Shocks, Knocks and Building Blocks- How will you play in 2022?

In the traditional way, risk management is mostly viewed as the responsibility of a centralized corporate function, which can lead other functions to misunderstand or downplay their role in managing risk, even when perceived “high risk” resides in their area. Or, a particular function might develop a risk response to meet its own needs, something that isn’t coordinated with other organizational risk efforts and often miles away from the strategic goals and objectives of the organisation.

We also often witness technology solutions that are implemented ad hoc or bolted on to existing systems. So even though the organization supposedly has centralized risk oversight, there are numerous siloes operating independently, making it difficult to understand the big picture and address risk holistically.

Added to this carefully constructed, distributed mess; is too much focus on the negative aspects of risk and the negative risk responses, resulting in an ambitious drive to “get everything green” This is just a pathway on which the only achievement will be destruction of value and missing key rewards. If the road signs are misread or ignored, this would just become a “highway” to the corporate graveyard.

The shocks and knocks of 2021 are now in the past, whether you knew about them through strategic corporate foresight and had effective risk responses; or just survived by organisational resilience or pure luck, are irrelevant now. The most important thing is how you will play in 2022!

Remember that going forward you are not in the “New Normal” – nothing is, or will be normal. The so-called VUCA world is exponentially changing into something most of us cannot even imagine right now. For years I have been promoting and training “Think Differently” as the first pillar of Risk Culture Building- if you are still not on that page, you have critical actions to take.

The number of building blocks that you have available to play with totally depend on the level of maturity you have reached in the effective management of risk in your organisation. So, Step 1 is to do an accurate assessment of the level you are at. (Use the Risk Culture Maturity Monitor for that, link in the comments)

Once you know that, you can dump all the blocks on the table and start your building process for the future. Obviously; there is no blueprint, all organisations are different and at different levels of maturity- you have to sort the blocks and start the building process. Maybe you need to fix the foundations first (see my previous article on getting the basics right, link in the comments)

Building an effective risk culture and organisational suicide prevention are just not going to be enough and if you are not there yet, to need to fast-pace your catch-up process and then focus on the more important things. Catching up for most will include things like:

1.??????The biggest risk in many organisations is still hanging on to the dead 3 Lines of Defense concept that was outdated for a long time and died in 2020. So many job advertisements still refer to that and even so-called expert papers still talk about 3LoD... just shows how far back in the past these organizations live. Dumping that is way overdue and the first thing you must do in sorting out your blocks, those "defense ones" are of no use going forward.

?2.??????Second on the list is the risk of believing the fallacy of Risk Assurance. So much time and effort spent on something with virtually no value and really no contribution to the actual effective management of risk. Any form of Risk Assurance just creates a false sense of comfort, often to the level of a false sense of “security” that all will be Okay. Stop spending resources on this, rather invest in training all employees basic risk management skills to achieve a better and more sustainable return.

?3.??????Last of my list is the risk of getting caught up in focusing on a risk that does not exist. There is no such thing as "conduct" risk. Conduct is the outcome of either BAD or EFFECTIVE people risk management. Sadly, the horse is still trying to push the cart on this one in many organisations.

The building blocks left on your table should include the following:

1.??????Adopt, develop and practice the Radical Risk Management process in your organisation (details in another article and available for free upon request, link in the comments)

2.??????Build a Risk Intelligence system bigger than what is needed for an effective risk culture- develop intuitive expertise. If you can see it coming, it is way too late; you’ve got to know that it is going to come.

3.??????Identify, know and manage your cognitive biases in your thinking about the management of risk and in ALL decisions you will make in 2022.

The Future starts today, the building blocks to thrive through the effective management of risk in 2022 are in your hands; how will you play??

Lastly, Follow some gurus: 10 risk professionals you should follow. (link in the comments)