Fit for the Future: An Urgent Imperative for Board Leadership

It is a truism that the only constant in business is change. But that statement does not remotely do justice to the scale and scope of the multiple changes confronting business in the first half of the twenty-first century:

  • Rapid and far-reaching advances in technology are reshaping competition and the process of value creation in every business sector.
  • The struggle to deal with climate change is beginning to transform the economics of extractive industries and others.
  • Global supply chains are challenged by geopolitical and mercantile conflicts.
  • Investor scrutiny is more demanding than ever.
  • Society’s expectations of business are increasing as governments struggle to address mounting challenges—income inequality, threats to data privacy, crumbling infrastructure, global warming, and so forth.

Each of these changes in itself is seismic. But what makes the current epoch uniquely unpredictable and hard to navigate is the fact that these changes are happening concurrently, interacting with and amplifying each other, as illustrated in the figure below. As a result, companies may find it extremely difficult to anticipate the full impact or the second- or third-order effects of these disruptions in the next few years. This is especially true for boards of directors and their leaders, whose job it is to secure the long-term success of their companies. It is a challenge that is not going away any time soon—indeed, all indications are that it will become more acute.

NACD 1

AN EXISTENTIAL THREAT

As last year’s Blue Ribbon Commission report on board oversight of disruptive risks pointed out, these trends

  • “have the potential to change industry structure or operating conditions,
  • make existing business models obsolete,
  • derail growth,
  • or otherwise pose a fundamental threat [or transformative opportunity] to the long-term strategy of the organization.”

But while the threats are clearly existential, it is far from clear that all companies and their boards are adequately equipped to respond, because many of the big issues facing business are in new or uncharted territories. Technology is one obvious disruptor which is reshaping industries and forcing companies to consider new forms of collaboration that would have been unimaginable a few years ago. For example, the car industry is having to retool its entire production system to meet rising projected demand for electric vehicles while forming partnerships and joint ventures with leading software providers to exploit the emerging markets for autonomous cars. The competitive battleground and source of value creation has shifted rapidly and radically from the vehicles’ hardware to the systems driving it. Another challenge is the complex issue of climate change, where companies are feeling their way toward a response to fundamental market shifts involving international politics, governmental regulation, and investor expectations while considering the economic impact of climate risk. Boards need to bolster their capacity to navigate this labyrinth. A third and rapidly-moving set of challenges is emerging from tectonic shifts in geopolitics and in particular from the rise of great-power rivalry, trade protectionism, and mercantilism—notably in the domain of technology, where the United States and China are engaged in what some see as a new arms race for control over the systems of the future.

Overarching all of these trends is another relatively new pressure: the pressure for companies to articulate and justify their broader purpose, in terms of how they address society’s unmet needs in an era of great social change, activism, and political uncertainty. This is certainly the message from some of the largest institutional investors. As Larry Fink, CEO of BlackRock, put it in his 2019 CEO letter to portfolio companies, “Companies that fulfill their purpose and responsibilities to stakeholders reap rewards over the long-term. Companies that ignore them stumble and fail. This dynamic is becoming increasingly apparent as the public holds companies to more exacting standards. And it will continue to accelerate as millennials—who today represent 35 percent of the workforce—express new expectations of the companies they work for, buy from, and invest in.”

CREATIVE DESTRUCTION ACCELERATES

One important inference from these trends is that the formula for past success matters even less to companies considering their future. Research conducted in 2018 for the Fortune Future 500 initiative (the public companies with the best long-term growth outlook) shows that for large companies, there is now less correlation than there was before between past and future financial and competitive performance over multiple years. This means that companies can no longer hope to prosper merely by sticking to their historical growth strategies and competitive advantages. Relying on past success can engender complacency—itself an existential threat.

It is certainly true that the process Joseph Schumpeter called “creative destruction” is accelerating, and in consequence corporate lifespans are shrinking. A 2018 Innosight study showed that, based on recent trends, nearly half of the corporate constituents of the S&P 500 could be expected to be replaced over the next 10 years. While companies in the S&P 500 had an average tenure of 33 years in 1964, tenures had narrowed to 24 years by 2016 and are forecasted to shrink to just 12 years by 2027. This accelerating churn is to be seen also among very young firms—for example, five-year survival rates for newly-listed firms have declined by nearly 30 percentile points (dropping from 92 percent to 63 percent) since the 1960s. In a parallel trend, the median CEO tenure for large-cap companies has been shrinking steadily over time—indeed, it dropped by one full year between 2013 and 2017. Median tenure is now five years.

Structural change and industry consolidation are also impacting the nature of competition, creating a “winnertakes-most” dynamic in an increasing number of business sectors. Recent research based on analysis of 5,750 of the world’s largest companies shows just how unevenly the fruits of success are now distributed in terms of economic profit (a measure of a company’s invested capital times its return above its weighted cost of capital). The top 10 percent of these companies captured fully 80 percent of positive economic profit between 1994 and 2016.

All of these implications are brought into sharper focus by the increasing shareholder scrutiny which companies are now under, not only from activist investors but also increasingly from institutional investors who wield their significant influence to demand change. Stephen Murray, the president and CEO of private equity firm CCMP Capital, goes so far as to say, “The whole activist industry exists because public boards are often seen as inadequately equipped to meet shareholder interests.” So the challenges for boards and management teams are stark—probably more so now than at any time since the birth of the modern corporation a little more than a century ago. They mean that some, though by no means all, of these individuals’ accumulated experience in strategy development and execution may be less relevant in the future than in the past. And they suggest that board leaders in particular need to adopt a new mind-set and consider a different modus operandi attuned to the demands of this rapidly-changing environment.

