Risk Management Strategies In Tesco, Royal Bank Of Scotland, Birmingham City Council And Department Of Culture
Definitions of risks vary across the economic sector, similarly to risk management strategies. Despite the differences, the process of risk management is quite similar to risk identification, analysis, and the development of precautionary measures to limit the impacts associated with these risks forming the skeletal system of nearly all strategies developed. Hopkin (2018) defines risk management as the process of identifying, assessing and controlling threats to an institution’s resource in the form of capital and earnings. These threats occur in varied ways, spanning legal liabilities, accidents, natural disasters, financial uncertainty, and strategic management errors.
To get an avid understanding of the different risk management strategies adopted by organizations in the private and public sector of the UK economy, a detailed analysis of four institutions is crucial, and these institutions are inclusive of Tesco, Royal Bank of Scotland, Department of Culture, Media and Sport (DCMS) and Birmingham City Council.
Internal influences play an influential role in the risk management strategies employed by Tesco Company, and these are inclusive of the CEO, Tesco’s cooperate culture, and the organizational structure. In the institution, risk management and performance management are integrated, and customers served by the company form the core of the risk operative strategies adopted by the company. The perception held is that with performance targets. Then risks would be easily managed as employees would identify the threats to them achieving their objectives and develop strategies influential to solving these threats (Woods, 2012). With such an approach, it becomes evident that improving employees’ risk awareness is paramount.
Royal Bank of Scotland (RBS)
In terms of operations, the Royal Bank of Scotland is diversified, and external influences play a massive role in the risk management strategies adopted. These external influences are banking regulation and governance regulation. The model adopted by RBS is a three-line defense model where there is the business line, operational risk and group internal audit. These lines of the model play different roles. For example, the business that forms the first line of defense is accountable for ownership and daily management of operational risks. Also, the line implements processes and is the sole responsible for testing essential controls and monitor compliance (Woods, 2012). Operational risk line of defense is responsible for oversight, challenges the adequacy of risk management strategies adopted by the organization, and implements the frameworks, tools and methodologies for operational risk management. Group internal audit is the last line of defense. It plays an influential role in providing independent assurance on the design, adequacy and effectiveness of the internal control systems adopted by the organization.
A closer analysis of the three-lines of defense model adopted by RBS shows that the model is similar to the silo-based risk management structure adopted by most banks. The silo-risk management structure divides risks into specific silos and manages each silo independently (Woods, 2012). For example, the management of operational risks is independent of credit risk management.
Department of Culture, Media and Sport (DCMS)
DCMS risk management framework is detailed but easily understandable. The structure is composed of five distinctive processes and these are development of institutional objectives, identification of risks, assessment of the identified risks, development of strategies deemed effective in managing the identified risks and continuous review of the mitigation measures adopted and reporting. The assessment process utilized by DCMS confers risks in a 3 x 3 Matrix, depending on the probability and impact of the individual risk (Woods, 2012). Probability ranges from high, medium and low likelihood, similarly the effects. Staff members are continuously involved in the risk management process.
Birmingham City Council (BCC)
Three distinct factors influence BCC’s influence on having a risk management strategy, and these are codes of governance, external audits, and comprehensive performance assessments. Risk management at BCC is considered an integral part of corporate governance and the senior management and council staff and members play form the core structure of the risk management system (Woods, 2012). The methodology of risk management at BCC is designed into five distinct parts, and these are
- Risk/opportunity and identification
- Risk/opportunity and analysis
- Risk/opportunity prioritization
- Management of risks/opportunities
- Monitoring progress
The risk analysis procedure adopted by BCC is of matrix form with probability and impact taking precedence. The impact and likelihood for this matrix are classified into four distinct zones, and these are high, significant, medium and low zones.
From the case studies, it is clear that operations an organization indulges in mostly influence the types of risks faced. Consequently, the governance model adopted by an institution affects the risk management framework adopted. Still, similarities exist in the core elements of risk management utilized by DCMS, RBS and BCC, and this is presented in appendix I.
Tesco also adopts the same core elements in its risk management process, and it would be accurate to state that regardless of the institution’s affiliation, either in the private or public sector, the risk management frameworks would always stem from a standard pillar. From the case studies, it is also clear that risk management is no longer solely dependent on financial disciplines of organizations but always a success when linked to the operational performance of an institution.
Since 2012, several changes have been experienced at Tesco Company, and these changes influence the management of risks at the organization. For example, there has been a merger with Booker in 2018, and in the same year, several strategic drivers for organizational development reviewed. The strategic drivers for Tesco Company include differentiated brand, lowering the operational cost of the organization, increasing revenue, innovation, sustainable profitability and maximizing value from the properties owned by the organization (Ismail, 2017).
The changes mentioned in the initial paragraph have influenced changes in the manner in which risks are managed in the institution and a call for the development of a risk and compliance committee that oversees risk management activities throughout the organization. Currently, operational units within Tesco Company have to assess their risks individually and develop mitigations measures that are effective in the market niche they operate in, but consistent with the risks applied across the institution (Ittner and Keusch, 2017). Substantially, the risk management strategy adopts the bottom-up approach, which is defined by three primary steps. The first step is the identification of the process; the second step is the identification of the risks associated with the initial process and lastly, is evaluation and prioritization of risks. The Bottom-up approach aims to analyze operational risks and develop controls for these risks depending on the method (Ittner and Keusch, 2017). In appendix II, is provided the principal risks for Tesco Company; therefore, resources for the institution are prioritized towards the management of these risks before other associated risks are considered.
Currently, four distinct units within the institution foresee the management of risks faced by the institution, and these units span the board, audit committee, Group Chief Executive and Executive Committee, and lastly, the Group Compliance Committee. The board is responsible for overall risk management in the organization and directly performs risk assessment and appetite activities. The audit committee acts on behalf of the board and oversees the risk framework and other control procedures. The Group Chief Executive’s primary responsibility is to enhance accountability and individual members of the committee responsible for the management o9f identified risks have to report to the group chief executive. Lastly is the Group Compliance Committee that is answerable to the audit committee, and their primary role is to oversee the critical regulatory and compliance measures designed by the executive board.
In terms of brand and finances, the performance of Tesco Company has always shown a promising trend with increases in sales volumes and the revenue earned by Tesco. In Appendix III, a reflection of the performance of Tesco Company in two years since the changes mentioned. An increase in the total equity of an organization, similar to the net assets is an indication of an increase in the revenues of an institution invested in other areas (Wood, Wrigley and Coe, 2017). Similarly, the appendix depicts a revenue trend over the years for Tesco Company, and specifically from 2015 to 2019. In the financial year 2015 to 2016, revenue for Tesco dropped but from 2016, there has been a steady increase in the income of the organization. In Tesco Company, customers are influential, the operations of the organization prioritize customers’ experience with the products, and the services offered. Risk management strategies developed always have to prioritize customers, and an increase in the revenue of the institution is an indication of increased sales and efficiency of the risk management strategy adopted by the organization.
- Hopkin, P., 2018. Fundamentals of risk management: understanding, evaluating and implementing effective risk management. Kogan Page Publishers.
- Ismail, I.N., 2017. The Roles of Corporate Governance and its Influances on Risk and Performance: Tesco Plc.
- Ittner, C.D. and Keusch, T., 2017. The influence of risk management value creation objectives. The Routledge Companion to Accounting and Risk.
- Wood, S., Wrigley, N. and Coe, N.M., 2017. Capital discipline and financial market relations in retail globalization: insights from the case of Tesco plc. Journal of Economic Geography, 17(1), pp.31-57.
- Woods, M., 2012. Risk management in organizations: An integrated case study approach. Routledge.