Emerging Trends in Risk Management: Accountability
Accountability in risk management centers around the ownership of risk. Managing and mitigating risks in organizations has traditionally been the responsibility of one function. With increasingly complex delivery networks and holistic approaches to the concept of risk, a slice of risk management is now on everyone’s plate.
Five key trends have emerged in the constantly evolving landscape of risk management and compliance: Agility, Resilience, Integrity, Accountability, and Engagement. In a recent Inclus webinar, Michael Rasmussen briefly introduced each one. So far in this article series we have discussed Agility, Resilience, and Integrity.
Accountability is the fourth emerging trend in risk management: Who owns the risks that an organization – and indeed its entire supply network – carries? The global focus on accountability is intensifying, driven by regulatory changes and real-world examples of its importance.
What does ‘accountability’ mean?
Accountability is not to be confused with responsibility. As Michael Rasmussen points out in his webinar presentation, responsibilities can be delegated or assigned to others.
In contrast, accountability is a deeply personal commitment. When it comes to risk management, it means owning the outcomes, whether positive or negative, and taking responsibility for them.
“Responsibilities can be assigned to others. Accountability is a personal commitment. In the context of risk management, accountability is about owning the outcomes.”
Rasmussen’s insights remind us that accountability should permeate all levels of an organization. It’s not confined to senior executives alone. Every employee should understand their role in risk management and be willing to take ownership of the risks associated with their specific tasks.
Regulatory changes driving the increasing focus on accountability
Accountability becomes meaningful when there are clear consequences for non-compliance with established risk management protocols.
The below regulatory initiatives illustrate the global recognition of the pivotal role that accountability plays in effective risk management.
United Kingdom: The SMCR (Senior Managers and Certification Regime)
Ireland: The SEAR (Senior Executive Accountability Regime)
Hong Kong: ‘Managers in Charge’ regulations
Australia: The Financial Executive Accountability Regime (affectionately known as FEAR)
United States: The U.S Department of Justice’s push for greater accountability in compliance
New York State and California: Increased focus on executive accountability for risk and compliance
Uber’s case: Uber’s former Chief Information Security Officer held liable for a security breach cover-up
While compliance or non-compliance with regulations is an important topic and rather black-and-white, accountability is not fundamentally about assigning blame or pointing fingers.
Rather, it is about fostering a culture where individuals and teams are incentivized to proactively manage and mitigate risks.
Tips for leveraging accountability for joint improvement
Embracing accountability can lead to continuous improvement. When individuals take ownership of risks, they are motivated to identify areas where processes can be enhanced and vulnerabilities mitigated, contributing to the organization’s overall resilience.
“Invite cross-functional discussions to consider risks from multiple perspectives.”
How do we get employees to take ownership of risks related to their work? A number of things matter, of which inclusive communication and collaboration rise to the top:
Promote transparent communication and information sharing within the organization. Ensure that employees have access to risk-related information to understand risks associated with their tasks and responsibilities.
Encourage employees from different departments or teams to collaborate. Facilitate cross-functional discussions to consider risks from multiple perspectives and leverage diverse expertise in risk mitigation.
Document risk assessments, mitigation plans, and action items. Maintain risk registers and ensure that everyone is aware of risk identification and mitigation strategies. This documentation helps in tracking progress and holding individuals accountable for their respective tasks.
Assign specific risk mitigation tasks to individuals or teams and make the assignments visible to relevant parties. Clearly define responsibilities, establish accountability, and track progress.
Provide updates and notifications to employees regarding changes in risk profiles or emerging risks. Timely communication ensures that the responsibility for risk mitigation is not overlooked.
Provide training and education related to risk management. Share educational materials, conduct training sessions, and encourage discussions around risk awareness.
By implementing these strategies effectively, organizations can foster a culture where accountability for risk mitigation is shared among employees, regardless of the specific tools or software used to support these efforts.
This article series is based on our recent webinar where Michael Rasmussen, ‘the father of GRC’ (Governance, Risk and Compliance) discusses trends in risk management together with Inclus’ CEO Mikaeli Langinvainio. Along with introducing the five major current trends in risk management, Agility, Resilience, Integrity, Accountability, and Engagement, Michael and Mikaeli discuss how organizations can leverage risk management as a discipline and process for sustainable success in today’s dynamic operational landscape.
Michael Rasmussen
GRC Analyst & Pundit at GRC 20/20 Research, LLC
With over 30 years of experience, Michael Rasmussen is an internationally recognized authority in governance, risk management, and compliance (GRC). As a sought-after keynote speaker, author, and advisor, he has helped countless organizations enhance their GRC processes and stay ahead of the curve.
Mikaeli Langinvainio
CEO and Co-founder at Inclus
With an impressive track record spanning 20+ years in risk management and peace mediation across complex global contexts, Mikaeli Langinvainio brings a unique perspective to the table. He offers practical insights on adapting to the changing risk landscape and technological innovation in risk management.