessions and track individuals' browsing histories. Take care to ensure that if you are using a public computer/device, you should delete cookies when you have finished browsing so that subsequent users will not have access to your data (sent to websites) when they use the browser. Business Email Compromise (BEC) BEC is a type of attack where a cybercriminal compromises or spoofs a corporate email account of an executive/senior member of staff to defraud the company, its employees, customers or business partners. In recent years the amount of BEC attacks have significantly increased with the FBI’s Internet Crime Complaint Centre putting global BEC losses in excess of $12 billion (USD) over the last 5 years (2013 – 2018).BEC attackers rely heavily on social engineering tactics and trick unsuspecting employees with well-worded, very specific email requests that appears completely legitimate. While there are many variations, the attack basically entails targeting employees with access to company funds/finances and tricking them into making transfers or payments to the bank accounts of the cybercriminal/fraudster. Requests typically impersonate senior employees and include an element of urgency and a request for confidentiality. The same modus operandi is also used to target customers or business partners. BEC prevention measures that can reduce this risk includes monitoring networks for suspicious emails, encrypting emails, diligently checking the sender details, independently confirming requests with the sender and most importantly employee training given BEC attacks rely primarily on employees’ vulnerability. Email and connected devices In some cases, risk-avoidance behaviour by users do not seem to extend to how email and connected home devices are used.Case in point, approximately half of all users cannot distinguish between a real or scam/fake email or are operating their home devices with limited or no protective measures in place. Frank Abagnale, the subject of the book and film, Catch Me If You Can, states that, “stealing your identity is like counting to three.” The reality is that we are all at times careless with our information or likely to accept certain risks online. Taking a few basic steps will however go a long way to protect yourself and your privacy:
MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  Authored by: MS. Mpho Modisane, IRMSA Risk Intelligence Committee
In recent years, many more organizations have established Business Continuity Management Programmes (BCP’s) which define the different processes (suggestion to utilise the wording of ‘process’ rather than ‘system’ due to general, but not always, confusion around BCP and DRP) of avoiding and recovering from potential disasters to their business. With the number one goal of a Business Continuity Plan (BCP) serving to allow for continuation of operations while recovering from a disaster, the key component of the success of BCP’s relies on the organization’s resilience programme. Resilience Defined: The Business Continuity Institute defines Resilience as the adaptive capacity of an organization in a complex changing environment. Resilience is the more mature aspect of recovering from disaster which is the ability of an organization to uphold its functions regardless of drastic changes in the internal and external environment. Therefore, in their quest to achieve greater maturity in response to and recovering from disasters, an organization must consider a tailor-made resilience program to enable continuation of business under adverse circumstances. Resilience Statistics: In their annual Africa Resilience survey, Ernst and Young (EY) discovered that although majority of African Organizations have good BCPs; they in addition require a matured resilience programme to reduce the likelihood of exposure and recover from disruptive events when they happen. The conclusions from the survey indicate that approximately 72% [Level 2 – Level 5] of the respondents reported that their resilience programme can assist in recovering business operations after a disaster. Of that number, 5% is certifiable and 28% can recover all critical functions within approved Recovery Time Objectives. Only 28% either cannot recover operations or the respondents do not know the maturity level of the programme. Over 64% of the aggregated participants have indicated an alignment of their companies BCM resilience solutions, to international best practices, i.e. ISO 22301, ISO 22316, BS 65000, ISO 27031, the Business Continuity Institute Good Practice Guidelines 2013 and/or COBIT. Of the 64% approximately 10% have specified that their companies are aligned to BS 65000 i.e. a Guidance document on organisational resilience. The EY survey further rated the resilience maturity of the sampled organizations in line with international standards on a five-point scale, with five being the most mature level: Level 5 Certifiable Programme Level 4 Can recover all critical functions with approved recovery time objective Level 3 Can recover some critical functions with approved recovery time objective Level 2 Can recover limited business processes via information and undocumented processes Level 1 Cannot recover from or survive a disruption (programme does not exist) With the survey having revealed that 5% of the sampled organizations have reached level 5, 28% level 4, 24% level 3, 15% level 2 and 10% level 1 maturity of business resilience. The remaining 18% of the respondents indicated level of resilience unknown. What this indicates is that although 72% of the respondents reported that their resilience programme can assist in recovering business after a disaster, only 5% have their risk management sources spread beyond the scope of traditional risk methods. The need to be multinationally resilient: The complication with any organization operating multinationally is that the nature of disasters become foreign, away from the home country. The best assurance any organization can get against unknown material disruptive events is to align with international standards both at policy level and implementation. A multinationally resilient organisation can reduce their vulnerability through adopting a resilience programme which gives them the opportunity to recover all critical functions within the approved Recovery Time Objectives. As a risk professional have you considered that:
ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  The latest listed entity to meet the wrath of investors is Tongaat Hulett, who indicated earlier that it may have to restate its 2018 financial statements following a comprehensive review of “certain past practices”.
