Agile Risk Management (ARM): Continuous & Dynamic Decision Support

Traditional Risk Management has failed

“You only find out who is swimming naked when the tide goes out …”(Warren Buffet).

The planetary impact of COVID-19 is the proverbial risk management tide.

The threat of pandemics has been known for the past decade. However, the deep interconnections and interdependencies underpinning global social and economic systems have not been recognised. This failure in risk management has resulted in catastrophic global human, political, economic, psychological and social impacts.

“Thinking the unthinkable and the unpalatable must become the mantra if organisations are to thrive in a world growing in uncertainty” — SoluxR.

SoluxR provides continuous and dynamic decision support intelligence for those organisations who will thrive in our rapidly changing world.

Eliminating the chasm between risk management & front-line decision-makers

Traditional Risk Management

Traditional methods of managing risk have not been fit for purpose for some time. Witness the Dot-Com crash, global financial crisis, SARS, Fukushima and now COVID-19 which exposes those deep interconnections and interdependencies in global systems which heretofore have been neither formally identified nor adequately assessed in many organisations today.

Highly subjective and mostly qualitative methods of formally identifying and then analysing risks have been presented as probabilistically sound when in fact many are inherently unsound. Input data from statistically small representative samples of front-line managers is often ineffectively assessed by risk professionals far removed from operations. This has resulted in poor reporting which is often not exposed until risk registers are examined following major events.

Traditional risk management is only consistently appropriate for a small percentile of known risks where likelihoods and impacts can be credibly estimated; for example, risks which are insurable using traditional methods as well as engineering, infrastructure, project and other risks which can be mastered through effective planning. However, it is woefully inadequate for the tsunami of 21st-century new risk types particularly those occurring without much prior notice. Such is the volume of new risk types that organisations now need to differentiate between understood risks, and those which are emerging.

Emerging risks are not well understood and bring with them particularly high levels of uncertainty. They are difficult to identify because they are concealed within a myriad of complex customer, supplier, or societal interconnections and interdependencies for example those already manifesting from:

• Biohazards including SARS, MERS and now COVID-19,

• Weather and the environment in a way which now affects water and food security and overall planetary health,

• Advanced and AI-enabled technology disruption risks for example:

O customer preferences and ways of doing things, for example, paying for goods and services, banking and consuming information,

O hotels/Airbnb, taxis/Uber, aerial photography and home deliveries/drones, transportation/autonomous vehicles/3D printing,

O trust erosion of news from fake news, personal data and company secrets from cyber-attacks,

O Jobs, medical and healthcare research through machine learning,

The common thread above is ‘speed of disruption’ emanating from each principal threat *source1. The catastrophe ahead for many organisations is the perfect storm forming from the compounding effects of multiple disruptions occurring at the same time. This is particularly worrying given the already shortening lifespan of S&P 500 organisations over the past decade.

High levels of uncertainty demand increased vigilance from all decision-makers from the board room to the distant front lines. All-round vigilance, however, requires that everyone is aligned around the big and basic core concepts of purpose and decision making such that everyone understands:

• why their organisation exists/what it is there to achieve, and

• the values and principals needed to drive the quality of day-to-day thinking and decision making.

In this way, all decision-makers become the collective eyes and ears of an organisation as it carefully navigates unfamiliar territory getting from point A to point B. This is what 21st-century risk management looks like. It is forward-looking and reflective and determines who will survive and thrive and who will not.

*Source 1- Excluding other threat sources, for example, geo-political, economic etc. as reported in the World Economic Forum Global Risk Reports since 2007

Clearly therefore it can be said that ‘purpose’ and ‘decision making’ are the double-strands of 21st-century risk management DNA required not just to survive, but to thrive, in our uncertain world.

21st Century Risk Management DNA

Purpose is determined by stakeholders. Founders, shareholders, boards and their management teams determine core purpose given the needs of customers, society and employees as well as the partners, suppliers and most significantly those statutes and regulations which organisations need to observe. Thereafter corporate objectives, business and operating models required to deliver corporate purpose are selected as appropriate.

Purpose to risk management is what true north is to navigation. Why? A risk is simply a thing which can stop you or slow you down on your journey to a given objective. For a given business objective some risks are worth taking, and some are not. The process of deciding what to do is called managing risk and this is what business managers do every day. On the journey from point A to point B you just need to know when to speed up, when to slow down, or when you should stop and plan another route altogether. This equates to setting risk appetite and monitoring adherence to risk tolerances as you advance.