IMPLICATIONS FOR BOARDS

Three years ago, in its Report of the Blue Ribbon Commission on Building the Strategic-Asset Board, NACD first pointed out that a new leadership mandate for boards was emerging, driven by “an operating environment . . . that is characterized by increased complexity and uncertainty and includes new sources of risk and opportunity.” It highlighted the role of the board leader in driving a continuous improvement ethos to ensure that the board remains fit for its purpose. Yet performance expectations for boards continue to rise. In a 2019 NACD survey, 73 percent of directors reported that board leadership is more challenging now than it was three years ago, and 84 percent reported that performance expectations had gone up for all board members. Directors admit that they find it really challenging to keep up with change. In the same NACD survey, 36 percent of directors cited the struggle to stay abreast of the changing speed of business as one of the key impediments to the effectiveness of board leaders. Commissioners for this report echoed that concern and highlighted it as a challenge for the entire board. “Many directors don’t feel comfortable talking about emerging technologies, cybersecurity, and other complex topics,” said one Commissioner. “As a result, they tend to defer to others, which can become an abdication of their responsibility to be active board members.”

In the view of the Commission, this shifting business paradigm has profound and immediate implications for boards, and these implications will intensify dramatically over the next 5 to 10 years. They cover

  • board engagement with management,
  • board renewal,
  • operations,
  • transparency,
  • and accountability.

Some of these implications are not new—indeed, boards have been grappling with all of them with greater or lesser success for some time. But there is no doubt that all of them have recently become more acute, and now pose an urgent challenge to board leaders.

  1. IMPLICATION 1: Boards must engage more proactively, deeply, and frequently on entirely new and fast-changing drivers of strategy and risk.
  2. IMPLICATION 2: Boards must approach their own renewal through the lens of shifting strategic needs to ensure longterm competitive advantage.
  3. IMPLICATION 3: Boards must adopt a more dynamic operating model and structure.
  4. IMPLICATION 4: Boards must be much more transparent about how they govern.
  5. IMPLICATION 5: Boards must hold themselves more accountable for individual director and collective performance.

NACD 2

SETTING EXPECTATIONS FOR THE NEW BOARD LEADER

The fundamental role of board leadership stays the same: building and maintaining high-performing boards that build long-term value. Here is how NACD has described board leaders and their role in its past Blue Ribbon Commission reports:

Board leaders are the linchpins on many key issues, including the board-CEO relationship, board dynamics and culture, setting the board agenda, information flows between the board and management, and stakeholder relations (especially board-shareholder engagement).

Many NACD principles and positions about what constitutes good board practice are contingent upon having a strong and effective leader in this role. Strong, qualified individuals in this role “[have] the ability to give the board a competitive advantage.”

As seen in the infographic that follows, based on 2019 NACD analysis of S&P 500 chairs and lead directors, board leaders today have extensive tenure on the boards they serve, bringing with them strong institutional memory, and they almost always have past experience in business leadership roles and a proven track record in strategy and execution.

NACD 3

PRIORITY RESPONSIBILITIES FOR BOARD LEADERS OF TODAY
Lead the setting and monitoring of board performance goals that are regularly synchronized with the (shifting) business strategy.

  • Drive alignment and connectivity. This includes staying connected on material new initiatives and strengthening alignment in how committees and the full board engage on crucial, but now fast-changing, issues such as strategy, risk, disruption, talent, corporate culture, incentives, and technology.
  • Lead the setting of shared values and expectations for a well-functioning board, including the use of a fully candid board, committee, and individual-director performance evaluation.
  • Pay continuous attention to (a) what’s working and why, (b) what’s not working and why, and (c) how the board can use this knowledge to improve its effectiveness.
  • Spend considerable time in one-on-one discussions on key topics with other board members, the CEO, and the management team, with a focus on ensuring openness of discussion and constructive group dynamics.

DESIRED ATTRIBUTES FOR BOARD LEADERS OF TODAY
Fortitude and vigilance to ensure that changes in board processes and practices change behaviors over time

  • Adaptability—a willingness to recognize a board’s new needs and responsibilities and adjust board practices, processes, agenda setting, and structures accordingly
  • Superb communication skills, especially with regard to difficult communications, including sensitive messages to the CEO and to fellow directors
  • Aptitude for relationship building, not just with the board, the CEO, and the senior team, but also with key shareholders, stakeholders, and regulators
  • Inclusiveness—ensuring that the growing diversity of the boardroom is optimized, and enhancing collaboration that is inclusive of different, unconventional thinking
  • Humility—placing a high premium on listening and seeking to understand the (contrasting) views of others. The successful board leader presents himself/herself as “last among equals”

STRENGTHENING BOARD ENGAGEMENT

Board leaders will need to orchestrate more meaningful board engagement to help inform strategic choices and to understand the risks being taken in a much more uncertain and fast-changing environment. Earlier, we described the pressures for boards to become more actively engaged with their companies, without falling into the trap of micromanagement or losing the objectivity required to oversee the business. We suggest that this requires collaboration and candid dialogue between boards and management teams about respective roles and responsibilities.

  • Clarifying where the board would like to seek deeper involvement and why this creates better governance. Examples might be earlier and more in-depth understanding/verification of strategy development and underlying assumptions, preparations for responding to disruption, and plans for major corporate transformations.
  • Creating a shared picture of the present, and of the future, and of where the industry and the competition are headed, and of what that means for strategy.
  • Enhancing board focus on innovation and change. Here is another shift made imperative by the speed of business change. Where in the past a board’s typical posture may have been to act as a brake on management’s ambitions, an equally important goal should now be to work with management to ensure that they embrace innovation and can successfully drive change in the organization.
  • Assessing how well management is maintaining critical alignments among key determinants of performance (e.g., strategy, risk management, innovation, controls, incentives, culture, and talent). This becomes increasingly important as strategies are more frequently being recalibrated.
  • Establishing a framework for more frequent, focused management communication with the board between formal meetings. This can help streamline the meetings themselves, freeing up time to focus on the most critical strategic matters.

