One of the leading general insurance companies in India, ICICI Lombard General Insurance, has commissioned an all India research entitled ‘Readiness of India Inc. with respect to Risk Management’.
The research elucidates Enterprise Risk Management (ERM) as a mechanism which combines culture, capabilities and practices with strategy setting and its execution to manage risks in order to create, persevere and realize value.
The research was conducted through online interviews with 130 C-suite risk officers, to identify the risk practices adopted by Indian organizations.
While the key risk areas perceived by India Inc. include regulatory compliance (53%) and operational concerns (50%); 27% of the respondents believe geopolitical uncertainty to be a risk factor. Whereas, 23% claim uncertain economic growth can lead to increasing risks. Interestingly, only 23% respondents perceived information insecurity as a key risk while 11% believe technological disruption was a risk area. This could be because of the limited risk exposures that companies would have experienced directly.
The report states that 88% organizations claimed that supporting strategic business decisions has been one of the key drivers for ERM implementation. The respondents have cited that 76% believe an efficient ERM framework to boost investor confidence. The report talks about the multiple levels of maturity in achieving a strategy-driven ERM programme.
The study highlights a combination of control & compliance with strategic business decisions will result in an efficient risk management system. The report states that 73% of organisations have been equipped with risk governance framework for more than three years, whereas 20% have incorporated a risk governance mechanism in the last three years and only 7% have introduced the same in the last year.
Under this framework, the survey revealed that 94% organizations have adopted well defined roles for managing risks, 91% possess designed and documented risk governance structure and 81% have appointed board level sub-committee for managing risks. This shows that organizations have had to rethink their risk analysis strategies and imbibe a renewed approach to risk management in their organisational structure in light of the surge of emerging disruptions caused by artificial intelligence, augmented reality biometrics, Internet of things (IoT) and predictive analytics.
The research discusses that even with well defined Key Risk Indicators (KRI), business linkage needs to be established. 72% organizations have well defined KRIs. 41% respondents have claimed to have KRIs linked, prioritized and fully integrated business.
Risk appetite is one of the parameters for driving a successful ERM module defined as the amount and type of risk that an organization is willing to take in order to meet their strategic objectives. 81% organizations have shown greater maturity in adopting risk appetite statement as part of the risk strategy management, with 53% firms equipped with a well defined and board approved risk strategy.
Bhargav Dasgupta, MD & CEO, ICICI Lombard General Insurance stated, “We believe that risk management is a crucial organizational responsibility. With the emerging global uncertainties coupled with technological disruption, it is need of the hour for organizations to equip themselves with a well-defined enterprise risk management framework. Risk management is not limited to identifying the risk elements or risk indicators, but aligning them strategically with business decisions to maximize the security of the firm.”
Other key highlights of the report:
- 81% have appointed board level subcommittee for risk management
- 3 out of 4 organizations have risk governance mechanism in place for more than three years
- 29% deploy advanced analytical tools for impact assessment
- 36% do not perform risk culture diagnostics
- 35% continue to use spreadsheets for risk management
- 11% do not use technological platforms for risk management
- 81% believe that ERM helps protect corporate reputation.
- 35% organizations still rely on archaic platforms for risk management