How Do You See Risk? – Risk Management Is All About Your Perception

 
 

riskattitude

Have you noticed that it is almost impossible to get everyone to agree about how (or even whether) to practice risk management at your company? Both organizations and people have risk attitudes that lead them to different conclusions about the best way to manage risk.

Within each company, research shows that there are likely to be four different, and often incompatible, risk attitudes.

Perspectives on Risk

The four basic risk perspectives were first identified through research in the 1980s. Clear patterns emerged in the data, and they have proven quite resilient over time. Within businesses, most people tend to identify with one of four perspectives.

1. Maximizers

This perspective does not consider risk to be as important as profits. Businesses managed according to the Maximizer perspective will accept large risks, so long as they are well compensated. Managers who hold this perspective believe that risk reverts to the mean—gains will always follow losses—and the best companies will have larger gains and smaller losses over time.

2. Conservators

According to this perspective, increasing profit is not as important as avoiding loss. Holders of this view often feel that the world is filled with many, many dangerous risks that they must be very careful to avoid.

3. Managers

Carefully balancing risks and rewards is the heart of this perspective. Firms that hold this view employ experts to help them find the risks that offer the best rewards, while at the same time managing these risks to keep the firm safe. They believe that they can balance the concerns of the first two groups, plotting a very careful course between them.

4. Pragmatists

This perspective is not based on a specific theory of risk. Pragmatists do not believe that the future is very predictable, so they avoid commitments and keep their options open to the greatest extent possible. They do not think that strategic planning is especially valuable, but rather seek freedom to react to changing conditions.

Each of these four different perspectives prefers a different strategy for dealing with risk. Firms led by Maximizers for example, seek out risk, believing that no risk is inherently unacceptable. Every risk presents an opportunity; the trick is to negotiate appropriate compensation for the downside potential.

Conservator-led organizations shun risk of all sorts, while Manager-led firms carefully manage and calibrate both the amount and type of risk. For their part, those led by Pragmatists seek diversification but otherwise have no overarching strategy. They operate tactically, reacting to each new development.

Risk Management Strategies

People aren’t the only things that fall into categories. Careful examination of risk management practices in a large number of firms reveals that there are also four different strategies that fall under the general heading of risk management.

1. Loss Controlling

This is the most traditional form of risk management. It seeks to identify and mitigate the firm’s most significant risks. This includes activities such as safety programs that seek solely to reduce losses. One characteristic of these processes is that they often seek to get everyone involved. This type of risk strategy is favored by Conservator-led firms. It is particularly appropriate for managing risks that are acute and severe.

2. Risk Accepting

Many financial firms favor an approach to risk that focuses mainly on getting the price of risk correct. For banks, this can lead to complicated models of risk and reward. A Risk Accepting strategy is most often applied on a transaction-by-transaction or project-by-project basis. Non-financial companies will choose projects that will be highly profitable if they succeed. This type of risk strategy is favored by Maximizer-led firms. It works well for risks that are relatively benign.

3. Risk Steering

Under this approach, the major strategic decisions of the firm go through a rigorous planning process coupled with intense analysis. Risk decisions are based upon careful cost/benefit and risk/reward analyses. Perhaps this is why many think that risk steering is real enterprise risk management (ERM). Risk Steering ERM is highly favored by academics and consultants; Manager-led firms find it appealing, but companies that hold any of the other three risk attitudes do not. This strategy is particularly appropriate for a highly complex portfolio of risks.

4. Diversifying

Spreading exposures among various classes of risks and avoiding large concentrations of exposure is another traditional form of risk management. Formal Diversifying programs will have targets to spread risk with maximums and minimums for various classes of risks. The newer ERM discipline adds the idea of interdependencies across classes, providing better quantification of the benefits of risk spreading. Pragmatists tend to favor Diversifying because it maximizes their tactical flexibility, but they avoid reliance on any particular risk mitigation process and often mistrust quantitative measurement of risk. Firms whose risks are highly uncertain often choose this strategy.

Changing Risk Environments

The existence of the four different risk perspectives can be explained. All four are correct, but not all at the same time.

That is because over time, the risk environment changes. Most people think of things as either “normal” or else “broken.” But few agree about what normal is. An observer viewing the world through the lens of the Conservator might say that extreme hazard and danger are the normal state of affairs, while a Maximizer, finding this view timid and overly pessimistic, might argue that profitability is normal and hazardous conditions prevail only when the market is broken.

Expanding our view beyond the binary outlooks of normal/broken allows for the possibility that both the Conservator view and the Maximizer view can make sense. Consider a model of the risk environment with four risk regimes: Boom Times (risk is low, profits are rising), Recession (risk is high, profits are falling), Uncertain (risk is unpredictable, profits might rise or fall) and Moderate (risk and profit both fall within a predictable range).

Such a model seems to be a reasonable description of the phases of business and economic cycles. As the cycle moves through these four different states, external conditions match the world view of each of the four different risk perspectives. Each perspective has been right part of the time—and will be correct again at some point in the future. But none of the risk perspectives is perfectly adapted to external conditions all of the time.

