prioritization - Blog - Global Risk Community2024-03-29T08:23:02Zhttps://globalriskcommunity.com/profiles/blogs/feed/tag/prioritizationDomestic Political Risk: Operating in the Uncertainty of a New Era (Part 1)https://globalriskcommunity.com/profiles/blogs/domestic-political-risk-operating-in-the-uncertainty-of-a-new-era2017-03-21T20:54:54.000Z2017-03-21T20:54:54.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><p><strong><span class="font-size-3">What is Domestic Political Risk?</span></strong></p><p></p><p><a href="{{#staticFileLink}}8028245660,original{{/staticFileLink}}"><img width="250" src="{{#staticFileLink}}8028245660,original{{/staticFileLink}}" class="align-right" alt="8028245660?profile=original" /></a>Political risk refers to conditions and events that affect organizations and result from governmental decisions. It can have major effects on the profitability/expected value of economic action. Political risks impact individual investors, public and private companies of all sizes, and governments.</p><p>Starting in 2016, political risk seemed closer to home after the United Kingdom (UK) voted to leave the European Union (EU), often referred to as Brexit, causing instant turbulence across the globe. Now in the United States, under a new administration with an ambiguous agenda, political risk no longer seems like a distant phenomenon to American businesses.</p><p>Most businesses are now forced to operate in a constant state of uncertainty and turbulence. Although every new administration brings a change in priorities, President Trump’s change to major regulations, trade relations, tariffs, healthcare, work visas, and taxes has sparked unprecedented confusion in the business world. The same change and uncertainty impacts different businesses in different ways: office locations, supply chain decisions, business partner strategies, data center locations, factory construction, and so on.</p><p>Consider regulatory changes that tighten anti-money-laundering efforts to fight global terrorism. Money launderers tend to seek out sectors in which there is a lower risk of detection due to weak or ineffective AML programs. Penalties, although increasingly severe, can be dwarfed by the financial costs associated with damage to an organization’s reputation.</p><p>These changes don’t just affect banks and credit unions with Automated Clearing House (ACH) payments, wire transfers, and credit cards. They affect many non-bank activities, including exports, travel tickets, restaurant transactions, and FinTech solutions like Bitcoin. There are now 645 crypto-currencies in the world with a combined market cap of $12.5 billion (USD).</p><p>This presents AML professionals with new challenges that require a risk-based approach to handle. Adjustments need to be made to existing transaction monitoring, risk rating, and Know Your Customer (KYC) documentation methodologies.</p><p>The myriad manifestations of domestic political risk mean every organization must take unique action to change and adapt. Regardless of your political leanings, everything from your job to your mortgage to your company’s operations depends on your ability to manage risks stemming from new and frequently changing policies.</p><p></p><p><strong><span class="font-size-3">Three Considerations Regarding Domestic Political Risk and the New Administration</span></strong></p><p></p><p><u>Step One: Separate Political Opinion from Impacts on Your Company</u></p><p>The new administration is pursuing a momentous agenda. When it comes to managing political risk, filter personal feelings from the sustainability of company operations. Managing the fallout of political risk in your work life should be unrelated to your personal life.</p><p><u>Step Two: Recognize Uncertainty is Here to Stay</u></p><p>Uncertainty is and always has been present in the business world; the changes (regulatory and otherwise) brought about by the current administration are just new instances of an age-old problem. It’s simply not possible to assume our environment will become more predictable under any administrative change.</p><p><u>Step Three: Make Your Business More Agile</u></p><p>Managing risk effectively means being able to assess vulnerability and react quickly. Businesses that can’t pivot in the face of an unpredictable, rapidly changing environment will not be able to sustain operations. Compliance should not be your goal; compliance should be a mere byproduct of the achievement of your goals.</p><p>The bottom line is that your organization needs to sustain/improve performance, no matter the state of the exterior environment. This means pursuing innovation, not compliance. It means identifying and prioritizing the most important processes – and what might interfere – within the business. Once you have this transparency, you have the tools you need to <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/mitigate/">mitigate</a></span> and <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/monitor/">monitor</a></span> those risks.</p><p></p><p><strong><em>Learn more about </em></strong><span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2016/03/15/risk-prioritization-is-key-to-risk-mitigation/"><strong><em>risk prioritization</em></strong></a></span><strong><em>, which is key to dealing with uncertainty related to business operations. Then, read our post about </em></strong><span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2015/07/09/unknown-risks-part-1/"><strong><em>managing that uncertainty</em></strong></a></span><strong><em> by uncovering links and interdependencies within your business.