Clearly, when decision-makers know why their organisation exists/what it is there to achieve, they are better equipped to do the right thing (making a decision) in the right way (process) as the organisation moves forward.

Decision Making in an environment where the speed of disruption across multiple fronts is on the increase demands of organisations that they similarly need a comparable speed in decision making. However, whereas 20th-century decision making could tolerate levels of bureaucracy when all significant decisions were made centrally, slow bureaucracy in the 21st century is not an option.

Furthermore, 21st-century levels of uncertainty mean that there is zero chance that decision-makers can reasonably expect to consistently plan perfectly and predict the future accurately. For this reason, organisations need to be prepared to fail fast and learn quickly such that scarce resources can be preserved and redirected to where lessons learned, and continuous improvements increase the chances of success as soon as possible.

The choice for strategic leaderships is wicked. Should they assume that:

• They will always make the right decisions and so just need to speed up centrally made decision making? or

• Assume that decision-makers closest to the complex array of opportunities, issues and challenges on the ground should be given more authority, thus pivoting senior leaderships to setting direction, controls and accountabilities, coaching, mentoring and creating positive risk cultures?

What should organisations do?

Whereas DNA testing is commonly used today for health and wellness planning and disease prevention its corporate equivalent can be used to assess and ensure corporate wellbeing vis a vis leadership attitudes and approaches to:

1. Understanding uncertainty which these days now means thinking the unthinkable*Source2, and the unpalatable,

2. Anticipating what’s around the corner,

3. Constantly preparing for shocks and surprises such that they can not only respond and recover, but bounce forward ahead of less adaptive competitors as well,

4. Adapting, re-imagining and transforming such that core purpose, value creation and preservation are sustained over the longer term.

• Source2- https://www.amazon.com/Thinking-Unthinkable-imperative-leadership-digital-ebook/dp/B07F3TRB1R

Other than strategic leaderships’ which have had direct experience of abnormal and adverse corporate crises, most think of risk management as a devolved function which contributes little to strategic value*Source3 creation.

COVID-19 is likely to change attitudes and approaches to risk management with initial empirical evidence of business cases for a new paradigm including the need to:

• gather and act on new consistently reliable information in real-time,

• make faster better/safer decisions,

• be able to anticipate better,

• better understand possible scenarios and events which can have an effect on future cash-flows,

• find better ways of estimating future liability exposures,

• build contingencies and strengthen organisational ability to endure hardships, future shocks and surprises,

Organisations clearly need to be more agile than resilient. Put simply resilient football teams don’t win championships as preparing and responding to opposing team tactics is a defensive play. It is akin to asking players to run onto the pitch with a given number of set-pieces in mind. Alternatively, anticipating opposing team tactics, being agile and bouncing forward ahead of less responsive players is what wins games. Agile players run onto the pitch with a game plan in their minds, thinking of winning with set pieces and rules of the game so embedded in their state of being that it is instinctive.

However, the differences between being agile and resilient are mostly strategic in nature. Resilience postures can evolve to agile where scope is broadened by management. Agile Risk Management (ARM) builds on existing risk management capabilities *Source4 but with some fundamental PACT mind-sets and approaches as follows:

• Purpose: ARM explicitly connects with core business needs, for example:

O ‘anticipate supply chain issues and opportunities, and increase visibility across tiers’,

O ‘anticipate market changes and search for options to explore, test, fail, learn, improve, advance’

O ‘understand and better anticipate emerging cyber threats and risks to better inform underwriting policies’

O ‘In advance of Libor transition understand Libor impacts across stakeholders, contracts, products and trades, business processes, and transition programme ecosystems’

O ‘Understand AI and Machine Learning issues and opportunities and in particular any gaps between business lines, development, production and continuous improvement’

• Align: Purpose, values and value models must be aligned. Proactive risk cultures require that business leaders create decision-making environments wherein front line decision-makers always do the right things (values), in the right way (process). Leadership quests for information from front line decision-makers should be evidenced by effective risk reporting which is not endangered by HIPPOs (highest paid personal opinions), particularly when such front line information fails to conform and challenges the status quo,
• Source3- https://erm.ncsu.edu/library/article/2020-the-state-of-risk-oversight-an-overview-of-erm-practices
• *Source4- internationally proven and accepted guidelines, methodologies, tools, techniques

• Communications is critical. If ARM information is not shared in a structured and transparent way there is no ARM,

• Transparency operational decision-makers to collaborate across organisational and geographic boundaries and functions such that information gets from the people who have it, to the people who need it, in near real-time.

