Why Understanding Business Relationships is Important to Financial Risk Management
The complexity of relationships—among data points, entities, people and teams—might just pose the biggest risk to risk management. The velocity, scope and variety of risks in today’s digital world make the skills needed to find a semblance of predictability and order increasingly difficult to come by. Even when data is available to help prioritize and understand enterprise risk, companies are struggling with the magnitude and disparity of the data they manage each day.
Recently, Dun & Bradstreet conducted a survey of senior finance professionals to uncover trends in how they are currently navigating enterprise risk with data. Most senior finance leaders are actively using data to define and navigate enterprise risk. Yet, while many have adopted technology and conduct regular risk reviews, the relationship element of risk—how the true story of risk unfolds among and within companies, hierarchies, industries, economies and even countries—is a rising challenge uncovered by the study. Anthony Scriffignano, Dun & Bradstreet’s Chief Data Scientist, recently commented on the growing disparity in connectedness. “Connectedness, or how one thing relates to another, is a property of data that is rising in importance in ways that both amaze us and scare us in the modern age.”
What are the top enterprise risks identified by finance leaders?
Dun & Bradstreet uncovered the top five areas of enterprise risk that finance leaders are focused on currently. They are:
- Compliance Risk
- Human Capital & HR
- Risk Governance
High alert must be a constant state, according to EY. “The digital world does not allow any organization to feel comfortable in the area of cybersecurity threats and vulnerabilities.” According to EY’s recent study, more than one-third of global organizations still lack confidence in their ability to detect cyberattacks. Increasingly, data is a strong component of cybersecurity threats. Understanding the linkages between attacks using data can help companies detect threats before they infiltrate, yet most companies are as yet unable to do this successfully.
The digital age is holding companies both instantly liable for infractions, slips and mistakes, and finance leaders are often charged with understanding the laws, requirements and standards and managing through them. “As global regulations proliferate and stakeholder expectations increase, organizations are exposed to a greater degree of compliance risk than ever before.” While many companies are using data to help understand compliance levels, the links between infraction sources and the likelihood of threats are yet to be fully understood.
The strategic management of human capital poses a major risk to most organizations. Not only does labor typically make up the largest percentage of the typical company’s budget, the management of human capital also impacts a company’s ability to protect itself from risk. Hiring the wrong talent in the wrong quantities for the wrong reasons can negatively impact the bottom line and expose the company, and finance leaders are feeling the pressure to work more closely with HR to use data to uncover hidden risks such as fraud or managerial ineffectiveness. In 2015, 57% of surveyed risk professionals indicated that hiring the right talent was key to managing risk. Yet, many struggle to find the linkage between the right skills and the application of hiring practices with data.
Ensuring proper controls in the wake of regulatory burdens, international laws and multiple currencies takes up much of a finance team’s time. Like many strategic endeavors, risk governance is now in itself a data-driven imperative. And while no shortage of data exists for companies to sift through, the speed of transactions and the pace of change demand that companies seek the linkage between many elements—regulatory, financial and competitive. Over 40% of finance leaders find governance to be one of their top enterprise risk priorities.
What do these top emerging risks have in common?
All of the five top risks identified—cybersecurity, compliance, data management, governance and human capital—all share a commonality: they have a strongly defined relationship element. All, additionally, involve the use and potential misuse of data. Although most companies seem to understand and operationalize a data strategy to manage enterprise risk to varying degrees, it’s clear that the data isn’t being used holistically or in an integrated manner within most enterprises. Additionally, the human aspects of culture, compliance and talent management pose internal threats just as cybersecurity and governance pose a threat from both within and without.
The relationship between the top-identified risks is—indeed—relationships. Alarmingly, only 20% of finance leaders say they agree that they successfully use data to manage the linkage between risks. And, this linkage might actually be the missing link to managing enterprise risk.
Finance Leaders as Master Data Builders
Tackling the relationship element of risk isn’t for the faint of heart. “The idea of risk is getting turned on its ear by data,” says Scriffignano. “If you think about the kind of risks that an organization faces, the types of risks that it had yesterday don't go away. But layered on top of risks such as fraud, currency arbitrage and compliance are risks like cyber-security and cyber terrorism, and people misusing information in unintended ways. The world is changing very quickly—and deep learning, behavioral analytics and understanding relationships are the only keys to tackling these emerging risks.”
Finance can play a pivotal role in tackling enterprise risk with data by helping the organization to understand where relationships exist among data points. To get started, says Scott Taylor at Dun & Bradstreet, “think of yourself as the master builder of your data, ensuring your data seamlessly flows among processes throughout your enterprise as you construct your own framework for success.” The right analytics can help CFOs manage compliance, control and risk in a more nimble way.
Thinking in terms of how risks, processes and trends are related may be the key to redefining your enterprise’s risk management framework. After all, says Taylor, “Everybody wants to relate… Without relationships, there is no business to be done.”