The share price has been bludgeoned and billions of rands have been wiped off its market value. Other big players such as Steinhoff, KPMG, Enterprise and Volkswagen have also felt the pain when they misled customers and investors. South African companies have no shortage of guidance on best practices in risk management and auditing with a myriad of ethics and good corporate governance codes. It is then no surprise that the market punishes those who do not live up to their “commitment” to integrity, competence, responsibility, accountability, fairness and transparency. The ripples of brand and reputation damage go beyond the firm and its auditors. Investors and their investment decisions are based on, amongst other things, audited financial statements that are supposed to give assurance of the integrity and credibility of companies’ financial performance. What happened at Steinhoff, Enterprise and Tongaat Hulett, significantly impacts investment choices and returns where hard earned income of people saving for their pensions are now lost or at least significantly reduced, says Christopher Palm, Chief Risk Advisor of the Institute of Risk Management South Africa (IRMSA). Pointing fingers – in the wrong direction Ironically enough the 2019 IRMSA risk report shows that companies consider governance failure in the public sector – not amongst themselves – to be one of their biggest risk. The loss of reputation and severe brand damage is number 17 out of the top 20 South African Industry risks highlighted in the 2019 IRMSA Risk Report. However, Palm says recent corporate failures place the effectiveness of risk management once again under the spotlight. “I think there is a lot to be said for organisation’s risk profiles not receiving enough thought in the organisation.” This goes for the board, the audit and risk committees and management. Effective defences Effective governance has three lines of defence; strong leadership, effective safeguarding functions like risk management, governance and compliance combined with assurance from a strong internal and strong independent external audit functions. When a company has all of these defences in place, but does not consider its effectiveness and the way it is integrated into better decision-making it is purely for compl,iance purposes, he says. Risk management is all about highlighting risks and opportunities to allow boards and the leadership of an organisation to make the best possible decisions, says Palm. A company must consider the following when the board and the executive leadership debate the organisation’s risk profile:
If you measure only financial performance, this is what drives the behaviour in the company. “Companies are not forward-looking enough. The changing environment Palm warns that consumers and investors, especially younger generations, are already considering companies differently. The Youth is not only looking at profits and returns on shareholder money but increasingly demanding leadership with integrity, good corporate citizenship, necessary social investments and a responsible return on investment – all of this, made possible in a way that respects the environment. They consider at which cost it was achieved, and who is really benefiting from their actions, says Palm. ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  In celebrating Youth Day, we are reminded that the uprising that began in Soweto more than 40 years ago was all about education, and how it profoundly changed the socio-political landscape of the country.