DRIVING STRATEGIC BOARD RENEWAL

In order to deliver more meaningful and deeper engagement on entirely new issues, the board leader and the chair of the nominating and governance committee should thoroughly assess whether the board has the right human capital to fulfill its mandate and deliver ongoing value. One of the key questions will be whether the board’s existing composition is aligned with the challenges likely to face the business in the future sketched out together with the management team, and if not, how it should best be renewed. One useful way of thinking about this task could be a “clean-sheet” approach to board diversity and composition, which NACD first recommended in its Blue Ribbon Commission report on building the strategic-asset board. In particular, nominating and governance committees should consider asking the following questions:

  • If we were to create a board from scratch today, what would it look like holistically, from the standpoint of skills, leadership styles, and backgrounds? What will we need in three, five, or more years?
  • Have we sufficiently mapped out our strategy and risks into the future to understand what profiles we need?
  • How should our board composition represent the characteristics of the company’s current and future customer base as well as its workforce?
  • If we are anticipating adding one or more new directors in the next couple of years, have we vetted our recruitment profile to ensure criteria are relevant and that they are not unnecessarily restricting access to appropriate candidates (e.g., requiring CEO or prior board experience)?

BUILDING AN INCLUSIVE BOARD CULTURE

Boards already know how to be purposeful in seeking out individuals who bring a variety of backgrounds, perspectives, and skills. Now they need to be just as purposeful in creating an environment that enables those diverse voices to be heard. The board leader has a critical role to play in activating diversity in the boardroom by recognizing that the aim is not “hiring for diversity and then managing for assimilation.” The goal of the board leader after bringing in new board members is not assimilation but rather enhancing collaboration that is inclusive of different, unconventional thinking. With higher levels of diversity in the boardroom—whether this is diversity in experience, skills, gender, race, ethnicity, or age—it’s critical for board leaders to create a culture that facilitates constructive and candid interactions between board members and that ensures that each director is heard from on important issues.

FOSTERING CONTINUOUS LEARNING

“Continuous lifelong learning’’ is such an oft-heard phrase that it’s close to becoming a cliché. But it’s nonetheless a worthwhile approach for boards and management teams to adopt—because when the pace of change is accelerating, “the fastest-growing companies and most resilient workers will be those who learn faster than their competition.”

This, too, will function most effectively as a collaborative effort between the board and the management team. It’s the role of management to help educate the board about the future and its impact on strategy. The board leader should help the C-suite understand the board’s expectations for the learning process, the time line, and the board’s information needs. At the same time, the board leader should set the expectation that directors not rely solely on management for all of the information they receive, but rather seek out other external sources proactively to deepen their understanding of the business. The agenda for potential learning is vast and constantly growing. “Some learning opportunities may be specific to individual directors; others may be common to all members of a committee or to the entire board (e.g., raising the board’s collective knowledge about cyber threats). Individual, committee, or board-level learning agendas might include

  • industry-specific topics;
  • emerging economic and technology trends;
  • governance matters;
  • regulatory developments;
  • shareholder/stakeholder issues;
  • and/or team dynamics and decision making.”

Commissioners offered a number of observations about the pursuit of structured board learning:

  • First, that it is not just a matter for board leaders and committee chairs—it is a collective task for the whole board to stay “constantly curious.” This can be assisted through experiential learning, where the board visits company sites or meets local managers.
  • Second, there is a constant need to focus collective learning on new technologies—not just the features of emerging technologies but also the reasons why they are so disruptive and how competitors have succeeded in commercializing them.
  • Third, longer-serving directors will benefit from periodically refreshing their knowledge of the basics—for example, by joining new director orientation in order to understand how management’s presentation of the issues may have changed.
  • Finally, the learning imperative applies equally to management. To this end, selected executives should be encouraged to take board positions with companies that are not competitors.

BUILDING AGILITY INTO BOARD OPERATIONS AND STRUCTURE

As stated earlier, the dynamic external environment requires boards to be more careful than before about how they allocate their time, but also more flexible in responding to events. The starting point is effective agenda setting for board meetings.

Agendas

The Commissioners offered a number of specific ideas for enhancing board meeting effectiveness:

  1. First, think holistically about the entire cycle of meetings throughout the year and not just about the agenda for individual meetings. The objective is to ensure the highest return on the time that the board spends together and with management—including what happens outside, around, and in between the actual board meetings.
  2. Second, make a deliberate effort to ensure that board meetings are not predominantly focused on the past and on compliance—on the rear-view mirror, so to speak. Create “white space” time for open conversation and time to delve into identified issues of importance. Foster dialogue and minimize time spent on formal presentations.
  3. Third, take a strategic and almost mathematical approach to time allocation. One Commissioner described how the board tracks how it is spending its time in meetings, then asks board members their opinions about how the board should be spending time, and periodically optimizes the mix.
  4. Fourth, try to maximize one-on-one time with the CEO and the board. It is important to spend time with the CEO without other managers present. An hour and sometimes more at the start of every meeting, and then again at the end, coupled with a CEO/director-only dinner, is an effective way “to get everything that needs airing out on the table.”

NACD 4 (2)

 

Click here to access NACD’s entire report

From Risk to Strategy : Embracing the Technology Shift

The role of the risk manager has always been to understand and manage threats to a given business. In theory, this involves a very broad mandate to capture all possible risks, both current and future. In practice, however, some risk managers are assigned to narrower, siloed roles, with tasks that can seem somewhat disconnected from key business objectives.

Amidst a changing risk landscape and increasing availability of technological tools that enable risk managers to do more, there is both a need and an opportunity to move toward that broader risk manager role. This need for change – not only in the risk manager’s role, but also in the broader approach to organizational risk management and technological change – is driven by five factors.

Marsh Ex 1

The rapid pace of change has many C-suite members questioning what will happen to their business models. Research shows that 73 percent of executives predict significant industry disruption in the next three years (up from 26 percent in 2018). In this challenging environment, risk managers have a great opportunity to demonstrate their relevance.

