Unprecedented volatility adds new urgency and complexity to old risks, reports Aon’s 2017 Global Risk Management Survey

Aon, a founding member of The Risk Institute, released their 2017 Global Risk Management Survey today. Conducted in the fourth quarter of 2016, the bi-annual survey gathered input from 1,843 respondents at public and private companies around the world. It finds that trends in economics, demographics and geopolitics, as well as technology advancements, are transforming traditional risks and adding new urgency and complexity to old challenges.

Top discussion points of the survey include:

  • damage to reputation/brand as a top concern
  • political risk/uncertainties entering the top 10 risk list
  • Cyber Crime ranking the number one risk to North American businesses
  • disruptive technologies/innovation predicted to rise in risk
  • risk preparedness at its lowest level since 2007

Damage to reputation/brand is consistently the top-ranked risk by businesses. Companies have become vulnerable due to the amplified negative impact social media has on cases of defective products, fraudulent business practices, and corruption.

Cyber Crime is now the top concern among businesses in North America, jumping from number nine to number five on the top risk list. Cyber breaches are increasing and incident response plans have become more complex, making Cyber Crime a costly business interruption.

Political risk/uncertainties have recently re-entered the top 10 risk list at number nine. The survey finds that developed nations that were traditionally associated with political stability are becoming new sources of volatility and uncertainty. Additionally, according to Aon’s latest 2017 Risk Maps, trade protectionism is on the rise while terrorism and political violence ratings are the highest they have been since 2013.

“We are living in a challenging new reality for companies of all sizes around the world. There are many emerging influences that are creating opportunity, but at the same time, creating risks that need to be managed,” said Rory Moloney, chief executive officer for Aon Global Risk Consulting. “As the risk landscape for commerce evolves, businesses can no longer rely solely on traditional risk mitigation or risk transfer tactics. They must take a cross-functional approach to risk management and explore different ways to cope with these new complexities.”

Disruptive technologies/innovation is a concerning risk emerging for the future. It is currently ranked number twenty but is expected to jump to the top ten within a few years. New technologies such as drones, driverless cars, and advanced robotics have caused an increased awareness of impacts for businesses.

The top 10 risks are:

  1. Damage to reputation/brand
  2. Economic slowdown/slow recovery
  3. Increasing competition
  4. Regulatory/legislative changes
  5. Cyber crime/hacking/viruses/malicious codes
  6. Failure to innovate/meet customer needs
  7. Failure to attract or retain top talent
  8. Business interruption
  9. Political risk/uncertainties
  10. Third party liability (including E&O)

The full report can be accessed at www.aon.com/2017GlobalRisk.

 

Intellectual Property: Defense is the Best Offense

Intellectual property is worth a good strategy for risk management.Identifying a company’s intellectual property can sometimes be a fuzzy exercise, but it’s clear that failing to do so and not having a risk management strategy to safeguard a business’ “secret sauce” can lead to dire consequences. That’s especially true for startups whose only real asset may be the big idea that got them going in the first place.

Still, intellectual property and risk management consultants say companies may not be doing as much as they can to protect their IP assets, which can include everything from product formulas to customer lists.

Risk Institute Portraits Fisher Hall - Third Floor Feb-02-2016 Photo by Jay LaPrete ©2016 Jay LaPrete

Philip Renaud, executive director of the Risk Institute at Ohio State University’s Fisher College of Business

“I wonder if inside the doors people are having enough robust conversations about what their intellectual property is and what needs to happen to manage the risk,” says Steve Snethkamp, a partner in the Columbus office of EY. His consulting practice covers a variety of industries with a focus on information technology.

The stakes are high, he says, pointing to incidents in which the technology behind a new product has been stolen and implemented by overseas competitors even before the IP owners can get that product to market. And it’s not easy to manage that risk, especially with all the data that can be shared—and exposed—through the ever-increasing use of mobile technology and interconnected devices.

“There is no silver bullet,” Snethkamp says, “but the first thing (for companies) is to create a cultural awareness that security is important and IP is the lifeblood of the organization. That needs to be the mantra of every person in the company from the janitor to the CEO.”