Today structurally high unemployment, growing income disparity and inequality as well as inadequate or substandard education and skills development count under the top five risks facing our country, says Christopher Palm, Chief Risk Advisor of the Institute for Risk Management South Africa (IRMSA). According to the 2019 IRMSA Risk Report industry sees inadequate and substandard education and skills as the second biggest risk for companies. The latest statistics on unemployment shows that the biggest burden of unemployment falls on people aged between 15 and 34 years. According to Stats SA they accounted for 63,4% of the total number of unemployed persons during the first quarter of this year. The youth aged 15–24 years are the most vulnerable in the South African labour market as the unemployment rate among this age group was 55,2% in the reported period. The danger of a disillusioned youth How we respond to these risks are critical, says Palm. In the IRMSA report the growing disillusionment among the youth of South Africa is highlighted. The report warns that it could lead to a youth-driven protest movement, on a much larger scale than the student protest movement. “Such a movement, if led and supported by other population groups in the country, would hold a particular challenge for the general political and social stability of the country...” Palm says this is a real consequence if we do not get unemployment and our education system in order. Palm also suggests that identifying the most effective risk treatment options require both the public and private sectors as well as our career advisors and learning institutions to better understand the future skills requirements; this is best achieved by engaging the risks and opportunities presented to us by trends like the Fourth Industrial Revolution and future thought leadership insights provided by the Institute for Futures Research at Stellenbosch. To identify and understand what future skills are needed and to align country and industry skills planning with the ability of the educational system to deliver is a critical success factor in addressing the risks highlighted above. “The youth must know what the skills of tomorrow are going to be; it is said that the skills that will be needed 10 years from now haven’t even been given names yet. We need to respond and get this right NOW; if we don’t, the system will not allow us to align quick enough to enable our labour market to produce these skills when it is needed. We will end up with skills that are redundant by the time students start their careers and South Africa will not be able to exploit the global opportunities presented by the fourth industrial revolution.” The folly of quick fixes The report quotes American economist Joseph Stiglitz who wrote in his book Price of Inequality: “If a country doesn’t give a large proportion of the population the education that they need to earn a decent living, if employers don’t pay a decent wage, if society provides so little opportunity that many people become alienated and demotivated then that society and its economy won’t work well”. It also does not help to “give” people an education for the sake of the numbers; they must be able to do the work and to realise the values of significance and self-reliance. The folly and ineffectiveness of “quick fixes” has to be emphasised. For IRMSA it is a year of risk activism and the Institute wants to make a difference in not just highlighting country and industry risks but also capacitating leadership and the risk profession to make a difference. The IRMSA report reiterates the importance of a “social pact” and the need to align socio-economic programs towards youth investment. At IRMSA’s conference in October and their Awards Gala Dinner in November, they will focus on the youth and recognise and honour public and private companies that are addressing the risks relevant to the youth with innovative and supportive initiatives. Several professional associations (such as the Actuarial Society of South Africa, Project Management SA and the Association of Chartered, Certified Accountants), represented by the South African Graduate Employers Association (Sagea) are already involved at school and university level to promote careers where there are skill shortages, or where there is insufficient information about career opportunities in specific professions. In around 28% of the cases associations are involved in career promotion activities because they need to improve the “attractiveness” of their profession. At school level the associations are involved in presentations to learners (17%), they are present at career expo’s (17%) or they are sponsoring related events (14%). Around 7% of the associations who participated in a recent survey by Sagea provide bursaries and 3% offer job-shadowing opportunities. At university level most offer presentations to students (21%) or they offer guest lectures (15%). Around 12% make use of university career fairs to promote their professions and 7% offer bursaries. “We will honour those who, amongst many other innovative ways to treat the risks spoken about earlier, make schools safer, assist with skills development for educators, and who provides learnerships, apprenticeships and the like,” says Palm. ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  Authored by: Christelle Marais, Executive Director - Lucidum Consulting. The Institute of Risk Management South Africa member.
