Creating a self-sustaining delivery of value to management

Creating a self-sustaining delivery of value to management

Tarlok TejiTarlok Teji is a Partner with Deloitte & Touche Enterprise Risk Services, London.

Listed companies are facing an enormous challenge to align risk management with traditional tools of measuring business success, to control shareholder expectations, and to engage and enable line management with enterprise-wide risk management processes. Line management faces high performance targets and demands for cost-cutting while being expected to achieve zero defect targets for risk and control. Shareholders' demand for high performance levels and high returns is coupled with increasingly fierce intolerance for unexpected losses, errors and risk events.

"A 'sanity not vanity' approach"

Boards need to re-evaluate the emphasis they place on sales targets, business growth targets, and earnings before interest, tax, (depreciation, and amortisation) (EBITDA). While these measurements are paramount to financial assessment of an organisation, they do not provide an all-encompassing view of a company's risk profile – nor can they reveal hidden sources of untapped value or new business opportunities. Equally, the implications of the network economy bring to the fore previously unrecognised, intangible assets and risks implicit in today's deals: particularly in formal and informal alliances companies build with one another above and below the boardroom table. A focus on financial ratios and measurement, if amplified above risk processes, can obfuscate the company's true risk profile. A risk management infrastructure must permeate all levels of management, forming the basis of a "sanity, not vanity" approach to sound business management.

Accentuate the positive side of risk management

Mismatched expectations and miscommunication are the enemies of an effective risk and control system. But risk management should also be treated as a tool for creating and maintaining sound business strategy, rather than simply as a means to ensure compliance with national governance regulations. It should be designed to deter negative outcomes as much as identify and foster new business opportunities. When executed correctly, risk management processes can satisfy regulatory compliance as well as a need for greater public accountability, provide accurate valuation during an economic downturn, and support strategic decision making and implement change initiatives.

Fortunately, enterprise-wide adoption and commitment to risk management and assurance control among listed companies is increasing. In a survey of FTSE 350 financial controllers conducted by Deloitte & Touche last year, 70 percent of respondents perceived risk management as beneficial to their organisations, compared with 42 percent in 1999. Almost 50 percent of those companies consider themselves to be risk averse. Many companies that were risk neutral are now adopting a more risk-taking stance. Chief executive and managing directors increasingly own the risk management process – implying risk management has escalated to the boardroom.

Where the challenges lie

The main challenges to effectively embedding a risk management process throughout an organisation are obtaining commitment and the availability of resources. The most successful risk management strategies contain the following attributes:

• •

  They are sponsored by the chief executive.

• •

  They are defined in the context of business objectives. and clearly communicated to everyone in the organisation.

• •

  They are owned by relevant line management who focus on creating value for investors and stakeholders as an important objective.

• •

  They are supported by a proactive internal audit function.

• •

  They are recognised as part of daily activity.

• •

  They are audited as part of the overall internal risk management plan.

Risk management strategies are not difficult to implement, as long as clarity and simplicity of approach are followed and the equation remains consistent: managing risk creates a self-sustaining delivery of value to management.

The asset model

In order to situate a company's current risk and asset position, a review of its key business drivers, their associated revenues and costs, and relevant KPIs allows better management of associated value drivers and their impacts. The endgame of companies should be to create value from their varying types of assets: tangible and intangible, owned and not owned, measured and unmeasured. A new, holistic approach to asset management breaks the mould of traditional balance sheets and income statements that need to encompass more than just assets, liabilities, cash flow, revenues and expenses.

"Create and adhere to a business plan"

One way to ensure that all assets are viewed universally involves their allocation to five asset classes: financial, physical, organisational, customer-related and employee and supplier-related (Boulton et al., 2000). The overall objective is to create and adhere to a business plan that manages and invests in an appropriate mix of asset classes in order to create value:

1. 1.

   Physical. Assets which can be touched and/or counted: land, buildings, equipment, inventory, natural resources, etc. However, it is often possible to create physical assets through re-purposing other resources.

2. 2.

   Financial. Assets including cash, receivables, investments, and sources of debt and equity. Unlike obligations to repay debt, the ability to issue debt is an asset.

3. 3.

   Organisational. Intangible assets which include leadership, strategy, structure, processes, systems, culture and values, brands, knowledge, innovation and intellectual property.

4. 4.

   Customer. This class of assets consists of all parts of the inbound chain of value creation-partners, employees, vendors-anyone who helps a company create a good or service for its customers.

5. 5.

   Employee and supplier. Besides customers, these assets also include affiliates, distributors, and other channels (such as the Internet).

"Its key assets are organisational"

For example, Company X's primary business is operating call centres and processing transactions for other companies' loyalty cards and billing. Its client relationships, as well as how effectively its employees operate call centre systems and process transactions accurately, are paramount. Therefore, its key assets are organisational, customer-related, and employee and supplier-related. Examination of the specific metrics for value and cost yields more important reflections of Company Xs' value than relying strictly on EBITDA (Figure 1).

Figure 1 Illustrative asset model and value creating processes/activities

Organisational assets include system development, product research and development, and service delivery processes. Account management and client targeting and acquisition fall into its customer-related assets. Staff training and development, strategic partnerships, supplier section and recruitment comprise employee and supplier assets.

By drilling down into each asset, we can align its strategy, people, processes and information for effective risk management (see Figures 2 and 3).

Figure 2 Measuring value - organisation

Figure 3 What are the costs - organisation

Risk occurs when one component of the business is deficient:

• •

  If processes fail, people cannot perform then adequately and they do not achieve the business strategy.

• •

  If reports are deficient, they do not provide information for effective management.

• •

  If key performance measures are not strong, methodologies do not adequately analyse information.

• •

  If systems and data are deficient, information is not available for analysis and reporting.

Therefore, effectively managing risk requires an alignment of each component of the business: strategies, processes, people, reports, key performance measures, and systems and data.

ReferenceBoulton, R.E.S., Libert, B.D. and Samek, S.M. (2000), Cracking the Value Code: How Successful Businesses are Creating Wealth in the New Economy, Harper Collins, New York, NY.