Can positive Risk Culture & Good Governance be achieved?
What is Risk Culture?
Risk Culture is the way staff identifies, understands, discusses and acts on the risks an organisation either confronts or take. It is not identified as financial risk management and often overlooked as “softer” and not as important.
Surely financial success is the most important indicator of success? Why worry about managing non-financial risk if all key financial indicators are positive? This view and lack of good governance leads to a poor risk culture and can be both detrimental and costly.
As financial organistions continue to feel the pain of the Royal Commission and with APRA citing concerns about poor culture and governance, it is important for all in our industry to consider, comply with and adopt good governance practices.
What is Good Governance?
Governance involves all of us, and is supported by a risk function that provides insight and foresight to match increasing volumes and magnitudes of volatilities across our organisations.
This means complexity in: disseminating information; setting and following delegations; and managing relationships, including management, the board, shareholders and all staff.
Good governance has 8 major characteristics. It is participatory, consensus oriented, accountable, transparent, responsive, effective and efficient, equitable and inclusive, and follows the rule of law. Good governance is responsive to the present and future needs of the organisation, exercises prudence in policy-setting and decision-making, and that the best interests of all stakeholders are taken into account.
1. Rule of Law
Good governance requires fair legal frameworks that are enforced by an impartial regulatory body, for the full protection of stakeholders.
Transparency means that information should be provided in easily understandable forms and media; that it should be freely available and directly accessible to those who will be affected by governance policies and practices, as well as the outcomes resulting therefrom; and that any decisions taken and their enforcement are in compliance with established rules and regulations.
Good governance requires that organisations and their processes are designed to serve the best interests of stakeholders within a reasonable timeframe.
4. Consensus Oriented
Good governance requires consultation to understand the different interests of stakeholders in order to reach a broad consensus of what is in the best interest of the entire stakeholder group and how this can be achieved in a sustainable and prudent manner.
5. Equity and Inclusiveness
The organisation that provides the opportunity for its stakeholders to maintain, enhance, or generally improve their well-being provides the most compelling message regarding its reason for existence and value to society.
6. Effectiveness and Efficiency
Good governance means that the processes implemented by the organisation to produce favourable results meet the needs of its stakeholders, while making the best use of resources – human, technological, financial, natural and environmental – at its disposal.
Accountability is a key tenet of good governance. Who is accountable for what should be documented in policy statements. In general, an organisation is accountable to those who will be affected by its decisions or actions as well as the applicable rules of law.
Participation by both men and women, either directly or through legitimate representatives, is a key cornerstone of good governance. Participation needs to be informed and organized, including freedom of expression and assiduous concern for the best interests of the organisation and society in general.
In recent times, there have been a number of challenges in getting governance right. While there is no silver bullet that addresses all of these challenges in our organisations, we believe it is important to talk about how they manifest themselves and to share observations of better practice. Our RMA member events have featured various elements of governance learnings. Expect to see more on good governance at our events.
4 ‘common themes’
APRA has identified four ‘common themes’ in relations to poor risk culture and getting governance right.
- Non-financial risk management requires improvement;
- Accountabilities are not always clear, cascaded and effectively enforced;
- Acknowledged weaknesses are well-known and some have been long-standing; and
- Risk culture is not well understood, and therefore may not be reinforcing the desired behaviours.
Good Governance can be achieved, it just requires greater understanding of the intricacies of risk culture and a willingness to address it with a solid risk function.