</em></strong></p><p></p></div>Effective Risk Prioritization is Key to Effective Risk Mitigationhttps://globalriskcommunity.com/profiles/blogs/effective-risk-prioritization-is-key-to-effective-risk-mitigation2016-03-17T15:56:56.000Z2016-03-17T15:56:56.000ZSteven Minskyhttps://globalriskcommunity.com/members/StevenMinsky<div><p><span>A big mistake in risk management, especially when it comes to companies with newer programs, is underestimating the importance of standardized risk prioritization. Diving into identification and assessments without a sufficient framework inhibits prioritization. This can result in ineffective </span><span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/product/mitigate/">risk mitigation activities</a></span><span> and duplicate work across departments, or even serious risks flying under the radar. The possibility of “missing” a serious risk is a disturbing one, but it’s impossible to be completely certain about </span><em>everything </em><span>that touches your business.</span></p><p></p><p><span class="font-size-3"><strong>Understanding Risk vs. Uncertainty</strong></span></p><p></p><p><span class="font-size-2"><strong><a href="{{#staticFileLink}}8028244865,original{{/staticFileLink}}"><img src="{{#staticFileLink}}8028244865,original{{/staticFileLink}}" width="275" class="align-left" alt="8028244865?profile=original" /></a></strong></span>This is why thinking about <em>risk </em>versus <em>uncertainty </em>is important. They are closely related, but are not one and the same; “uncertainty” has a broader scope. It is the lack of knowledge about a particular event’s outcome, and exists for every individual and every organization. Part of a risk manager’s job is to evaluate those uncertainties and determine which ones are likely enough and could have a serious enough impact to warrant mitigation. When an uncertainty reaches a particular threshold of likelihood and impact, the company recognizes it as a risk that needs to be mitigated.</p><p>Enterprise risk management is the best way of quantifying and preparing for an uncertain future, or in other words, <em>Managing Tomorrow’s Surprises Today<sup>®</sup></em>. Rather than being too conservative with risk identification and assessments (a dangerous practice) to avoid wasting resources, it is best to instead improve the processes’ efficiency and effectiveness.</p><p>A taxonomy framework, which you can read more about in <span style="text-decoration:underline;"><a href="http://www.logicmanager.com/erm-software/2015/10/16/4-ways-to-prevent-business-surprises-with-risk-identification/">another blog post</a></span>, will standardize each department’s approach to risk prioritization. Using the same criteria and scale enables information to be collected, aggregated and compared enterprise-wide in a manner that is accessible and understandable to previously uninvolved personnel. A standard scale and common root-cause library will also reveal high-level risks that <em>do </em>affect multiple business areas, making prioritization systematic.</p><p></p><p><span class="font-size-3"><strong>How Standardized Assessments Support Risk Prioritization</strong></span></p><p></p><p><span>When assessing identified risks, we recommend a scale that provides as much detail as possible. Consider the following risk matrix (adapted from a </span><span style="text-decoration:underline;"><a href="https://en.wikipedia.org/wiki/Risk_Matrix">Wikipedia page</a></span><span>):</span></p><p></p><p><span class="font-size-2"><a href="{{#staticFileLink}}8028245258,original{{/staticFileLink}}"><img width="500" src="{{#staticFileLink}}8028245258,original{{/staticFileLink}}" class="align-center" alt="8028245258?profile=original" /></a></span></p><p></p><p></p><p>Even with criteria assigned to each “tier,” some ambiguity remains. A risk with a score of “Likely x Minor,” for example, may warrant less mitigation effort than a risk with a score of “Unlikely x Serious.” The reverse might also be true, but neither reality is reflected by the matrix.</p><p>For greater insight into your risk register, consider the next matrix, which is the most frequent scale used by LogicManager customers:</p><p></p><p><a href="{{#staticFileLink}}8028244683,original{{/staticFileLink}}"><img width="700" src="{{#staticFileLink}}8028244683,original{{/staticFileLink}}" class="align-center" alt="8028244683?profile=original" /></a></p><p></p><p>Breaking each impact and likelihood “bucket” into two options makes it possible to think about risk in a more dynamic manner, and enables users to select the high or the low of each category. This makes risk prioritization easier and more specific, which in turn allows for more targeted resource allocation.</p><p>The key is implementing a level of granularity that makes sense for your business and that assists with prioritization.</p><p></p><p><strong><em>For a more detailed look at how to improve your organization’s risk prioritization strategy, download our</em></strong> <span style="text-decoration:underline;"><strong><em><a href="http://www.logicmanager.com/ebook-5-steps-for-better-risk-assessments/">free eBook: </a></em><a href="http://www.logicmanager.com/ebook-5-steps-for-better-risk-assessments/">5 Steps for Better Risk Assessments</a></strong></span>.</p><p></p><p></p></div>