Chairman, Securities and Exchange Commission of Pakistan (SECP) Aamir Khan Tuesday advised the corporate sector that adequate risk management controls would protect the companies against market, liquidity, operational, and reputational risks.
He was delivering a keynote address at First National Risk Management Conference held here on Tuesday. The conference was organised by Mari Petroleum Company Limited. President of Pakistan, Dr Arif Alvi was the chief guest.
The risk management controls also safeguard against non-market related losses such as misappropriation and fraud, he added. Aamir said that risk-taking is integral to the growth and development of any organization, whether in the private or public sectors. It lies at the heart of progress, and companies that do not take a measured approach to risk-taking on an ongoing basis, invariably fail to grow.
He stated that risk taking is an essential ingredient of success, but a compromise on risk management protocols, can turn an opportunity into a loss situation. No amount of urgency should detract from following the risk management protocols.
The SECP chairman pointed out that international fame companies ,i.e, Kodak, Nokia and Xerox were once industry leaders, but their inability to take risks and try new ideas ended their supremacy, rather unceremoniously. Taking calculated risk differentiates leaders from laggards. Risk-taking is by no means a blind leap into darkness, but a careful calculation of the potential outcomes and putting "what-if" strategies in place, Khan advises companies, Aamir stated.
While talking about innovation, Aamir mentioned that technology-driven companies like Tesla, Uber, Google, and Amazon re-writing history of corporate success. In all these companies, Risk-taking was at the cornerstone of their business strategy, he added and said that these companies refused to follow conventional strategies, and put into play 'out-of-box' thinking.
While private sector history is replete with success stories arising out of risk-taking, Aamir pointed that in the domain of public sector companies that we see limited-to-no appetite.
This is primarily due to their peculiar work culture, where people prefer to follow the laid down procedures, while getting support for a new idea is always an uphill task. A well designed risk management process should evaluate, control and monitor all risks to which an organization may be exposed.
In this regard, he mentioned SECP administered Public Sector Companies (Corporate Governance) Rules, 2013 that require Board of Directors to determine the level of risk tolerance by establishing risk management policies, as well as Risk Management Committees.
He said that the existence of an Enterprise Risk Management (ERM) framework sends strong signals to the market, and helps improve investor confidence in the company's management. International investors in particular, assess how companies have taken appropriate measures to improve their risk management governance systems.
In the digital age, he said, organizations face emerging risks that have traditionally not received a lot of focus. The use of online data requires risk managers to pay close attention to the ever-changing business models. With the advent of technologies like Artificial Intelligence, Machine Learning and Internet of Things (IoT), machines are able to share and analyze data without human intervention. Such digital footprint, undoubtedly provides a competitive edge, but at the same time raises concerns with respect to data security.
To counter risks related to digitalization, it is paramount to create broad-organizational awareness and to implement risk-based architecture for the employees, vendors, customers as well as other stakeholders. Accordingly, organizations should remain vigilant with regards to the use and impact of technological developments, SECP chairman added.