Purists with the Manager point of view may object that their view takes into account the full range of the cycle. But economic cycles are not simple, sine curves; the period and amplitude are irregular and unexpected. “Black swan” events do occur, and there are always “unknown unknowns.” Model risk can never be eliminated, and restricting risk strategy to a Manager-only view obscures this important fact.

A Risk Steering ERM program works especially well in a Moderate environment when risks are fairly predictable. But in Boom Times, firms following this path will unduly restrict their business—not as much as Conservator firms, but certainly more than Maximizer firms. More aggressive competitors will be much more successful. In a Recession environment, a Risk Steering ERM program again advocates a middle path; but this may mean that the firm sustains too much damage to fully take advantage of the market when it turns. And when times are Uncertain, Risk Steering firms will be frustrated by frequent surprises and a world that does not quite fit the model. Competitors not tied to a particular view of risk will fare better.

Aligning Strategy with Environment Why do corporations adhere to a particular risk perspective? Often, the firm was formed when the environment aligned with its perspective. Alternatively, the company may have suffered traumatic damage during a period of dissonance between an old perspective and the risk environment, and then made a shift—perhaps under the direction of new leadership. Another possibility: The firm may have been wildly successful at some point and now stubbornly clings to the strategy that worked for it in the past.

Corporate culture tends to be self-perpetuating. Individuals are drawn to employers with a perspective that makes sense to them, and those in a position to make hiring decisions typically prefer to hire staff whose views mesh with their own.

Yet there are always companies that follow strategies that are poorly aligned with the environment. Some of these firms muddle along with indifferent results and survive until their preferred operating environment returns. Others sustain enough damage that they do not survive. Some change their risk perspective and risk strategy to take advantage of the new environment. Meanwhile, new competitors may enter the market with risk perspectives and strategies that are suited for the current environment.

Since many of the poorly aligned firms shrink, die out or change perspective—and since new firms tend to be well-aligned with the current risk regime—the market as a whole adjusts to greater alignment with the risk environment via a process similar to natural selection.

Ultimately, in an open market for goods and services, the firms best able to adapt to the market’s changing demands will enjoy the greatest success. No firm can be all things to all customers all of the time; but a firm that too severely limits its offerings—focusing on too narrow a market segment—may wind up making itself irrelevant. Philosophies of risk management face much the same situation.

To gain traction across the full spectrum of human risk perspectives, the firm’s risk management approach must include aspects that fit all four perspectives: Maximizer, Conservator, Manager and Pragmatist. To remain relevant and flourish in all risk environments, a company’s strategy must evolve and adapt, drawing different aspects from the entire palette of strategies to suit the changing environment.

 

More articles by »

About the Author

Alice Underwood is executive vice president and the head of analytics for Willis Re North America.

Dave Ingram

More articles by »

About the Author

Dave Ingram is executive vice president at Willis Re, where he specializes in enterprise risk management.

 
 

5 Comments

  • Nice article. Thanks for sharing your perspectives. To me, risk management is about culture and culture is about employees, processes and customers. Eliminating waste using lean methodologies, for instance, tied to strong employee support and truly understanding customers needs (no, not to buy insurance and not to not need to use it) to become better as a business – is perhaps the strongest form of risk management there is. I outlined my thinking on this topic in a white paper that can be downloaded for free at http://www.threebellcurves.com.

    Thanks again for sharing!

     
  • Addressing the aspect of people risk is the only way an organisation can improve the way their people respond to a situation of risk and the effectiveness of their risk management function. No organisation can ever have a perfect risk management culture, but organisations can achieve a level of maturity where they have an effective risk culture process and every employee is risk-minded and does something on a daily basis to mitigate, control and optimize risk.

    For current thought leadership on Risk Culture Building, see my blog: http://blogs.zawya.com/Risk%20Culture%20Builder/

     
  • An adequate estimation and relatively correct assumption can only be made if the notions of risk and reward are completely band from affecting valuations. It is a backward looking mindset, limiting concious judgement, simply because people compare how much can they "afford" in terms of "risk" taking and compare it to the results that would be satisfactorily relative to their exposure.
    Clear cut prospective recalls and relays at large on the distribution of probabilities. This technique often deviates from the grain of wishful thinking any project leader is contaminated with (due to excitement ,..etc.) and therefore is dismissed.
    "The only risk I see, is being ignorant to my own imperfections." And so I build strategy around the highest concentration of probabilities, allowing me to make most with least. Using that same dense environment to leverage "certainty" as an outcome.

     
  • to me, risk management is all about weighing the potential gain from the loss. It's a little like gambling, but of course you want to put in your money when you have good odds. =)

     
  • Risk Culture Bldr

    Business (and other) leaders must fundamentally change the way they think about risk management; you cannot suddenly “bolt on” an effective risk culture. Do not make the same mistake you made when you saw risk management as an implementation project and spent a fortune on systems and processes to get a risk report that is as useful as driving a car without looking through the windshield. You can have the best dashboard and rear-view mirror (last month’s risk report), but if you make business decisions based on those you do not get very far. – See more at: http://insurancethoughtleadership.com/thinking-di

     
 

Leave a reply

required

required

optional