BUSINESS RISK - WHAT IS IT


Threats to achieving
organization’s business objectives


EXAMPLES OF BUSINESS RISK
• Shortsighted goals
• Ineffective processes
• Financial fraud
• Failure to comply with government
regulations
• Tarnishing reputation


BUSINESS RISK INCREASES
AS ENVIRONMENT CHANGES
• Fierce competition
• Pressure for increased productivity,
responsiveness and responsibility, while
reducing costs
• Powerful new technologies
• Increased external scrutiny
• More decentralized accountability


WHAT CAN YOU DO ABOUT RISK

• Eliminate
• Accept

• Transfer - insure,
outsource
• Mitigate


HOW DO YOU MITIGATE RISK?

• Brainstorm ways to reduce
or remove risk
• Research best practices
• Select the best alternative
(cost-effective)


CO
M
M
UN
IC
AT
I

M
CO

&

&
M
N

IO
AT
IC
UN

ON

CONTROL
ACTIVITIES:
processes,
procedures,
safeguards, access
security, authorization
RISK ASSESSMENT:
identify, prioritize, mitigate risks;
ongoing;
wide participation

ON

AT
I

I
AT
M

IN
FO
RM


MONITORING:
throughout

R
FO
IN

ON

INTEGRATED INTERNAL CONTROL FRAMEWORK

CONTROL ENVIRONMENT:
tone at the top, infrastructure,
compliance;
culture: integrity and competence of
people
Adapted from Committee of Sponsoring Organizations of the Treadway Commission (COSO) />

CONTROL ENVIRONMENT
• Established by the organization’s administration
• Foundation for all components of Internal
Control
• Provides discipline and structure
Includes:
 Integrity and Ethical Values
 Competence of People
 Leadership philosophy/ operating style
 Assignment of authority and responsibility,
organization and development of people



RISK ASSESSMENT
• Develop/ Re-affirm organizations
goals
• Identify internal and external
factors that must be addressed
• Evaluate potential impact of the risk
• Determine method of managing the
risk


CONTROL ACTIVITIES
Policies (guidelines) and procedures (how
work is to be performed) help ensure that
management directives are carried out.
•
Ensure necessary action is taken to
address risk
Include:
 Approvals & Authorizations
 Top level performance reviews (actual vs.
budget/ forecast/ prior period).
 Track major initiatives.
 Physical Controls (inventories/ equipment/
cash/ other assets)
 Information Processing
 Segregation of Duties
•



INFORMATION & COMMUNICATION
• Identify, capture and communicate the right
information to the right people at the right time
• Information must flow down, up and across the
organization
Includes:

Quality of Information Systems
– Necessary Resources (human/ financial)
– Must be sufficient in detail
– Must be accurate and relative

Quality of Communication Systems
– Duties & Control responsibilities effectively communicated
– Channels of communication must exist
– Management must be receptive to employee suggestions
– Must be effective communication across the organization
– Must be timely / appropriate follow-up


MONITORING

Assesses the quality of the organizations
performance over time
•
Ongoing Monitoring Activities
– Reports review
– Planning Sessions
– Routine assessment on internal controls

– Investigation of information received that may indicate
problems
•
Separate Evaluations
– Self assessment/ internal or external audit/ specialized
group
•
Reporting Deficiencies
– Providing monitoring reports to the right person/
people


• Good management practice
• Process steps that enable
improvement in decision making
• A logical and systematic approach
• Identifying opportunities
• Avoiding or minimise losses


• Risk Management is the name
given to a logical and
systematic method of
identifying, analysing,
treating and monitoring the
risks involved in any activity
or process.


• Risk Management is

now an integral part of
business planning in
Vietnam.


Process Steps in Risk Management
• Evaluate the Context
• Identify the Risks
• Analyse the Risks
• Evaluate the Risks
• Treat the Risks
• Monitor and Evaluate
• Communicate and Consult


• Example of Business
Risk in Exports


E x p o rte r
F o r e ig n B u y e r

F o r e ig n B r o k e r
or
tr a d in g c o m p a n y

D o m e s tic a g e n t
b ro k e r o r
tr a d in g h o u s e


M a il o r d e r
d is tr ib u to r

O n lin e
s a le s c o m p a n y
In te r n e t b a s e d

F o r e ig n B u y e r

F o r e ig n B r o k e r
or
tr a d in g c o m p a n y

F o r e ig n b u y e r

F o r e ig n b u y e r

F o re ig n b u y e r


Corruption Perception Index


Host Country Political and Legal
Environment
• A manager needs to understand the following
issue regarding a foreign country/market
▪ Political risk – the risk that politics in the
host country will develop in a way which
makes it difficult for businesses to operate

profitably
▪ Economic risk ▪ How to manage the risk
▪ The influence of politics and law


Political Action and Risk
• Ownership risk – danger to
property and life
• Operating risk – interference
with operations of a business
• Transfer risk – interference
with the transfer of funds


Ownership Risk
•
•
•
•

Terrorism
Kidnappings
Coup d’etat
Example:
– According to a 1999 report by the Hiscox Group, a London insurer,
1,789 kidnappings occurred for ransom
– There are some estimates that approximately 3000 kidnappings occur
yearly in Colombia
– Colombia, Mexico, former Soviet Union, Brazil, Nigeria, Phillipines,
India, Ecuador, Venezuela and South Africa are among the most

dangerous countries


Operating Risk

• Confiscation – host government
transfers foreign-owned assets to a
domestic company without
compensation
• Expropriation – host government
transfers foreign-owned assets to a
domestic company and
compensates the foreign owners
• Nationalization – host government
transfers all assets of an industry
that are foreign-owned to domestic
companies


Transfer Risk
• Currency repatriation – risk
related to not being able to
transfer money out of the host
country
• Currency inconvertibility – risk
related to not being able to
change the host country’s currency
into any other currency



Intellectual Property Rights
• Intellectual property rights (IPR)
and the protection of those
rights are an important
consideration for businesses
• The important issues to consider
are:
– the unwanted transfer of those rights
– the failure in some countries to protect those rights, resulting in the unauthorized
copying and use of intellectual property