Learning to Embrace Risk

Increasing firm value through the positive framing of risk and continuous risk-taking

You can also listen to an audio version of this article.

To thrive in the long-run, boards and executives must learn to embrace risk – to think and talk about risk in better ways, see it through new and better lenses, and take risk more confidently. Organizations that make this transition will find an untapped competitive advantage.

In the wake of COVID-19’s health, economic, and political fallout, it might seem odd to be talking about risk in a positive light. But, understanding how a negative framing of risk in our boardrooms and c-suite discussions leave us short is an essential piece of understanding, especially now. And, there are things you can be doing today as a fiduciary to address this drag on your performance.

A Mental Exercise

Imagine walking down a hallway and coming upon a stranger who invites you to enter a dark room. He offers to pay you a significant amount of money to enter, touch the wall on the other side, and come back out. Your immediate response says something about your attitude toward risk. If you accepted it without much thought, we might describe you as someone who is risk-loving or even carefree. If you paused for even a moment, though, or thought that despite the massive potential payout, you need more information before making a decision, we’d describe you as someone who is, to some degree, risk-averse. In that case, you’d be like most people.

Now, suppose a shrill scream came from that room just as you considered taking up this offer. Risk-loving or not, you’d likely hesitate to enter because of deeply ingrained survival instincts. Fear, your most likely immediate response to a scream, puts almost all rational thinking processes on hold so that you can direct your energy towards a quick fight or flight response. Rational thinking is slow, and if we are facing a real threat, we don’t want to be slowed down by anything, lest we not survive.

But rational and strategic thinking is precisely what we need in the board room and on the executive committee. We need to take the well-documented, and unhelpful, biases that emerge when we are afraid of loss or especially when we frame risk negatively and shift that natural fear response to a better place.[1] Fear confronts us when something threatening appears that we did not expect, or feel might not be under our control.[2]

Risk, Unhelpfully Framed as Loss

When we think about risk as the potential for loss, the resulting fear biases our decision-making and causes our organization to miss out on some of the upsides of taking risk. If we don’t learn to embrace risk, we may, paradoxically, create more downside risk for our organization because it dampens our focus on innovation. Dark rooms can be places where the reward for entering might be immense. Even when the reward is just sufficient enough to pass our cost of capital, that entering adds value to our diverse portfolio of risk-taking activities. So, we need confidence to know when to enter.

Board members, business leaders, and entrepreneurs garner invitations to enter “dark rooms” nearly every day. Whether we are considering the launch of start-ups, new product initiatives, new hires, expansion into foreign markets, decisions about investment, or new suppliers to our process, we must take risk to create value and advance beyond the status quo. In fact, not taking risk is probably the single surest way to be doomed to failure in the long term, as innovation, competition, and customer lethargy slowly eat away at any advantage we enjoy today.

To earnestly fulfill our fiduciary role, we must learn or re-learn to embrace risk confidently, especially amidst unprecedented stress.

Four Critical Aspects of our Risk-Taking and Risk Governance Structures

Our risk governance processes can shine more light into the darkroom to give us a better sense of what dangers might lurk there and how we might minimize their impact. The result may be that the light will convince us to search for better rooms. Or, on the positive side of risk-taking, that the prospective reward is a smart one to pursue. In either case, we’ll do better as a company to have access to that light.

This illumination comes to us through four critical channels of our risk-taking and risk-governance. Our first focus is at the board level – the place where we establish the culture of the organization, identify our strategic goals, and the boundaries within which management can pursue those goals.

Boards must develop and validate that the framework within which management and other employees pursue the organization’s strategic objectives uses a risk lens with a positive focus. We do this with the guidance of others having such experience. In 2018, the Directors and Chief Risk Officers group (“the DCRO”), a collaborative of board members and other c-level executives from over 120 countries, crafted guiding principles to help boards get better at the governance of risk-taking.

Specifically, these guiding principles help with the establishment or advancement of board Risk Committees – a critical committee charged with forward-looking, anticipatory directives, Compensation Committees – those governing the incentives and compensation that drive behaviors that are either consistent or inconsistent with board-established “morals,” and overall Cyber Risk Governance – bringing to the board level a better understanding of how to protect the organization’s digital “Crown Jewels.” Boards can use these guiding principles as specific checkpoints, in annual review cycles, as benchmarks for informational awareness and information gathering to help them first to assess current processes and next to move to better ones. They have been written for one specific purpose - to make boards better at the governance of their firm’s risk-taking.