It is essential that ARM participation aligns both professional and personal futures. Connecting with front line decision-makers, and third parties on core business needs in a way which effectively addresses individual ‘what’s in it for me (WIIFM)’ questions requires thoughtful ongoing PACT planning and performance reviews.

ARM is not a technology challenge. It is extremely easy to implement, is eminently manageable and very scalable. However, it does require the right PACT mindset if it is to deliver desired results.

How can SoluxR help?

SoluxR increases certainty and reduces complexity in fast-moving decision making situations. Using a blend of AI-enabled technologies, risk and strategy techniques and global expertise, we generate data-driven, evidence-based actionable information needed by decision-makers across complex global organisations.

ARM helps:

• Gather and analyse vital internal and external risk intelligence

• Achieve deep understanding of an organisations true enterprise risk profile

• Expose the consequences of major hazards throughout the organisation and its ecosystem

• Identify and solve critical and complex risk interrelationships and their consequences

• Create comprehensive and workable strategies.

In the midst of massive COVID-19 uncertainty, we provide global reports and analysis daily, across a range of macro policy, economic, regulatory, legal, trade and other developments. We sweep up real-time critical information not generally covered by business news sources and provide insight to management to better inform thinking, planning and decision making.

Our automated approach enables management to develop their own local impact and risk scenarios which are aggregated and reviewed by respective management teams. AI-enabled analysis reveals insights, decision options, alternative scenarios and ways forward. Picking up real-time changes in local conditions (through continuous communications with local management teams) we enable alternative strategies and plans to be developed more rapidly. Additional decision supports provided in the form of an automated incident and crisis management application contains hundreds of checklists which can be added to as required.

Our enterprise risk architecture accommodates comprehensive and rigorous analysis including:

• Robust scenario analysis and modelling impacts, risks and mitigations

• Early foresight and insight of issues and opportunities before they develop

• Significantly lower cost, faster and better analysis and planning

• A single comprehensive view of what’s actually going on across organisations and wider ecosystem

• Ability to understand, anticipate, respond, recover and quickly adapt as further cyclical pandemics occur

• Rapidly assess the impact and effectiveness of urgent remediations

• Detect systemic issues across the organisation.

SoluxR addresses multiple risk, strategy and action planning requirements across the entirety of the business and its ecosystem (customers, markets, suppliers, competitors, regulators ….). Planning is undertaken across a variety of modules (stakeholders, business functions, programme office, contracts, products/trades/services …) with data being gathered through easy to use, scalable online assessments. Natural language processing, AI and text mining power the production of results which are generated in the form of highly visual decision options and scenarios which can be used dynamically to facilitate agile decision making across geographies and functions.

Return on investment is delivered across three critical dimensions:

1. Ability to maintain effective and efficient battle readiness for emerging opportunities, challenges and scenarios,

2. Sustainability of corporate purpose by aligning and shifting organisational decision making from top-down hierarchical to front line distributed leveraging fast, data-driven, scenario-based pathways to long-term viability,

3. Increased buy-in of people up and down the decision chain of command with continuous feedback, testing, failing and learning during execution.

Features and Benefits

1. Faster and better

a. Understanding of emerging risks

b. Scenario analysis:

i. to support continuous and dynamic decision making

ii. of crisis events and interconnected risks

c. Highly visual actionable information

d. Preparation

e. Response and recovery

f. Organisational testing, failing and learning

2. Less cost and more rigor

a. Increased likelihood of minimising strategic missteps

b. Rapid, real-time support for front line decision making

c. Comprehensive strategy and decision framework powered by advanced technology and AI-enabled architecture

d. Significant productivity savings compared to traditional programs

e. Whereas COVID-19 has rendered traditional planning through meetings, international travel and workshops impossible, this essential work can now be done more effectively and easily by people using SoluxR working remotely from their homes.

3. Reliability

a. Internationally proven and accepted strategy and management tools and techniques,

b. Top 5 Gartner/Forrester rated advanced and AI-enabled technologies,

c. Automated risk, resilience and recovery methodologies,

d. Explainable algorithms which help generate actionable strategies and plans.

About us

SoluxR is the World’s first company to augment and automate strategic risk management using Natural Language Processing, Text mining and AI. Using our proprietary IP, the SoluxR’s Decision Support System enables boards and leadership teams to make better strategic business decisions with real-time inputs and continuous feedback during execution. Founded by a global leader in risk management and organisational governance, SoluxR is leading the way in the use of AI-enabled technologies in the delivery of strategic risk decision systems.