By THOMAS M. MULHARE, CPA,
partner-in-charge of the Financial Services Group and Business Risk Consulting Group at Amper, Politziner & Mattia
The role of the risk manager did not used to be as important in the overall security and financial stability of a company as it is now. As a middle manager often only called upon in crisis situations, risk managers took direction from upper management and rarely operated on their own. Risk assessments and risk considerations were informally addressed by management, without standard processes.
In the 1970s, for example, a compartmentalized approach to managing risk was the methodology of the day. Risk managers were responsible for insurance-related aspects of the business--auto, property, general liability and workers? comp. With reporting responsibilities to the directors and officers of the company, the risk manager?s focus was limited to loss prevention and risk control.
That changed after Securities and Exchanging Commission investigations in the mid-1970s into the practices of more than 400 U.S. companies, who admitted to bribing foreign officials and companies to ensure that their products were bought or used.
Shortly after this scandal, Congress passed the 1977 Foreign Corrupt Practices Act (FCPA), which made it illegal for American companies to use bribery to win business overseas.
Companies like Exxon, Mobil, Gulf and Lockheed were found to be guilty of corruption at the highest levels, and their business ethics were publicly called into question. With more U.S. government scrutiny of organizations in general, the responsibilities of the risk manager expanded to include governance and reporting.
In 1982, when the Tylenol poisonings occurred in the Chicago area, the national spotlight turned to Johnson & Johnson. How the company communicated with the public in assessing and minimizing the risk to potentially millions of people became a textbook case in crisis communications, corporate responsibility and risk management. This case in particular brought risk management to the forefront.
In the past 20 years, the world has greatly changed. Technology, computers, the Internet, globalization, security threats due to terrorism, the regulatory environment--all of these factors have created new industries--and new risks.
Add to these the economic turmoil of the past 18 months, and we have a landscape that requires a new era of risk management from the top down.
June 1, 2009
Copyright 2009© LRP Publications