USING NEW TOOLS TO MANAGE RISKS

Emerging technologies present compelling opportunities for the field of risk management. As discussed in our 2017 report, the three levers of data, analytics, and processes allow risk professionals a framework to consider technology initiatives and their potential gains. Emerging tools can support risk managers in delivering a more dynamic, in-depth view of risks in addition to potential cost-savings.

However, this year’s survey shows that across Asia-Pacific, risk managers still feel they are severely lacking knowledge of emerging technologies across the business. Confidence scores were low in all but one category, risk management information systems (RMIS). These scores were only marginally higher for respondents in highly regulated industries (financial services and energy utilities), underscoring the need for further training across all industries.

Marsh Ex 3

When it comes to technology, risk managers should aim for “digital fluency, a level of familiarity that allows them to

  • first determine how technologies can help address different risk areas,
  • and then understand the implications of doing so.

They need not understand the inner workings of various technologies, as their niche should remain aligned with their core expertise: applying risk technical skills, principles, and practices.

CULTIVATING A “DIGITAL-FIRST” MIND-SET

Successful technology adoption does not only present a technical skills challenge. If risk function digitalization is to be effective, risk managers must champion a cultural shift to a “digital-first” mindset across the organization, where all stakeholders develop a habit of thinking about how technology can be used for organizational benefit.

For example, the risk manager of the future will be looking to glean greater insights using increasingly advanced analytics capabilities. To do this, they will need to actively encourage their organization

  • to collect more data,
  • to use their data more effectively,
  • and to conduct more accurate and comprehensive analyses.

Underlying the risk manager’s digitalfirst mind-set will be three supporting mentalities:

1. The first of these is the perception of technology as an opportunity rather than a threat. Some understandable anxiety exists on this topic, since technology vendors often portray technology as a means of eliminating human input and labor. This framing neglects the gains in effectiveness and efficiency that allow risk managers to improve their judgment and decision making, and spend their time on more value-adding activities. In addition, the success of digital risk transformations will depend on the risk professionals who understand the tasks being digitalized; these professionals will need to be brought into the design and implementation process right from the start. After all, as the Japanese saying goes, “it is workers who give wisdom to the machines.” Fortunately, 87 percent of PARIMA surveyed members indicated that automating parts of the risk manager’s job to allow greater efficiency represents an opportunity for the risk function. Furthermore, 63 percent of respondents indicated that this was not merely a small opportunity, but a significant one (Exhibit 6). This positive outlook makes an even stronger statement than findings from an earlier global study in which 72 percent of employees said they see technology as a benefit to their work

2. The second supporting mentality will be a habit of looking for ways in which technology can be used for benefit across the organization, not just within the risk function but also in business processes and client solutions. Concretely, the risk manager can embody this culture by adopting a data-driven approach, whereby they consider:

  • How existing organizational data sources can be better leveraged for risk management
  • How new data sources – both internal and external – can be explored
  • How data accuracy and completeness can be improved

“Risk managers can also benefit from considering outside-the-box use cases, as well as keeping up with the technologies used by competitors,” adds Keith Xia, Chief Risk Officer of OneHealth Healthcare in China.

This is an illustrative rather than comprehensive list, as a data-driven approach – and more broadly, a digital mind-set – is fundamentally about a new way of thinking. If risk managers can grow accustomed to reflecting on technologies’ potential applications, they will be able to pre-emptively spot opportunities, as well as identify and resolve issues such as data gaps.

3. All of this will be complemented by a third mentality: the willingness to accept change, experiment, and learn, such as in testing new data collection and analysis methods. Propelled by cultural transformation and shifting mind-sets, risk managers will need to learn to feel comfortable with – and ultimately be in the driver’s seat for – the trial, error, and adjustment that accompanies digitalization.

MANAGING THE NEW RISKS FROM EMERGING TECHNOLOGIES

The same technological developments and tools that are enabling organizations to transform and advance are also introducing their own set of potential threats.

Our survey shows the PARIMA community is aware of this dynamic, with 96 percent of surveyed members expecting that emerging technologies will introduce some – if not substantial – new risks in the next five years.

The following exhibit gives a further breakdown of views from this 96 percent of respondents, and the perceived sufficiency of their existing frameworks. These risks are evolving in an environment where there are already questions about the relevance and sufficiency of risk identification frameworks. Risk management has become more challenging due to the added complexity from rapid shifts in technology, and individual teams are using risk taxonomies with inconsistent methodologies, which further highlight the challenges that risk managers face in managing their responses to new risk types.

Marsh Ex 9

To assess how new technology in any part of the organization might introduce new risks, consider the following checklist :

HIGH-LEVEL RISK CHECKLIST FOR EMERGING TECHNOLOGY

  1. Does the use of this technology cut across existing risk types (for example, AI risk presents a composite of technology risk, cyber risk, information security risk, and so on depending on the use case and application)? If so, has my organization designated this risk as a new, distinct category of risk with a clear definition and risk appetite?
  2. Is use of this technology aligned to my company’s strategic ambitions and risk appetite ? Are the cost and ease of implementation feasible given my company’s circumstances?
  3. Can this technology’s implications be sufficiently explained and understood within my company (e.g. what systems would rely on it)? Would our use of this technology make sense to a customer?
  4. Is there a clear view of how this technology will be supported and maintained internally, for example, with a digitally fluent workforce and designated second line owner for risks introduced by this technology (e.g. additional cyber risk)?
  5. Has my company considered the business continuity risks associated with this technology malfunctioning?
  6. Am I confident that there are minimal data quality or management risks? Do I have the high quality, large-scale data necessary for advanced analytics? Would customers perceive use of their data as reasonable, and will this data remain private, complete, and safe from cyberattacks?
  7. Am I aware of any potential knock-on effects or reputational risks – for example, through exposure to third (and fourth) parties that may not act in adherence to my values, or through invasive uses of private customer information?
  8. Does my organization understand all implications for accounting, tax, and any other financial reporting obligations?
  9. Are there any additional compliance or regulatory implications of using this technology? Do I need to engage with regulators or seek expert advice?
  10. For financial services companies: Could I explain any algorithms in use to a customer, and would they perceive them to be fair? Am I confident that this technology will not violate sanctions or support crime (for example, fraud, money laundering, terrorism finance)?