Then businesses need to clearly define their intellectual property, identify where it is located, make an inventory of it and put in place controls, processes and procedures to protect it appropriately.

“It’s hard stuff to do,” Snethkamp says.

But it’s also essential given the findings of a 2013 study by the independent Commission on the Theft of American Intellectual Property. It estimated that international thefts of intellectual property have an impact of more than $300 billion annually on the US economy, costing the country millions of jobs and dragging down economic growth and investments in research and development.

Risk managers historically were focused on hard assets—buildings, equipment and inventory—but that has shifted to intellectual property and intangible assets such as copyrights, patents, technical processes, trade secrets, customer lists and distribution networks, says Philip Renaud, executive director of the Risk Institute at Ohio State University’s Fisher College of Business. He has worked in the risk management field since the early 1980s, including stints with L Brands, Kmart, Exel and Deutsche Post.

“It’s much more difficult to value an intangible asset and protect it,” Renaud says. “I can’t put a sprinkler system and firewall around a copyright.”

In his opinion, IP risk management in many cases becomes a defense strategy in which companies must educate team members about the importance of protecting the brand. That is particularly the case of detailing the risks when employees are working online and sharing data.

Such preventative steps are especially important, Renaud says, because of the difficulty and expense of stopping an IP infringement after the fact.

“That’s the greatest challenge,” he says. “If the company that has infringed on you is exposed, the only way to get there is through legal proceedings. That costs a lot of money.”

There is also the thorny issue of taking legal action when an IP infringement occurs overseas. “How do you get enforcement in China?” Renaud asks.

His best advice for companies is to make sure they understand their intangible assets—how they are used, their value to the business and how they are being protected.

When looking to protect intellectual property, companies should consider registering their rights with patents, trademarks and copyright, says Susan Rector, an attorney at the Columbus office of Ice Miller LLP. She represents companies in all aspects of IP ownership and information technology transactions.

“Inherently, taking the steps to register the rights to your intellectual property gives you a leg up,” Rector says. “That’s important from a defensive standpoint. It can also be used offensively against people who come too close to your (IP) rights.”

She works with a lot of startup companies that are building their business model around a proprietary product that is far and away their most valuable asset.

“Often it’s two guys, a laptop and an idea,” Rector says. “A lot of them will get big valuations (from investors), but people will only back them if no one else has done it. … They need to think about an intellectual property strategy early. If they don’t, they can lose their ability to protect that product or device.”

Intellectual property presents some specific challenges for risk managers, says Nicholas Kaufman, head risk manager at Battelle in Columbus.

First, it can be difficult to place a value on IP assets because they can be hard to measure, especially compared to property risks or auto liability. Second, Kaufman says there really is no insurance market for intellectual property because mature insurers tend to organize around areas they understand and know the likelihood of payouts on policies. That’s not the case with IP because of the difficulties in placing a value on the assets and calculating the risks to them.

Despite those issues, companies still need to have a risk management program in place for their intellectual property assets because the stakes can be so high. Kaufman says Battelle’s program takes an enterprise-wide approach in managing the IP risks for its range of products, services and research it conducts.

“We look at it holistically,” he says. “It’s not just about defending our intellectual property but making it as easy as possible for our scientists to create IP.”

Kaufman says intellectual property best practices start with an understanding of your organization and how IP brings value. Then it becomes a matter of aligning resources to protect that value.

The sooner that companies think about protecting new intellectual property the better, says Ari Zytcer, a Vorys, Sater, Seymour and Pease LLP attorney who has worked in the IP field for more than 10 years. But he also recognizes that can be easier said than done.

“In identifying intellectual property,” he says, “you’re starting in the dark. Is this going to be a commercially successful product or an intermediary that leads to something down the road that you would like to protect and stake a claim? You don’t know what aspects you’d like to protect (with a patent) … so we see broad coverage at the beginning. As development continues, you home in on what is commercially viable and blocking other companies from getting into that space.”

Zytcer also says there is no one-size-fits-all approach for IP risk management.