Second, our risk-takers in management and on the frontline need sound risk infrastructure and a supportive culture established by the board. An enterprise risk management program will help create this environment by turning risk into something we consider alongside market share, capital investments, and other more traditional inputs to make smarter business decisions.[3] For example, we can easily measure the cost of raising capital from the public markets.

An enterprise risk function can provide the same market internally, allowing business units to compete for scarce risk-taking capacity based upon its cost. Done thoughtfully, we can transition risk from an abstract concept more driven by loss avoidance into a manageable line-item cost that varies based on the demands specific risk-taking activities place on our organization. It’s no small undertaking to hire the proper talent, like a Chief Risk Officer, or to implement the appropriate technologies and communication lines to build an enterprise risk system. But that cost is quickly recovered through the firm’s better and more efficient use of the capital for which it pays.

Third, our organizations need to become more nimble and able to respond and adapt to unexpected events, situations, or competitive opportunities. As we have seen with the COVID-19 pandemic, sometimes, we do need to react quickly when events charge at us. We can develop this ongoing agility through empowerment and a distributive and networked risk governance model. We empower employees at the points where risk is originated to respond to changing customer needs or to intercept problems that are emerging in rapid and effective ways.

We create corporate-wide rapid response teams with the authority to make quick and impactful decisions that interrupt even more significant emerging problems before they reach their full negative potential. This approach will enable the board to resist the negative biases – like fear of large losses – that often get in the way of making smart strategic choices. And, as a corollary benefit, the distribution of authority brings greater knowledge-sharing, ownership, and intelligence to our risk-takers.

In 2019, E&Y surveyed board members around the world about their resiliency plans. At that time, only 21% said they had faith their plans would be effective - and that was before any evidence of an emerging pandemic was present.[4] Yet, in May 2020, a survey of firms with demonstrated commitment to sound risk governance structures showed that more than 70% were satisfied with how their resiliency plans had worked in response to the pandemic.[5] That difference in reality at risk-savvy organizations versus expectations of a broad group is reflective of the value of preparation and a commitment to sound risk governance.

Finally, and very importantly, it’s critical to welcome those who are part of our organization’s social network into our governance processes (see Figure 1). We can do this in the form of formal stakeholder boards, or more informally through consistent communication with key capital providers. Aside from our competitors, no one in our corporate social network wants us to fail. They all have some dependency upon us and we on them, particularly as providers of human, physical, intellectual, or financial capital. They benefit when we succeed, and we should acknowledge and welcome their valuable contributions as a matter of structure in our risk-taking and risk governance.

No alt text provided for this image

Figure 1: An Organization’s Social Network – The forces of influence on firm value.

We Don’t Take Risk Well (Enough)

But why is any change necessary? Because there is plenty of evidence that organizations don’t take risk well – or at least well enough for long-run interests.

Beginning in the late 1960s, Bart Madden and his colleagues at Callard, Madden, & Associates, began looking to see if they could identify publicly traded companies that were moving toward failure. They didn’t look at credit risk or signs of an imminent collapse, but rather slow decay and a possible march towards the point where organizations were beginning to destroy value – returning less on their investments than the cost of capital required for those investments. These signs, they thought, would identify companies that were not taking risk well and were likely poor investments for portfolio managers.

Madden and his colleagues found a disturbing pattern among companies. Nearly all follow growth patterns that show rapid acceleration, leveling off, followed by decline, and ultimately by value destruction, which would lead to their death. They referred to this pattern as corporate “fade,” and it has become an essential metric for evaluating investment risk. Madden’s research has thrived over the years, and he reports it is now applied to more than 20,000 companies worldwide, licensed to the clients of Credit Suisse HOLT. The bottom line is that fade reflects a lack of innovation and smart risk-taking. It’s evidence that boards and executives need to do something different.

Interestingly, another curious researcher asked a similar question, but in more recent years and from a vastly different perspective. Geoffrey West, a distinguished professor at the Santa Fe Institute, is well-known for his study of how cities function and how complex adaptive systems evolve. His book, Scale, became a best-seller as it examined highly fascinating and consistent relationships between metrics of cities and living creatures. Cities are resilient enough to survive nuclear bombs and live for millennia. At the same time, mammals are only temporarily resilient, typically experiencing rapid growth in their youth, a leveling off, and then a slow descent toward death.[6]

West wondered if companies - a collection of mammals in the form of a corporation - would have the characteristics he observed of cities or those he witnessed of individual mammals? Sure enough, he found that corporations tend to have the growth patterns of mammals: rapid growth, followed by leveling off, and subsequent decay and death – just like Madden’s corporate fade discovery. West is a physicist, Madden, a financial professional. These two very distinct mindsets found the same problem. But they each have also identified a solution that provides critical insight as we consider how to embrace and take risk confidently in our organizations.