SECURING A MORE TECHNOLOGY-CONVERSANT RISK WORKFORCE

As risk managers focus on digitalizing their function, it is important that organizations support this with an equally deliberate approach to their people strategy. This is for two reasons, as Kate Bravery, Global Solutions Leader, Career at Mercer, explains: “First, each technological leap requires an equivalent revolution in talent; and second, talent typically becomes more important following disruption.”

While upskilling the current workforce is a positive step, as addressed before, organizations must also consider a more holistic talent management approach. Risk managers understand this imperative, with survey respondents indicating a strong desire to increase technology expertise in their function within the next five years.

Yet, little progress has been made in adding these skills to the risk function, with a significant gap persisting between aspirations and the reality on the ground. In both 2017 and 2019 surveys, the number of risk managers hoping to recruit technology experts has been at least 4.5 times the number of teams currently possessing those skills.

Marsh Ex 15

EMBEDDING RISK CULTURE THROUGHOUT THE ORGANIZATION

Our survey found that a lack of risk management thinking in other parts of the organization is the biggest barrier the risk function faces in working with other business units. This is a crucial and somewhat alarming finding – but new technologies may be able to help.

Marsh Ex 19

As technology allows for increasingly accurate, relevant, and holistic risk measures, organizations should find it easier to develop risk-based KPIs and incentives that can help employees throughout the business incorporate a risk-aware approach into their daily activities.

From an organizational perspective, a first step would be to describe risk limits and risk tolerance in a language that all stakeholders can relate to, such as potential losses. Organizations can then cascade these firm-wide risk concepts down to operational business units, translating risk language into tangible and relevant incentives that encourages behavior that is consistent with firm values. Research shows that employees in Asia want this linkage, citing a desire to better align their individual goals with business goals.

The question thus becomes how risk processes can be made an easy, intuitive part of employee routines. It is also important to consider KPIs for the risk team itself as a way of encouraging desirable behavior and further embedding a risk-aware culture. Already a majority of surveyed PARIMA members use some form of KPIs in their teams (81 percent), and the fact that reporting performance is the most popular service level measure supports the expectation that PARIMA members actively keep their organization informed.

Marsh Ex 21

At the same time, these survey responses also raise a number of questions. Forty percent of organizations indicate that they measure reporting performance, but far fewer are measuring accuracy (15 percent) or timeliness (16 percent) of risk analytics – which are necessary to achieve improved reporting performance. Moreover, the most-utilized KPIs in this year’s survey tended to be tangible measures around cost, from which it can be difficult to distinguish a mature risk function from a lucky one.

SUPPORTING TRANSFORMATIONAL CHANGE PROGRAMS

Even with a desire from individual risk managers to digitalize and complement organizational intentions, barriers still exist that can leave risk managers using basic tools. In 2017, cost and budgeting concerns were the single, standout barrier to risk function digitalization, chosen by 67 percent of respondents, well clear of second placed human capital concerns at 18 percent. This year’s survey responses were much closer, with a host of ongoing barriers, six of which were cited by more than 40 percent of respondents.

Marsh Ex 22

Implementing the nuts and bolts of digitalization will require a holistic transformation program to address all these barriers. That is not to say that initiatives must necessarily be massive in scale. In fact, well-designed initiatives targeting specific business problems can be a great way to demonstrate success that can then be replicated elsewhere to boost innovation.

Transformational change is inherently difficult, in particular where it spans both technological as well as people dimensions. Many large organizations have generally relied solely on IT teams for their “digital transformation” initiatives. This approach has had limited success, as such teams are usually designed to deliver very specific business functionalities, as opposed to leading change initiatives. If risk managers are to realize the benefits of such transformation, it is incumbent on them to take a more active role in influencing and leading transformation programs.

Click here to access Marsh’s and Parima’s detailed report

How to seize the Open Banking opportunity

What is Open Banking and why does it matter?

The UK has long been recognised as a global leader in banking. The industry plays a critical role domestically, enabling the day-to-day flow of money and management of risk that are essential for individuals and businesses.

It is also the most internationally competitive industry in the UK, providing the greatest trade surplus of any exporting industry. The UK has a mature and sophisticated banking market with leading Banks, FinTechs and Regulators. However, with fundamental technological, demographic, societal and political changes underway, the industry needs to transform itself in order to effectively serve society and remain globally relevant.

The industry faces a number of challenges. These include the fact that banking still suffers from a poor reputation and relatively low levels of trust when compared to other industries. Many of the incumbents are still struggling to modernise their IT platforms and to embrace digital in a way that fundamentally changes the cost base and the way customers are served.

There are also growing service gaps in the industry, with 16m people trapped in the finance advice gap. In the face of these challenges, Open Banking provides an opportunity to

  • open up the banking industry,
  • ignite innovation to tackle some of these issues
  • and radically enhance the public’s interaction and experience with the financial services industry.

A wave of new challenger banks have entered the market with these opportunities at the heart of their propositions. However, increased competition is no longer the only objective of Open Banking.

Open Banking regulation has evolved from the original intent

The UK started introducing an Open Banking Standard in 2016 to make the banking sector work harder for the benefit of consumers. The implementation of the standard was guided by recommendations from the Open Banking Working Group, made up of banks and industry groups and co-chaired by the Open Data Institute and Barclays. It had a focus on how data could be used to “help people to transact, save, borrow, lend and
invest their money”. The standard’s framework sets out how to develop a set of standards, tools, techniques and processes that will stimulate competition and innovation in the country’s financial sector.