Small companies, for instance, have to consider whether it is best to spend limited resources on patent procurement versus funding research and development and breaking into a market. Large companies generally take a more holistic view with IP committees drawn from the business side—risk management, legal, finance and marketing for example—and R&D side of the enterprise. They track new inventions and make the call on the allocation of resources for patents, trademarks and other IP safeguards.

“Having a cohesive policy for the company is crucial,” Zytcer says. “It’s almost like a marriage. The right hand needs to know what the left hand is doing.”

Jeff Bell is a freelance writer.

Governance and culture take center stage at The Risk Institute’s Annual Conference

Conversation surrounding governance and culture recently took center stage at The Ohio State University Fisher College of Business, as The Risk Institute explored the impacts of the two key aspects of business at its Annual Conference. The two-day conference brought together Risk Institute members, business leaders, experts and faculty thought leaders from Fisher for an in-depth examination of the risk management and strategic implications of governance and culture.

Phil Renaud and Jeni Britton Bauer of Jeni's Splendid Ice Creams discuss maintaining culture through crisis.

Phil Renaud and Jeni Britton Bauer of Jeni’s Splendid Ice Creams discuss maintaining culture through crisis.

Considering the various sides of governance and culture is critical to understanding how to leverage risk management to create value for an organization. The conference featured four keynote speakers, Gordon Bethune, former CEO of Continental Airlines; Cameron Mitchell, founder and CEO of Cameron Mitchell Restaurants; Randall Kroszner, former Governor of the Federal Reserve System; and David Gebler, author of best-selling book The 3 Power Values.

Bethune opened the conference and focused on his experience turning around Continental Airlines over a decade, which is detailed in his book, From Worst to First. He emphasized the importance of building accountability between employees and the organization saying, “What gets measured and rewarded, gets done.”

Mitchell is a self-described serial entrepreneur who understands that taking risks is necessary to be successful in business saying, “I may shoot myself in the foot and walk with a limp, but I’ll never shoot myself in the head and make a fatal mistake.”

Academic Director Isil Erel speaking at Annual Conference 2016.

Academic Director Isil Erel speaking at Annual Conference 2016.

During his time with the Federal Reserve System and as a professor of economics at the University of Chicago, Kroszner never imagined he would be helping guide America’s economy through the worst financial crisis since the Great Depression. He discussed the potential ramifications of the Fed keeping interests rates at historic lows since 2008 saying, “When your short-run policy becomes a long-run policy, you will always run into unintended consequences.”

Named one of America’s top Thought Leaders in Trustworthy Business Behavior, Gebler is an innovator of new approaches that integrate culture, ethics, values and performance. His talk detailed how to know if your organization’s culture is a risk factor utilizing the three power values— integrity, transparency and commitment.

In addition to the keynotes, the third-annual conference brought together business leaders and experts for a series of RISKx presentations and panel discussions on women in risk, governance and culture related to business. The culture discussion explored  employees’ attitudes toward risk, mergers and acquisitions, maintaining culture through crisis, and emerging risks in the energy industry.

The Risk Institute’s Executive Education Series will resume November 15 with a discussion on Political Risk.

 

Risk Modeling: The Past and the Future

Risk Institute Portraits Fisher Hall - Third Floor Feb-02-2016 Photo by Jay LaPrete ©2016 Jay LaPrete

By  Philip S. Renaud II, MS, CPCU
Executive Director, The Risk Institute
The Ohio State University Fisher College of Business

 


No one can foresee the future, but risk managers are tasked with anticipating and using all resources at their disposal to predict what lies ahead. Risk modeling, based on data analytics, is one of the critical tools any risk practitioner can employ. However, like all things, modeling has undergone a transformation in recent years as more data is available upon which to base the models.