Fostering Innovation through Learning and Networked and Distributive Risk Governance

West notes that one of the reasons that cities can thrive and survive incredible stress is that they have many complex and changing self-governed networks – like neighborhoods, condo associations, businesses, and community organizations – which leads to lots of interaction. The number and mix of participants is also changing as needs and opportunities change. West found that these interactions lead to faster and faster innovation and greater resiliency. This condition is quite the opposite of what happens within the boundary of a company, where people are typically in rigid hierarchical management structures and where formal approval processes are implemented to control complexity.

Madden, in his new book, Value Creation Principles, has developed what he calls The Pragmatic Theory of the Firm, through which he describes the importance of a knowledge-building loop that helps companies realize the kind of innovation and growth that West says is essential. That loop includes a flow of ideas and information through our worldview — perceptions of us both internally and externally, the actions our organization takes, the risks it takes, and feedback from multiple sources. All of this then intersects with what we already know, and with our expressed — and, hopefully, adaptable — purpose for existing.

Networked and distributive governance, which I’ve implemented in my past leadership roles and for which I advocate in my writing, is a model that addresses both of these concepts and allows organizations to become more like cities in terms of innovation and resiliency.[7] 

Using concepts from the Carver governance model - where the board sets objectives along with the rules for pursuing them, networked models of governance like those advocated by Shann Turnbull - where we give power to key members of our corporate social network, and Commons governance concepts from Nobel-prize winner Elinor Ostrom - where we recognize corporate Commons like brand and risk-taking capacity we can structure our risk-taking to grant freedom and create a portfolio of risk-taking that ultimately creates a positive skew to our future value.[8],[9],[10] Boards and senior executives who embrace risk in this framework foster an environment of innovation, allowing organizations to grow at rates like cities – escaping the mammalian life cycle of fade noted by both Madden and West.

The Full Embrace of Risk-Taking

When a board changes its view of how risk is to be governed and taken, the transition to embracing risk ultimately carries through the organization to every employee, especially those that face our customers. Today when most talk about risk, they still think of the fear of loss or uncertainty, especially given our current health, social, economic, and political climate. Loss and uncertainty are partially correct conceptualizations of risk, but both fall substantially short of what we need to be our best fiduciaries and takers of risk.

As I mentioned earlier, fear causes us to put the rational and strategic parts of our brain on hold. Fear and uncertainty also cause us to establish hurdles for reward that may be irrationally high, causing us to pass up dark rooms that could be brilliant ones to enter.[11]

This staged transition from the board’s embrace of risk-taking to the c-suite’s implementation of that guidance to the frontline employees management of essential risk-taking, leads us to the most crucial conceptual change of risk: risk-taking is about its impact on the trust that all capital providers and external influencers have in us. Our firms have an expressed purpose. Those in our organization’s social network trust us to pursue that purpose in value-enhancing ways, for both our organization and for them.

That trust, in turn, is a lubricant that makes all transactions easier and less expensive. Trust lowers our cost of all forms of capital from our social network and makes all external members of our network more willing to assume exposure to us as customers, employees, investors, lenders, regulators, and more. Trust enhances our bottom line through both increased revenues and reduced costs. Trust also improves risk perceptions held by external parties, and that dramatically increases our corporate value – trust enhances our brand and intangible value, something that now accounts for more than 80% of publicly traded company value.[12]

The positive impact on the long-term value that comes from this trust enhancement is the most important aspect of good risk governance, by far.

Conclusion and Enlightening Further Reading

Our goal in risk-taking is to increase trust because that increases our value and makes us more likely to realize our strategic objectives.

Establishing these best practices is like buying or building a highly effective method of illumination – a light to shine into the dark rooms we encounter nearly every day. With the right lighting, you’ll get away from the place where fear of seeing nothing prevents you from building a portfolio of innovative and diverse products. With high levels of trust and an infrastructure built to innovate continually and to respond well to the unexpected, your company can escape Madden’s fade, and West’s mammalian life cycle. You can fulfill your fiduciary role and be amazed at the product of your work.