While the UK was developing Open Banking, the European Parliament adopted the revised payment services directive (PSD2) to make it easier, faster, and less expensive for customers to pay for goods and services, by promoting innovation (especially by third-party providers). PSD2 acknowledges the rise of payment-related FinTechs and aims to create a level playing field for all payment service providers while ensuring enhanced security and strong customer protection. PSD2 requires all payment account providers across the EU to provide third-party access.

open banking 1

While this does not require an open standard, PSD2 does provide the legal framework within which the Open Banking standard in the UK and future efforts at creating other national Open Banking standards in Europe will have to operate. The common theme within these initiatives is the recognition that individual customers have the right to provide third parties with access to their financial data. This is usually done in the name of

  • increased competition,
  • accelerating technology development of new products and services,
  • reducing fraud
  • and bringing more people into a financially inclusive environment.

Although the initial objectives of the Open Banking standards were to increase competition in banking and increase current account switching, the intent is continuingly evolving with a broader focus on areas including:

  • reduced overdraft fees,
  • improved customer service,
  • greater control of data
  • and increased financial inclusion.

Whilst there is little argument that the UK leads the way in Open Banking, it is by no means doing so alone. Many other countries are looking carefully at the UK experience to understand how a local implementation might benefit from some of the issues experienced during the UK’s preparation and ‘soft launch’ in January 2018. There are many informal networks around the world, which link regulators, FinTechs and banks to facilitate the sharing of information from one market to another. Countries around the world are at various stages of maturity in implementing Open Banking. The UK leads as the only country to have legislated and built a development framework to support the regulations, enabling it to be advanced in bringing new products and services to market as a result. However, a number of other countries are progressing rapidly towards their own development of Open Banking. In a second group sit the EU, Australia and Mexico, which have taken significant steps in legislation and implementation. Canada, Hong Kong, India, Japan, New Zealand, Singapore, and the US are all making progress in preparing their respective markets for Open Banking initiatives.

open banking 2

One danger in any international shift in thinking, such as Open Banking, is that technology overtakes the original intention. The ‘core technology’ here is open APIs and they feature in all the international programmes, even when an explicit ‘Open Banking’ label is not applied. In a post-PSD2 environment, the primary responsibility for security risks will lie with payment service providers. Vulnerability to data security breaches may increase in line with the number of partners interacting via the APIs.

The new EU General Data Protection Regulation (GDPR) requires protecting customer data privacy as well as capturing and evidencing customer consent, with potentially steep penalties for breaches. Payment service providers must therefore ensure that comprehensive security measures are in place to protect the confidentiality and integrity of customers’ security credentials, assets and data.

open banking 3

click here to access pwc’s detailed report

Les besoins verticaux définissent la marche à suivre pour les transformations de produits numériques et les stratégies

Les initiatives de transformation numérique se déroulent différemment selon les secteurs verticaux et les entreprises, en fonction des besoins métiers en jeu. Lorsque les entreprises subissent des transformations numériques, elles se concentrent souvent sur

  • les processus informatiques,
  • les ventes et le marketing

avant le développement des produits. Cependant, ce rapport expliquera aux DSI et aux directeurs de la technologie comment les entreprises de différents secteurs verticaux utilisent l’organisation produits comme catalyseur de leur transformation numérique, et comment cette décision améliore leurs relations avec les clients.

Principales conclusions

Les sociétés de produits physiques se concentrent sur l’IoT

Pour les organisations produits physiques, l’étape évidente vers une entreprise numérique consiste souvent à connecter des produits et des actifs. Il s’agit d’une tâche complexe qui nécessite

  • une infrastructure technologique intégrée,
  • une grande compétence dans la connectivité et l’Internet des objets (IoT),
  • ainsi qu’une logique claire sur la façon dont les produits connectés répondront aux besoins de leurs clients.

Les sociétés de services construisent des plates-formes numériques orientées client

Les entreprises du secteur des services basculeront vers le commerce numérique grâce à des plateformes numériques axées sur la clientèle. Ces projets doivent être

  • faciles à utiliser,
  • évolutifs
  • et intégrés aux partenaires de l’écosystème

afin de créer de la valeur pour les clients.

Diapositive1

Cliquez ici pour accéder à l’analyse détaillée de Forrester

Organizing and Orchestrating Digital Transformation

Organizing for a Digital World

What makes the shift to more robust digital offerings, channels and operations so tricky is the stress it puts on old-line companies’ operating models. Many new activities and capabilities—ranging from advanced analytics and rapid prototyping to cybersecurity and external partnership management—will need to be developed and located somewhere in the organization.

  • Who takes ownership for these activities
  • Who decides investment levels for each
  • And how they will work

are all major operating model questions.

In addressing these choices, companies usually start to realize that their legacy processes don’t move fast enough to keep up with changing customer demands and behavior, which are shaped by digital interactions in other parts of their lives. Decision speed also may be too slow, because it’s tied to budget cycles. Companies may find digital innovations hard to scale up beyond small projects. And certain kinds of digital talent have become very tough to source and hire. As a result, digital transformations are significantly harder to pull off than conventional change programs. Bain & Company recently surveyed 1,000 companies around the world to gauge their level of digital readiness. After comparing financial results for five categories of companies based on their degree of digital sophistication, we found that revenues for the digital leaders grew 14% over the past three years, more than doubling the performance of the digital laggards in their industries. Profitability followed a similar pattern. Yet while the payoff from digital transformation can be impressively high, the success rate is regrettably low. In our survey, just 5% of those companies involved in digital transformation efforts reported that they had achieved or exceeded the expectations they had set for themselves (versus a success rate of 12% for conventional transformations found in an earlier survey). A full 71% of these companies settled for dilution of value and mediocre performance.