With risk modeling playing an increasingly crucial role in risk management, The Risk Institute at The Ohio State University focused its March Executive Education Session on Risk Modeling: The Past and the Future. Over 70 attendees were at the program from 27 companies and universities that gathered for the presentations and insightful Q&A on the topic.IMG_4839 Crop

The half-day session included a three-person panel of experts moderated by The Risk Institute Academic Director, Dr. Isil Erel. The panel was comprised of:

  • Rongsheng Gong, Vice President, Head of Risk Modeling and Analytics, Huntington National Bank
  • Al Schulman, Vice President (retired), Enterprise Risk and Capital Management, Nationwide

The session focused on the essential nature of risk modeling as a risk management tool and its role for both financial and nonfinancial firms. The speaker presentations centered on how risk models have changed as business, regulatory and economic environments have evolved over time. The impact of the recent financial crises was cited numerous times during the discussion as the speakers highlighted how previous risk models created by industry, banking and government failed to identify the magnitude of the risk impact to multiple business sectors.

The trio of presenters went in-depth for session attendees to understand the evolving, complex and at times volatile economic conditions impacting a firm’s markets and operations.IMG_4971 Crop

According to our speakers, five key lessons on effective risk modeling include:

  1. The financial crisis has led to both an increased knowledge of risk models and a decreased confidence in those same models.
  1. Since the crisis, new model considerations include counterparty risk, funding liquidity, regime-switching and government guarantees.
  1. The current system of banks, insurance companies and nations is highly and dynamically connected.
  1. Managing model risk includes multiple levels of validation for every step of its development.
  1. No matter how sophisticated the risk model, the human element is still the most important.

The session emphasized how financial firms since the recession have adapted their risk models to the changing business, economic and regulatory environments. Additionally the speakers focused on the interconnectedness of institutions (banks, insurers and government) and how that plays a vital role in managing how risk is modeled.

The session proved thought-provoking and demonstrated The Risk Institute’s unique role in uniting industry thought leaders, academics and highly respected practitioners in an ongoing dialog to advance the understanding and evolution of risk management. The Risk Institute’s conversation about risk management is open and collaborative with its relevance across all industries and its potential as a tool for competitiveness and growth.


For more information about upcoming events, our students, partners or research, visit our website: fisher.osu.edu/centers/risk.

Data Analytics and Managing the Risk of Demand Uncertainty

by Gregory Sabin – Visiting Lecturer, The Ohio State University Fisher College of Business

A 2012 Supply Chain Insights survey asked supply chain managers to name their top 10 pain points. Three out of four respondents listed demand volatility, which made it one of the most painful aspects of supply chain management, second only tosabin Greg supply chain visibility.  Firms can reduce demand volatility and the associated risks by incorporating economic and demographic data to create simple and more accurate business models.

Risks associated with demand volatility include both risks of overestimating and underestimating demand.  Overestimation of demand will cause declines in the firm’s return on assets (ROA) because of the overcommitment of assets and unnecessary expenditures that will be incurred in anticipation of surplus demand that does not materialize.  Underestimating demand is associated with increased production costs, lower quality levels and decreased customer satisfaction.

These risks affect every part of the business, including customer service, financial planning and analysis, supplier development, new product development, human resource management, product/process engineering and investor relations.  As such, firms need to approach forecasting and planning from a cross-functional perspective.

Why are most businesses not already doing this? As recently as five or six years ago, businesses lacked not only easy access to the detailed information needed to add analytical models to their forecasting process, but also the ability to process that information in a cost-effective manner. Traditionally, this meant firms focused primarily on internal marketing and supply chain information such as distributor estimates, sales projections, product lead times, inventory levels, production capacity and workforce head counts.

Now we are seeing the amount of readily available information exploding in the public domain.  As “big data” and tools to access the information has grown to a point of critical mass, firms cannot only access customer, product and competitor information, but also macroeconomic data that is more detailed and forward-looking than what has been available in the past. Combining this economic data with proprietary firm specific information is creating a new proactive approach to balancing the risk associated with forecasting and demand management.

Early adopters of this new approach are utilizing data-driven analytical tools to enhance the planning and forecasting processes and to give significantly more accurate information to all business units involved in their company’s planning process. The pain associated with demand volatility can be reduced because a firm has armed itself not only with better information, but also with an integrated cross-functional perspective.


The Risk Institute Executive Education Series will continue on April 30, 2015 when Professor Sabin will co-lead a half-day session on Demand Uncertainty, Data Analytics and Risk Management. For more information or to sign up for the session, visit FISHER.OSU.EDU/RISK