As a next step, you should read Madden’s work and remedy laid out in his book, Value Creation Principles. You should then read James’ Lam’s book Implementing Enterprise Risk Management to ensure you have the managerial infrastructure in place to understand and take risk well. You should read Michele Wucker’s book The Gray Rhino to help you understand why you might not be responding well to obvious threats charging at you.

You should read Leo Tilman and General Charles Jacoby’s book Agility to establish this nimble forward-looking, winning mindset. And, when you can, find the time to read Eric Beinhocker’s lengthy tome, The Origin of Wealth, to gain a better understanding of how complex adaptive systems like your organization work to create value. These authors have influenced both Governance Reimagined and The Board Member’s Guide to Risk – the two books I’ve written.

Putting these ideas and concepts into action will make the rooms you approach seem not quite as dark as before. And your confidence level in choosing to enter or deciding to walk towards the next room instead will be significantly enhanced. You will learn to embrace risk in a smart and value-creating way. That step forward will give you a competitive advantage and a more remarkable ability to fulfill your corporate purpose, whatever that may be.

 


 

David R. Koenig is the author of both Governance Reimagined: Organizational Design, Risk, and Value Creation (2012, 2018) and The Board Member’s Guide to Risk (May 2020). He spent the first half of his career building firmwide and portfolio-specific risk management programs for multiple companies.

As the founder of The Directors and Chief Risk Officers group (the DCRO) – a global collaborative of c-suite and board members focused on risk governance and one of the founders of The Professional Risk Managers International Association, his work over the past twenty years has focused on establishing and implementing global best practices for risk governance at the board level and the general practices of risk management.

He serves on the Editorial Board of the Journal of Risk Management in Financial Institutions and on the Executive Advisory Board of the Center for Advancing Corporate Performance. David’s concept, “Risk Capital as Commons - Distributive and Networked Governance,” was one of the winners of the inaugural M-Prize for management innovation, and he is a recipient of The Higher Standard Award, the top industry recognition given by the Professional Risk Managers International Association. You can read more about David on his website.

 


[1] See the work of Amos Tversky and Daniel Kahneman on Prospect Theory for more detail on how the framing of a question impacts the choices people make.

[2] See Slovic, Paul and Weber, Elke, Perception of Risk Posed by Extreme Events, prepared for discussion at “Risk Management Strategies in an uncertain World,” April 12-13, 2002 for a discussion of the impact of dread and a lack of knowledge on human reactions to risk.

[3] For an excellent overview of how to implement an Enterprise Risk Management program, please read James Lam’s Implementing Enterprise Risk Management, Wiley Finance, March 27, 2017 and visit the online Enterprise Risk Management Initiative Library of North Carolina State University.

[4] EY, Four Ways to Advance Risk Oversight, April 2020, p. 16

[5] DCRO Crisis Sentiment Index, April 2020

[6] See Geoffrey West’s TED Talk from July of 2011 entitled The Surprising Math of Cities and Corporations for a helpful overview of his findings.

[7] See Koenig, David R., Governance Reimagined: Organizational Design, Risk, and Value Creation, Chapter 14, Networked and Distributive Governance and Chapter 15, Economic Governance, of for more details on this governance model.

[8] For a detailed look at the Carver Governance Model, see Carver, John and Miriam, Corporate Boards that Create Value, Jossey-Bass, 2002 and Boards that Make a Difference, Wiley, 2006

[9] For more information on Shann Turnbull’s Networked Governance concepts, see Mitigating the exposure of corporate boards to risk and unethical conflicts, in Kolb, Robert, and Schwarz, Donald, Corporate Boards: Managers of Risk, Sources of Risk, Wiley Blackwell, 2010 and A New Way to Govern, Organizations and Institutions Network 14th Annual Meeting on Socio-Economics, University of Minnesota, June 2002.

[10] For a summary of Ostrom’s work, see the Scientific Background on the Sveriges Riksbank Prize in Economic Sciences in Memory of Alfred Nobel 2009, Economic Governance, complied by the Economic Sciences Prize Committee of the Royal Swedish Academy of Sciences.

[11] See Kahnemann, D. & Tversky, A. (1979). Prospect theory: An analysis of decision under risk, Econometrica, 47:2, 263-291.

[12] See Ocean Tomo, Intangible Asset Market Value Study, March 26, 2019