Risk management should be proactive in these turbulent times

THE growth of the global village dictates that traditionally irrelevant risks in other countries are fast affecting individual companies. Notably, the tensions between the US and China, data privacy laws in Europe and cyber security threats in the digital space are forcing companies to rethink and revamp their businesses and growth strategies; starting from expanding supply chain to exploring new distributorship frameworks to outright acquisitions of companies in unfamiliar territories.

While these risks and strategies require vast amounts of resources, including management attention, they offer those who are able to navigate it well a huge competitive advantage over their competitors. As with all good risk management strategies, the foremost focus and starting point is understanding the business objectives and targets before management can identify and assess the risks relevant (or about to become relevant) to its success. Once business strategy and risk prioritisation have been determined, management should actively utilise its internal audit function to proactively support the accomplishment of its strategies.

A great example of how many multinational corporations (MNCs) have done this recently is shown when they diversified their supply base and revenue base to be less exposed to tax tensions between US and China. Many of these MNCs have rapidly embarked on new programmes to secure supplies from new countries, worked with new original equipment manufacturers (OEMs), acquired new subsidiaries or engaged in new joint ventures (JVs). These strategies do not come without risks - the additional supplies may not meet quality requirements or may have originated from US or China; the new OEM may not meet health, safety and workplace standards; the cost of raising the operations of the new acquisition may be exorbitant and the JV arrangement may not have been adequately thought through.