Leading companies realize that making the transition to digital 2.0 or 3.0 requires systematically examining and adjusting each element of their operating model— the blueprint for how resources are organized and operated to get critical work done. The operating model encompasses decisions around the shape and size of the business, where to draw the boundaries for each line of business and function, how people work together within and across these boundaries, how the corporate center will add value to the business units, and what norms and behaviors should be encouraged. It entails choices in five areas:

  • Structure involves drawing appropriate boundaries for lines of business and functions, and defining centers of expertise and other coordinating units.
  • Accountabilities describe the roles and responsibilities of the main organizational entities, including ownership for profit and loss statements and a clear, value-adding role for the corporate center.
  • Governance refers to executive forums and management processes that yield high-quality decisions on strategic priorities, as well as budgets and incentives to align behavior.
  • Capabilities refer to how the company combines people, process and technology in a repeatable way to deliver desired outcomes.
  • Ways of working describe the expected cultural norms for how people collaborate, especially across the boundaries between functions or teams.

Executives should consider how each area will change in turn as the organization’s digital intensity rises.

Bain DigOrg

Click here to access BAIN_BRIEF_Organizing_for_a_Digital_World

 

Orchestrating a Successful Digital Transformation

Among the five categories of companies in the research, the most advanced digitally achieved the best balance between the inner and outer games. Those just embarking on digital transformations typically start from a set of isolated initiatives targeting their most acute pain points (the outer game), but they struggle to translate these prototypes into products and capabilities that can have a meaningful impact on the company’s economics. More advanced businesses do a good job of clustering digital initiatives around a common strategic ambition and start to focus on improving select enabling capabilities, particularly IT. But these initiatives also tend to plateau somewhere short of broad organizational impact or end up creating “two-speed” organizations that are responsive in limited respects but still held back by legacy systems.

The true digital leaders pull away from the competition by linking a bold strategic ambition to the specific inner game capabilities and behaviors that they will need to achieve it. First they translate their strategy into a clear set of digital initiatives that point the organization toward a clear vision of full potential. Then they invest heavily in the fundamental changes to their ways of working and culture that allow them to develop those initiatives rapidly and execute them at scale.

Bain DigOrchestration

Click here to access BAIN_BRIEF_Orchestrating_a_Successful_Digital_Transformation

 

Moving from best to better and better – Business practice redesign is an untapped opportunity

Under mounting performance pressure, many corporate leaders are looking to business process reengineering to improve performance, and in many ways that makes sense after all, processes give shape to an organization and are often useful for coordinating routine flows across large organizations. The routine work of a company should be done as efficiently as possible, which increasingly means incorporating automation.

But organizations may be missing a much greater opportunity to improve performance.

Here’s the thing: Much of the work of many organizations today—at least the work that typically offers the potential for differentiation—is no longer routine or even predictable. When conditions and requirements shift constantly, processes fail. While process optimization can still certainly help

  • reduce costs
  • and streamline operations,

leaders should consider a different kind of organizational rethinking for significant performance improvement. And in an environment of accelerating technological advances and rapid and unpredictable change, constant performance improvement is a must. Competition can come from anywhere—doing well relative to the competitors on your radar isn’t enough. Many barriers to competition are falling, and many boundaries, between industries and between markets, are blurring.

  • Consumers have more access to information and alternatives than ever, along with a coincident increase in expectations.
  • Workers have more access to information and alternatives—and increased expectations.

At the same time, many employees, in all kinds of environments, face increasing pressure to reach higher levels of individual performance. The useful life of many skills is in decline, creating a constant pressure to learn fast and reskill.

Many companies have struggled to effectively respond to these pressures since long before the Internet of Things and cognitive technologies added new layers of complexity. The average return on assets for US companies has declined for the past several decades, and companies find themselves displaced from market leadership positions more often than they used to. While the price-performance improvement in the digital infrastructure has increased exponentially, most companies are still capturing only a small fraction of the value that ought to be available through the technologies built on this infrastructure. Existing approaches to performance improvement appear to be falling short.

It begs the question: In a world of digital transformation and constant change, what does performance improvement mean? Many companies suffer from at least one of three broad problems that can misdirect their focus:

  1. Thinking of performance improvement too modestly. Leaders often think of performance advances as discrete, one-time jumps from A to B, or even a series of jumps to C and D. The initiatives that typically generate these bumps are similarly construed as pre-defined, one-time changes rather than as unbounded efforts that have the potential to generate more and more improvement. As we discuss in more detail, not only do most companies need to continually improve their performance— those that don’t start accelerating may fall further and further behind and become increasingly marginalized. Accelerating improvement, then, should be a goal of operations, not just one-off initiatives.
  2. Thinking of performance improvement too narrowly, focused only on costs. Process dominated much of performance improvement efforts for the past several decades, focusing largely on the denominator of the financial ratio of revenues to costs. But costs can be cut only so far, and technology-based process efficiencies can be quickly competed away, especially at a time when the changing environment and shifting customer expectations are making many standardized processes quickly obsolete. Further reductions can become harder to achieve and have less impact. The relevant performance might be more about an organization’s ability to create significant new value. Workers across an organization regularly encounter new needs, new tools for meeting needs, and opportunities to identify new ways of delivering more value and impact in multiple dimensions, including helping other parts of the organization generate more value. The potential for value creation isn’t confined to certain roles or functions, and is bounded primarily by an organization’s ability to create new knowledge and creatively address new problems. Focusing on new value creation may be the key to getting on a trajectory of accelerating performance improvement. Doing so would require an organization to move beyond efficiency and standardization and begin focusing on cultivating the behaviors—such as experimentation and reflection to make sense of what has been learned—associated with new value creation.
  3. Thinking of performance improvement at the wrong level. Most organizations manage performance where they measure it—which is to say where they have data: broadly, for the department and organization, and narrowly, for the individual. Both levels can miss where work, especially value-creating work, increasingly gets done: in groups. As a result, organizations can miss the opportunity to shape how work actually gets done. Focusing on performance where it matters most to the organization’s work might be a key to having a significant impact on the performance that matters.

