The Financial services industry, along with many other regulated industries, have been constantly inundated with regulatory rules and change since the near total meltdown of the financial services industry in 2009. This wave of regulatory change has often been used to justify the implementation of new enterprise risk management frameworks and software solutions. Despite the newest regulations, many firms still require a robust business case to support the purchase of an enterprise risk management solution leading to prospects and customers alike asking if we have any suggestions about what to include in a business case.
In a series of 4 posts, we will provide some key points when pitching to the CEO, CFO, CRO and CIO; building a business case for enterprise risk management software based on three principles:
- Knowing your audience
- Balancing risk and reward i.e. balance cost cutting against growth
- Tangible benefits backed-up by historical precedent or data
Top 3 Points when Pitching to the CEO
Our ERM solution will...
1.) Take the right risks to deliver growth
HSBC recently very publicly made the point that the focus on risk management and compliance was creating a cultural tension. They explained that people were becoming so risk adverse that decisions were not being made fast enough and opportunities were not being pursued because of the fear of the risk and compliance implications involved. As firms struggle to deliver growth and profitability in the face of some challenging regulatory headwinds, the need for clearly defined, measurable and an operationalised risk appetite is vital. A well-articulated, embedded risk appetite provides a boundary for risk-taking within the firm and provides the guidance a firm requires to understand where they are taking too much, the right amount or too little risk. Often firms overlook being underexposed to risk, but with the correct level of risk exposure this is exactly where opportunities for growth can be found.
Use a simple KPI, such as Potential revenue growth as a percentage (of current revenue) to quantify the potential value of taking the right risks to deliver growth.
2.) Build and maintain the firm’s reputation
For any firm seeking to grow, but particularly a firm within Financial Services, building and maintaining a good reputation is critical. Often few people understand this value as well as the CEO. A McKinsey & Co study found that the knock-on effect of a risk event with an initial direct impact of more than USD1M, was typically 9 times the initial direct impact with the majority of the knock-on impact due to reputational damage. In your ERM business case take your operational losses for last year multiple this value 9 times, then compare it to the goodwill number your firm carries on its balance sheet and express it as a percentage. This percentage figure can be used as a proxy for the value of your reputation that you are putting at risk.
3.) Release regulatory capital to deploy for growth initiatives
All firms need capital to grow and all CEOs understand this key business fact, however many have relatively large amounts of capital allocated for regulatory risk purposes. In our experience, implementing a robust enterprise risk management approach which demonstrates value in the first year allows firms can get into a position of proactively engaging their regulators with a view to reducing their regulatory capital. Based on past experience, reductions of regulatory capital of between 5 – 15% is readily achievable.
Look out for our next post in which we will outline the 3 key points when pitching to the CFO.
