In Chapter two of his book, Douglas Hubbard's discusses where the risk
management industry has been and where it currently thinks it is.
The chapter starts out with a very brief history of risk management
('800 words' according to the author), tracing the route from the
discovery of mathematical probabilities, to its initial commercial
application in insurance, and finally down to the modern day emerging
'new character' or risk management, incarnated in regulations like
Basel II, and in applications like Enterprise Risk Management. His
history is not very complimentary, comparing today's state of risk
management as similar to the Old West gold rush towns, where things
look brightly painted and pretty, but built on shaky foundations and
filled with snake oil peddlers.
His history aligns quite well with Peter Bernstein's own summary,
although at a very very high level and, I suspect, very much framed to
support his thesis (which I suppose is what the rest of the book is
about).
Hubbard then makes a brief discussion of the common risk assessment
approaches (expert intuition, weighted scoring, probabilistic models,
etc) and suggests that some of these are not up to par for the role
risk management is playing (corporate growth survival, after all) and
will probably need to be dispensed with.
The next section covers risk mitigation approaches. He has a brief
treatment of the common approaches (what risk management book
doesn't?): avoid, reduce, transfer, retain. The most interesting part
of this section is his list of examples of concrete manifestations of
risk mitigation approaches (in contrast to the abstract approaches of
avoid, reduce, etc. His list includes selection processes, contractual
risk transfer, insurance, liquid asset position, etc.).
In the final section, Hubbard discusses 3 major surveys of enterprise
risk management, conducted by Aon, The Economist, and Protiviti. The
surveys show what the executives in these companies thought about what
their top risks are (reputation, market, human capital, and regulatory
environment figure very high). The surveys indicate that risk
management is present in those companies primarily because they are
being required to have it (a necessary evil). It also shows that risk
management is well represented and increasingly so at the board level.
The executives seem pretty confident that they are doing risk
management well.
Hubbard suggests that that is not the case at all.
No comments:
Post a Comment