The first training lesson I received on the topic of corporate failure when I joined Arthur Andersen as an external auditor over two decades ago, which included two primary reasons why companies failed: fraud and cash flow. Some years later, Arthur Andersen ceased to exist. There have been numerous after-the-fact articles analysing the failure of the once prominent global accountancy firm as it went down in history. Perhaps the fate of the company might become different if they practiced what they preached and taken Enterprise Risk Management (ERM) seriously.
In today’s global, interconnected environment, a holistic ERM needs to be practiced. Comprehensive use of ERM will optimize the risks organizations are exposed to enabling them to attain the sustainable future growth and the profitability they desire. When facing numerous uncertainties including but not limited to: fraud, compliance, data security and the loss of reputation, organizations need to act quickly to avoid leaving themselves exposed to costly and brand-damaging breaches. Establishing an effective ERM framework will build the confidence of the stakeholders while bolstering the future of the organization.
In other words, ERM is essential
Being a senior member for one of Hong Kong’s statutory bodies, my key responsible functions include ERM and Internal Audit. My interests in ERM date back over a decade ago when I worked at the Risk Advisory and Group Audit Department in the global headquarters of Roche Group in Basel, Switzerland. The world-class risk knowledge and training I received at Roche Group initiated an interest to begin implementing ERM. The experiences there prepared me as I took up the position as the Head of Risk Management to establish a formal ERM framework at the largest Real Estate Investment Trust (REIT) in Asia (the Link REIT, a blue-chip company listed on the Hong Kong Exchange).
At the Link REIT in particular, some of my roles included collaborating with the board of directors on the set-up of a formal risk governance structure, establishment of the ERM policies and procedures, developing key risk indicators, and revamping of their risk management section of the annual reports. What I enjoyed most in this position at REIT was to support the board of directors and the management as they began to change their risk culture while they grew their risk-awareness and initiated applying ERM in various aspects of operations, including their strategic decision-making process.
The journey to IRM certification has come at a significant time, the gateway to best global risk management practices is now open. Gaining substantial practical ERM experiences in my career along with becoming accredited by the IRM as a certified member via the Senior Executive Route has been a fulfilling journey. Not only will my past relevant experiences become endorsed, but in an era of uncertainty, I can participate in a global professional network which protecting the future and changing history for generations to come.
Three tips for those desiring to pursue certification:
– Persistence (keep an attitude of determination and diligence)
– Curiosity (stay vigilant to examine risks and opportunities)
– Boldness (be willing to stand firm and step forward).
Finally, as a passionate advocate of ERM, I look forward contributing to the success of the IRM, including IRM’s development in China. Looking ahead, I am enthusiastic to join the efforts in advancing the profession through building a bright tomorrow for those yet to come.
By Francis Lee, CMIRM, CIA, CPA, FCCA, MBA (Warwick), EMIL General Manager, Internal Audit Urban Renewal Authority, Hong Kong
Find out more about Certified Status.