The imperative to act seems simple: Today’s environment seems to offer no reprieve, no stabilization that gives us a chance to catch our breath and say, “OK, now we’ve got it figured out.” The methods and processes that led organizations to great success in the past seem to no longer be working. For sustained performance improvement, companies may need to change their focus and look in new directions.

Deloitte 1

Deloitte 2

Deloitte 3

Click here to access Deloitte’s detailed study

The Global Risks Report 2018

Last year’s Global Risks Report was published at a time of heightened global uncertainty and strengthening popular discontent with the existing political and economic order. The report called for “fundamental reforms to market capitalism” and a rebuilding of solidarity within and between countries.

One year on, a global economic recovery is under way, offering new opportunities for progress that should not be squandered: the urgency of facing up to systemic challenges has, if anything, intensified amid proliferating indications of uncertainty, instability and fragility. Humanity has become remarkably adept at understanding how to mitigate conventional risks that can be relatively easily isolated and managed with standard riskmanagement approaches. But we are much less competent when it comes to dealing with complex risks in the interconnected systems that underpin our world, such as organizations, economies, societies and the environment. There are signs of strain in many of these systems: our accelerating pace of change is testing the absorptive capacities of institutions, communities and individuals. When risk cascades through a complex system, the danger is not of incremental damage but of “runaway collapse” or an abrupt transition to a new, suboptimal status quo.

In our annual Global Risks Perception Survey, environmental risks have grown in prominence in recent years. This trend has continued this year, with all five risks in the environmental category being ranked higher than average for both likelihood and impact over a 10-year horizon. This follows a year characterized by high-impact hurricanes, extreme temperatures and the first rise in CO2 emissions for four years. We have been pushing our planet to the brink and the damage is becoming increasingly clear. Biodiversity is being lost at mass-extinction rates, agricultural systems are under strain and pollution of the air and sea has become an increasingly pressing threat to human health. A trend towards nation-state unilateralism may make it more difficult to sustain the long-term, multilateral responses that are required to counter global warming and the degradation of the global environment.

Cybersecurity risks are also growing, both in their prevalence and in their disruptive potential. Attacks against businesses have almost doubled in five years, and incidents that would once have been considered extraordinary are becoming more and more commonplace. The financial impact of cybersecurity breaches is rising, and some of the largest costs in 2017 related to ransomware attacks, which accounted for 64% of all malicious emails. Notable examples included the WannaCry attack—which affected 300,000 computers across 150 countries—and NotPetya, which caused quarterly losses of US$300 million for a number of affected businesses. Another growing trend is the use of cyberattacks to target critical infrastructure and strategic industrial sectors, raising fears that, in a worst-case scenario, attackers could trigger a breakdown in the systems that keep societies functioning.

Headline economic indicators suggest the world is finally getting back on track after the global crisis that erupted 10 years ago, but this upbeat picture masks continuing underlying concerns. The global economy faces a mix of long-standing vulnerabilities and newer threats that have emerged or evolved in the years since the crisis. The familiar risks include potentially unsustainable asset prices, with the world now eight years into a bull run; elevated indebtedness, particularly in China; and continuing strains in the global financial system. Among the newer challenges are limited policy firepower in the event of a new crisis; disruptions caused by intensifying patterns of automation and digitalization; and a build-up of mercantilist and protectionist pressures against a backdrop of rising nationalist and populist politics.

The world has moved into a new and unsettling geopolitical phase. Multilateral rules-based approaches have been fraying. Re-establishing the state as the primary locus of power and legitimacy has become an increasingly attractive strategy for many countries, but one that leaves many smaller states squeezed as the geopolitical sands shift. There is currently no sign that norms and institutions exist towards which the world’s major powers might converge. This creates new risks and uncertainties: rising military tensions, economic and commercial disruptions, and destabilizing feedback loops between changing global conditions and countries’ domestic political conditions. International relations now play out in increasingly diverse ways. Beyond conventional military buildups, these include new cyber sources of hard and soft power, reconfigured trade and investment links, proxy conflicts, changing alliance dynamics, and potential flashpoints related to the global commons. Assessing and mitigating risks across all these theatres of potential conflict will require careful horizon scanning and crisis anticipation by both state and nonstate actors.

This year’s Global Risks Report introduces three new series:

  1. Future Shocks,
  2. Hindsight,
  3. Risk Reassessment.

Our aim is to broaden the report’s analytical reach: each of these elements provides a new lens through which to view the increasingly complex world of global risks.

Future Shocks is a warning against complacency and a reminder that risks can crystallize with disorientating speed. In a world of complex and interconnected systems, feedback loops, threshold effects and cascading disruptions can lead to sudden and dramatic breakdowns. We present 10 such potential breakdowns—from democratic collapses to spiralling cyber conflicts—not as predictions, but as food for thought: what are the shocks that could fundamentally upend your world?

In Hindsight we look back at risks we have analysed in previous editions of the Global Risks Report, tracing the evolution of the risks themselves and the global responses to them. Revisiting our past reports in this way allows us to gauge risk-mitigation efforts and highlight lingering risks that might warrant increased attention. This year we focus on antimicrobial resistance, youth unemployment, and “digital wildfires”, which is how we referred in 2013 to phenomena that bear a close resemblance to what is now known as “fake news”.

In Risk Reassessment, selected risk experts share their insights about the implications for decisionmakers in businesses, governments and civil society of developments in our understanding of risk. In this year’s report, Roland Kupers writes about fostering resilience in complex systems, while Michele Wucker calls for organizations to pay more attention to cognitive bias in their risk management processes.

GRR2018 1

GRR2018 2

Click here to access WEF – Marsh’s detailed Global Risk Report 2018