Risk Management Survey identifies top risk pressure points
Almost 40 per cent of businesses are not regularly testing their risk and crisis plans, a nationwide survey of almost 400 governance and risk professionals and senior executives has found — a major risk that has been further exposed with the onset of COVID-19.
Just 11 per cent are regularly running scenarios around risk events to test how the organisation and employees will respond, Governance Institute of Australia’s second annual Risk Management Survey, sponsored by PKF, shows.
Governance Institute CEO Megan Motto said in light of the global pandemic, plus an extreme summer bushfire season, being actively prepared for risk is a major priority.
“COVID-19 has exposed some significant gaps in many organisations crisis management and business plans,” Ms Motto said.
The Risk Management Survey, shows that 60 per cent of respondents consider damage to brand or reputation to be among the top five risks over the next three years, with 59 per cent concerned by the impact of policy change and regulatory intervention.
Cyber-crime also featured strongly in the top 10 risks (with 50 per cent nominating this as among the top five risks over the next three years), as did talent attraction and retention (48%), disruption and failure to innovate (44%), economic shock (40%), employee conduct (39%) and risk from increased competition (37%).
Ms Motto said the survey offers the latest insights into the risk landscape for Australian organisations. “Risk management issues have been pushed high up the agenda for so many organisations. It has been an extraordinarily difficult year with new risk challenges being thrown in the mix almost constantly.”
The Risk Management Survey was the topic of a panel session at the recent Virtual Governance and Risk Management Forum.
More key findings:
Trends in human capital and people risks
The survey found that staff conduct (including corruption and bribery, and harassment/ discrimination issues), legislative change and regulatory change (and intervention) are the risk issues that are currently being best managed with more than 50 per cent rating their management of these issues as ‘excellent’ or ‘very good’.
However, the risk associated with talent attraction and retention (including risks around visa rule changes for foreign workers), the threat of disruption (including technological disruption) and failure to innovate, the risk around environment and economic shock (including climate change risk) were the issues with the highest number of fair or poor ratings (more than 35 per cent).
Fifty-one per cent of respondents said their risk management framework incorporates whistleblower protection and a further 26 per cent include it elsewhere. Only 15 per cent do not include whistleblower protection. This shows that organisations are committed to facilitating whistleblowing, which has been found to be an effective way to mitigate the risk of staff misconduct. As the report states, this may relate to recent legislative change — from 1 July 2019 the whistleblower protections contained in the Corporations Act 2001 were expanded.
High exposure to modern slavery risk
The survey found that only 22 per cent of respondents incorporate modern slavery obligations in their risk management framework, and 19 per cent said that it is included elsewhere. 37 per cent of respondents said that it is not part of their framework.
Under the new reporting obligations, a modern slavery statement must be submitted within nine months after the end of the entity’s first full financial year that commences after 1 January 2019 (this was increased from six months due to COVID-19).
The six-month deadline for reporting periods ending after 30 June 2020 remains unchanged. As the report states: “These requirements are mandatory, meaning that it is very important for organisations to have a thorough understanding of their exposure to modern slavery risk… Australian companies need to address modern slavery risk as a matter of urgency to ensure compliance with these new obligations.”
About the Risk Management Survey 2020:
- The survey was distributed to the Governance Institute’s database of members and non-members.
- The survey was conducted online during March 2020.
- There were 393 responses.
- Just under half of respondents’ (47 per cent) primary role is both governance and risk related. A further 24 per cent’s role focuses on governance and 14 per cent’s focuses on risk management.
- The profile of respondents is largely senior: 39 per cent are senior governance or risk management professionals and 17 per cent are chief executive officers (CEOs) or C-suite executives.
- 44 per cent of respondents are Governance Institute of Australia members and 40 per cent have a formal risk management accreditation.
Thank you to PKF, our sponsor for the Risk Management Survey.
To read more, click here.