Corporate boards are boosting their responsibility for oversight and risk management. And that's forcing companies to embrace effective risk-governance practices, according to The Conference Board. The idea of combining risk management and corporate strategy isn't new; it first arose out of the merger mania of the 1980s, says Matteo Tonello, corporate governance expert with The Conference Board. But it has acquired new urgency since passage of the Sarbanes-Oxley Act of 2002. "Corporations are now ready to leverage their experience with mandatory internal control procedures to establish a more comprehensive ERM [enterprise risk management] infrastructure," Tonello says. Corporate governance should not be viewed as a regulatory burden, he adds. A solid ERM program, integrated into governance practices, can lead to significant cost reductions and better communications among business units. It can also smoke out unseen risks that were present under the traditional management model. Managers would have a more objective basis for allocating resources throughout the organization, while improving capital efficiency and return on equity. Most importantly for top executives, the integrated approach can stabilize earnings and reduce the volatility of stock prices, Tonello says. The Conference Board recommends a two-pronged approach to risk management - one that seeks to head off or mitigate events that might have a negative impact on corporate strategy, while capitalizing on the business opportunities that might derive from the same event. The Conference Board urges companies not to underestimate the role of corporate directors in risk governance and response strategies.
