Today’s Enterprise Risk Management (ERM) functions have come a long way since the internationalisation and institutionalisation of ERM practices.
However, important areas for improvement remain, particularly around providing insight in non-traditional risk areas, including the strategic risks impacting an organization’s ability to execute its strategy as well as compliance with ISO 31000 and ISO 31004. By necessity, Risk Management functions should be independent and objective to achieve its goal of making your business more efficient. To this end, some companies, weighing the costs and benefits, outsource the function completely, including the role of the Chief Risk Officer.
The Case for Outsourcing
Outsourcing the ERM function can potentially save companies from 20% to as much as 40% in costs.
For the typical medium-sized enterprise there are clear benefits to outsourcing. Much of the cost savings come from leveraging scale and offshore capabilities. Outsourcing also provides a variable-cost structure, which means companies can align the costs of the department with their business needs.
Employing someone with the experience and qualifications to perform an effective ERM role is expensive. If you do employ a specialist, you create a reliance on them. When they leave, your organization suffers a disruption to business while you try to replace that expertise.
Conversely, specialist consultancy firms will work to a common, agreed-upon process. They also have the resources to leverage competencies and skill sets from across different functions that in-house ERM functions may not have. An outsourced service provider typically reports to the Board Risk Management (or Board Audit and Risk Management) committee directly, ensuring a level of independence and objectivity.
Overall, organizations will find it easier to buy in the services of an expert than it is to recruit and employ an expert. With an outsourced ERM function, you can focus your attention on your core business activities – the activities that make you money.
The Friday Concepts Team
Our team of consultants comprise experienced Risk Management practitioners, including Chief Risk Officers, members of Audit Committees and Chairmen of Board Risk Committees. Outsourcing to our experienced team places you in a safe pair of hands and provides you and your Board significant comfort that you are being guided by qualified and experienced practitioners as opposed to internal auditors or consultants who have never held Risk Management positions or responsibilities in non-consulting organizations.