It was with a confusing combination of anger, sadness, guilt and frustration that I completed my reading of Pieter-Louis Myburgh’s ‘Gangster State’ recently: Anger – about the disrespectful arrogance with which the dreams of millions were stolen, while they trustingly looked on. Sadness – over the blood, sweat and tears that made this country, the blood, sweat and tears that built a new society after 1994 and the blood, sweat and tears that will rebuild it again, after the capture. Guilt – like many of my risk management colleagues, wondering if we could have done more to prevent the rot (causes) or to uncover what was going on (consequences) as part of our risk management effort in public and private organisations (because as ‘Gangster State’ suggests: it takes two to tango!). And then – frustration… Ah, maybe my frustration weighs heaviest on my heart… But frustration of the kind that would do it all over again, if someone would just listen, if someone would just take me seriously. While reading ‘Gangster State’ I was reminded of whistle-blower Harry Markopolos’ book ‘No One Would Listen’ about his investigation into the Madoff investment scandal and how the US Securities and Exchange Commission failed to heed his warnings. I was struck deeply by many who warned about what was happening in the Free State, such as Patrick Lekota, who’s highlighting of concerns went ignored (at best) and purposely thwarted (at worst); the Goldhawk report, with scathing findings on irregular loans; the Auditor-General, with many reports on the lack of financial controls and disregard for legislative compliance; Beatrice Marshoff, trying to appoint MECs that could do the job, but instructed to appoint Ace Magashule; and Noby Ngombane, whose efforts to implement oversight of Free State municipalities’ spending may have cost him his life. While I found the disregard for these warnings alarming, they awoke in me more familiar feelings: feelings that most risk managers would know all too well… Irritation when risk management is treated as ‘compliance’ only. Disappointment at not being taken seriously when including real risks in my reports, when pointing out real causes of those risks and when showing real consequences if those risks were to materialise. Disempowerment when the accountabilities that my risk management framework seeks to ensure, are negated and not keeping organisational role players to account, are rationalised. Despair when my risk reports are changed, redacted, reduced (or worse, just not submitted) because they include things that would make my leadership uncomfortable. Marginalisation when I realise that I am purposely excluded from key discussions, because my reason for existence in my organisation may expose things that would rather be kept hidden. Dismay if there is no effort by my leadership to understand what ‘risk appetite’ is and how the continued disregard of the impact of wrong decisions can destroy us. But most of all, exasperation when my reports are ‘NOTED’ by my governing body only to be regarded as having failed to convey the message, when things go wrong. As I read, I wondered what Madiba and Thabo Mbeki would say about the fact that they wished away the warnings, tip-toed around the issues and bowed to public and party pressures (diplomatically trying to keep a fragile governing system stable, but creating huge future problems for many people, not least of which is the legitimacy of government). I reflected back on minister Pravin Gordhan’s question at IRMSA’s 2018 Conference to risk managers: ‘How did you miss state capture?’ And I felt like asking: ‘How did you not hear us when we spoke out?’ Perhaps my message today is not so much to risk managers, as it is to leaders in all spheres of our economy (public, private, non-profit organisations, and civil society); to these executives, directors, society leaders, political heads and parliament, please
ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  Now that the elections are over, it’s time for government - every South African, in fact - to consider how to help the nation recover from its past woes and once again pursue progress and development.
