Risk management is usually considered an exercise exclusive to management. Since the global financial crisis of 2008 and the sophistication of businesses due to technology and globalization, boards have awoken to their oversight responsibility for their organization’s risk management.

Increased scrutiny over risks

Corporate governance rules and credit rating agencies are taking a more decisive role in corporate risk
by forming policies addressing risk management. These emerging trends are forcing
boards to assess past organizational exposures to risks.

Potential Loss Areas

Exposures to financial loss include loss of intangible and tangible property and personnel loss. Revenue can also be lost by profit margins or an increase in expenses. Also, fines emanating from poor risk management are potential loss areas. Some examples of risks with financial impact are:

• Retained losses—insurance deductibles, retention amounts, or exclusions
• Net insurance proceeds
• Costs for loss control measures
• Claim management expenses
• Administrative costs to manage programs

Finding the balance (risk-taking and risk-management) is a responsibility of the board together with all levels of management of the organization.

Development of Policies, Procedures, and Awareness: While not taking a direct role in risk management, the board must not shirk its oversight role in risk management and other corporate issues that directly involve risk management. This can be done by:

1. Developing policies and procedures around the risk that are consistent with the
   organization’s strategy and risk appetite.
2. Following up on management’s implementation of risk management policies and
3. Following up to be assured that risk management policies and procedures function as
   they are intended.
4. Taking steps to foster risk awareness.
5. Encourage an organizational culture of risk adjusting awareness.

Areas of Risk Management Oversight includes:

1. Fiduciary duties
2. Federal and state laws and regulations
3. Stock exchange listing requirements
4. Established and evolving best practices—domestic and worldwide

Risk Management Oversight from a Broad Perspective

Boards should take steps to increase their effectiveness in reviewing and overseeing the company’s risk management systems and endeavour to perform annual formal reviews of the risk management system. Such annual reviews should include a review of oversight policies and procedures at the board and committee level on an ongoing basis. Such review should be enriched with the inputs of all levels of management. Today’s commercial and economic climate demands that boards
step up their game with an intense focus on risk management.

References: The Role of the Board in Risk Management by Jeremy Barlow