What does it take to get a Board Risk Committee that is really effective? The first step – establishing it – has already (hopefully!) been taken.
This underscores the organisation’s commitment to doing things right from the risk management perspective. It also demonstrates the organisation’s understanding of how risk management affects every aspect of the business. The next step is empowering the Committee so that it does what it is supposed to do. This includes reviewing the organisation’s strategies, evaluating their effectiveness, finding the gaps and closing them so that the firm grows in a competitive, sustainable way that continues to build its value.
Committee members have to have certain skills and competencies so that they understand how businesses work. They also have to have access to the organisation’s resources to help them achieve its objectives. Access to resources has to come with access to the different sectors of the firm, and the authority to communicate freely. Committee members are going to need a lot of verifiable, reliable information from a variety of sources if they are to do a good job. This includes external parties as well- they should be able to talk to any parties in the course of carrying out their work, including members of other Board Committees.
Communication cannot be overemphasised in the case of empowering the Board Risk Committee. Open lines of communication bring in the information necessary for effective decision-making, and establishes a method of feedback that is helpful when evaluating the work of the Committee itself. One way of gauging its effectiveness is to have others evaluate what it has been doing; it has to be open to criticism and be ready to make changes in the way it does things. This implies that a substantial amount of agility is required in the way it operates. But just how agile can a committee in the traditional sense, be?
In the course of its work, the Committee should find a way of communicating its openness broadly, and be willing to listen to improve organisational performance. Part of the information-gathering critical to its operations is the ability to keep its (collective) ear to the ground to gauge public and staff sentiment.This also includes the encouraging of whistleblowing – although this will require members to exercise scepticism. A lot of the effectiveness of the Board Risk Committee depends on how independent its members are, if they have the power to discern, be firm and if they have enough moral fibre to carry out what is required of them.
Members cannot be empowered if they have vested interests in the company, as it will mean that they can no longer make balanced, unbiased decisions in the best interests of shareholders and stakeholders. They should have no qualms about doing the right thing even if it goes against convention, and is not “the way we do things around here.” Indeed, they should see it as their job to challenge assumptions and established methods. Considering the dynamics of the environment, and the pace at which changes occur, it is safe to assume that risks change in tandem. To address this, improvements have to be continually made.
These improvements include ongoing education for members as well. They should keep abreast of developments within and outside their own industries. There are so many things to consider as a member of a Board Risk Committee; the position can be completely overwhelming but members should take heart. Research has shown that the most empowered Committees are those that were established because their organisations decided to do the right thing. It may well be that what empowers Board Risk Committees most is the support and commitment of their organisations.