The answer, says Christopher Palm, Chief Risk Advisor at the Institute of Risk Management South Africa, is right in front of us. Every system must maintain an upward trend in development to survive. This is true whether discussing a business, national government, the electrical infrastructure, the national economy, or the global environment. If it doesn’t, the inevitable shocks and stresses it faces in its operating environment can lead to a long-term downturn in development, ultimately resulting in the demise of the system itself. “To protect its progress and therefore its existence, each system must acquire the resilience to repel or recover from external threats,” says Palm. What is resilience? Technically, resilience is the rapidity with which a system can bounce back from sudden shock or sustained stresses to resume progressing its development at its normal pace. Practically, it means striving to create sustainable development in modern macroeconomic and microeconomic environments marked by change, risk and uncertainty. However, research indicates that any system that effectively manages risk is likely to become more resilient. “In fact, risk management can be considered successful only to the degree it results in resilience,” says Palm. Building resilience According to Palm, resilience starts with a mindset that is organised around risk management. That mindset, he asserts, is based on the realisation that, as maintainers of a system, we can either react to each crisis individually without actually preventing it from progressively eroding development. Or we can anticipate probable threats and implement countermeasures to minimize their impact ahead of time, and so conserve developmental gains. “Unfortunately, sustained exposure to system shocks and stresses can cause us to accept its degraded performance as the new normal,” warns Palm. “So we first need to foster an uncompromising mental resilience that drives us to return the system rapidly to its former best standard.” When all system maintainers are of the same mind, adhering to accepted behaviours and values, a culture of resilience is created that ensures a high level of development progress is achieved. But how does one nurture a resilient mindset? The resilient risk manager Both systemic and mental resilience are achieved by training members of the system in risk management to a professional level. Organisations who maintain the development of a system need highly qualified people who will implement the right policies and processes. Such qualifications will help it bolster resilience by building a robust risk management function, establishing comprehensive business continuity plans and disaster management plans, gaining the ability to correctly test the effectiveness of those plans, expanding its situational awareness through scenario planning and strategic reviews, and, finally, aligning its business processes to its risk management strategy. In essence, qualified risk practitioners are credible advisors who have the capabilities to protect system development and influence other members to strive for that purpose. “Once that self-organising culture is established,” says Palm, “we can not only preserve the progress of the system’s development, but also capitalize on future opportunities that would otherwise have been missed to make even faster gains.” Palm encourages all organisations to ensure they have a well-trained risk management team who are accredited members of a professional risk management body. ENDS MEDIA CONTACT: Rosa-Mari, 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/  Authored by: Solethu Maku, committee member on the IRMSA Risk Intelligence Committee
In the wake of the global economic crisis there has been a significant change in banking economics; preceded by an avalanche of regulation. Although these prudential reforms have resulted in well capitalized financial institutions; this has certainly come at a cost to the shareholder. The regulatory storm seems to have abated, slightly, and the question remains: will shareholders see an upside on their investment? One of the ways banks seek to harness shareholder value is undertaking a rapid digital transformation journey, which is becoming critical considering the inroads by Fintechs, characteristic of the advances we are seeing in open baking. “To safeguard their organization through the digital transformation journey, financial firms need to close the gap between their digital aspirations and the reality of the legacy IT estates,” Matthew Hayday at Parker Fitzgerald concluded in the report, Digital banking transformation creating new systemic risks. As commercial banking divisions embrace the use of Artificial Intelligence (AI), Machine Learning (ML) and predictive analytics; so should Risk Management rapidly position itself as an enabler for conscious risk taking through the exploitation of technology. The adoption of technology to a large extent been particularly slow, largely because the cost of errors in the risk environment can be unacceptably high. If Risk Management practitioners are to optimally partner with business, a shift in how Risk Management tools are deployed needs serious consideration towards providing intuitive, real-time risk management. Techniques such as AI, ML and analytics are best positioned at modernizing how Risk is managed. As we employ these techniques towards the implementation of a robust and proactive RCSA process, precise capital modelling and efficient risk alert systems we need to consider:
“It was eight years ago that those robots began showing guests around Santander City, but there is still not a single robot to be found in any of Santander’s 13, 697 bank branches,” the Financial Times concluded in, AI in banking: the reality behind the hype. ENDS MEDIA CONTACT: Rosa-Mari Le Roux , 060 995 6277, rosa-mari@thatpoint.co.za, www.atthatpoint.co.za For more information on IRMSA please visit: Website: https://www.irmsa.org.za/ Twitter: https://twitter.com/IRMSAInsight Facebook: https://www.facebook.com/IRMSAInsight/?ref=hl LinkedIn: https://www.linkedin.com/company/irmsa-institute-of-risk-management-sa/ |
Welcome to the IRMSA Newsroom
Archives
August 2019
Categories |
RSS Feed