Understanding the Types of Risks

Strategic risk management can be described as a process of managing, assessing and identifying the risk that exists within an organization. This also involves the strategy that a company employs during taking the swift action after a risk has been realized. Strategic risk management thus involves a range of possible events and the scenarios that will affect the strategy, its execution and the ultimate effect on the on the company’s value. The risk is thus an important concept and it encompasses everything from the reputational risk, supply chain risk, market risk, product innovation risk (Gates, Nicolas and Walker 2012). The most basic component of the strategic risk management of an organization takes into account the tolerable levels of risks and framing that as a guide for the purpose of strategic risk management. strategic risk management is a continual process that embeds in the strategy execution and strategy setting (Pritchard and PMP 2014). Strategic risk management is also called enterprise risk management and it is based on the principles: the main goal of the strategic risk management is to protect the stakeholder and the shareholder value; strategic risk management is a component of enterprise risk management and it is affected by the management, and the board of directors and others; strategic risk management is a continual process that is embedded within the strategy management, strategy execution, and strategy setting. Organizations thus adapt the principles and the definition of the strategic risk management when they try to develop the action plan in order to focus on the strategic risks and the strengthening the enterprise risk management (Lam 2014). This study is based on the role of a strategic risk consultant and the consulting the various risk associated with the functioning of Woolworths, Australia.

Summary- Woolworths group is a big business entity and it is thus exposed to a range of operational, financial, strategic and compliance risks that occur along with the operation of the online and the retail markets. Thus, below are the insights into the various risks of Woolworths:

• Strategic risk- the retail environment continues to be competitive which is at the same time driven by the internal risk drivers, external risk drivers, customer expectation and needs, technology disruption. Thus, if Woolworths fails to respond to these crucial factors, changing marketplace and its competitors, then this will adversely impact the business performance and the market share. Thus, Woolworths group must be committed to working along with a fixed strategy and must focus on the transformation initiatives and the customers. At the same time, it is also essential for the Woolworths Group to play a vital role in reducing the environmental pressure and along with it promote the social responsibility. The major areas of problems are carbon emissions, sustainable sourcing, ethical sourcing, own brand packaging, food waste (wow2017ar.qreports.com.au 2018).
• Financial risk- the management of the liquidity, capital and availability of funding is an important part for the Woolworths group growth and the business operations. in addition, Woolworths Group can also fail in turning around the general merchandise business, impact of the fluctuating foreign exchange rates, materially adverse interest rates. All of these could have an impact on the business profitability (wow2017ar.qreports.com.au 2018).
• Operational risk– the Woolworths Group is also exposed to the operational risk and this includes the supply chain failures, technology failures, industrial disputes, weather conditions, natural disasters, business disruption due to the natural disaster, data breaches, asset, security, information technology, failure to meet the product safety measures, failure to meet the people standards, and exposure to other events.
• Compliance risk– the Woolworths Group faces risk from the adverse legislative changes, adverse regulatory changes, contractual arrangements, regulations arrangements, applicable laws. Thus, if the Woolworths Group breaches such regulations then the company may face adverse consequences like significant fines, that can negatively impact the group’s profitability, group’s reputation (wow2017ar.qreports.com.au 2018).

The Woolworths Group performs an external and internal audit for the purpose of risk assurance and risk management. Communicates with the shareholders and engages with them and takes a process of continuous disclosure and finally, the Woolworths Group provide the assurances by the management through the various reports. This is discussed as follows:

• External auditor- Woolworths Group has an external auditor named Deloitte Touche Tohmatsu. The ARMCC of Woolworths Group makes recommendations to the Board of the management for the replacement, re-appointment and selection of the external auditor. Deloitte Touche Tohmatsu was re-appointed by the ARMCC in the year 2016 as an external auditor. The external auditor performs the risk assessment for all the risks associated with the external risks. Such risks can include the financial risks and the compliance risks (Woolworthsgroup.com.au 2018a).
• Internal auditor- The Woolworths group has an independent internal audit team called the General Internal Audit. This General Internal Audit is managed by the Group Risk and Assurance Team. The Group Internal Audit performs an objective and independent assurance service for both the board and the management. The Group Internal Audit provides the governance framework, risk management framework and internal controls of the Woolworths Group. This is done through the various processes- Group Internal Audit performs an internal audit in accordance with the internal audit plan. Also it is important to note that the formulation of the plan is done using a risk-based approach and ARMCC approves it annually; When the management is absent, the Group Internal Audit is directly accountable to the board and is able to have a direct access to the Board via the ARMCC; Group Internal Audit regularly reports the results of the audit to the ARMCC. Each year, ARMCC, on the other hand, approves and reviews the internal audit charter. ARMCC also reviews the performance of the internal audit function and the Group Internal Audit’s head (Woolworthsgroup.com.au 2018a).
• Assurances by the management- the board receives CFO and the CEO certificates during the reporting period and this complies with the regulatory requirements for both the full and half year reports.
• Shareholder engagement- the stakeholders and the shareholders are informed of all types of the material matters that affect the company through the publications, range of forums, periodic communications. The shareholder and the stakeholder are engaged for the purpose of discussing the associated risks with the current operation, the release of the annual report, the release of the financial information on a full year of half yearly basis, and for the annual general meeting.
• Continuous disclosure- the risk management process of Woolworths involves a continuous disclosure of the information to the market and the shareholders on a timely basis for the purpose of providing equal, direct and timely access to the necessary and the relevant information. The main aim of the company with respect to the continuous disclosure of the information is to achieve compliance for the purpose of marinating a continuous disclosure mechanism; promote confidence of the investor on the integrity of the securities of the Woolworths Group, clarify the accountability of the senior executives of the Woolworth’s Group (Woolworthsgroup.com.au 2018a).

The first step of risk management is to understand the type of risks that an organization is facing. According to hbr.org (2018a), organizations face risks into the three major categories. Also, it is important to note that events of risks can be fatal for a company from the perspective of the company’s strategy and also for the survival of the company itself. Woolworths also faces risk from the 4 chief areas like the strategic risk, financial risk, compliance risk, and operational risk. Risk thus need to be identified and properly assessed for finding the mitigation strategies.

The first category of risks are the preventable risks and these risks are to a large extent preventable and occur within the organization itself. These risks can be avoided, eliminated and can be controlled (Mikes and Kaplan 2015). The various examples that can be presented here are the breakdown in the normal processes of operation, inappropriate and incorrect actions, unethical actions, illegal and unauthorized actions. These examples are also applicable for Woolworths company as this company will also experience similar kinds of the preventable issues. Thus, Woolworth will experience operational issues along with the customer dissatisfaction and gross misconduct from the employees of Woolworths. According to hbr.org (2018b), Companies must have zero tolerance towards the errors and defects in order to minimize any kind of damage done to the image of the company and also in achieving the organizational goals. Thus the companies must have a goal of avoiding these risks since a particular company will gain no benefit from such ill activities. It is, however, important to note that an employee bribing an official and a rogue trader doing the same will yield benefits for the company on a short term but it will have no long-term benefit for the company. This is true for Woolworths as well because, in the long run, the Woolworths will lose the company value. According to Mikes and Kaplan (2015), the preventable risk category can be managed through the active prevention techniques and it will include the guiding the behaviours of the employees, making decisions to achieve desired norms and monitoring the operational processes.  Rules-based compliance like the code of conduct, employee policies can be effectively used for the purpose of managing them and identifying the preventable risks (Carroll 2016). Woolworths must also have the code of conduct, employee policies, and the training to effectively train the employees and guide them in following the organizational rules.  

Preventable Risks: Identifying and Mitigating

 The second category of the risks are the strategy risks and this kind of risks help to generate superior benefits in the form of extra revenue and a competitive market advantage (Leonidou et al. 2013). Companies always try to have a competitive advantage over its competitors and for this reason, it will always try to research and develop strategies which might seem to be a risk. However, such risk often gives a competitive advantage over the other companies. Woolworths also can do activities like the selling of the petrol business which might seem to a bad decision in the first instance. But this can prove to be beneficial for Woolworths because after selling the petrol business asset, Woolworths can gain a lot of capital. This will help the company to plan for the general merchandise effectively and efficiently. According to Viscelli, Beasley and Hermanson (2016), the strategic risks are different from the preventable risks and because such a risk is desirable from the perspective of the company. A strategy that will involve a large number of revenue returns or creation of capital, will force a company to take certain decisions and risks to have potential gains. It is important to note that the rules-based control mode cannot be used for the purpose of risk management. Instead, a company requires a strategic risk management strategy for the purpose of risk management and also to reduce the probability of occurrence of a risk (Larson et al. 2014). Even though a company has all the systems in place, this will not prevent a company from undertaking the risky ventures. While it is important to note that companies will definitely try to take the higher risks along with the higher rewards. This will, however, deter the other market competitors to undertake the similar kind of risks because such companies may have a less effective risk management strategy (Baxter et al. 2013). Woolworths also has a strategic risk management strategy that helps the company to undertake calculated risks. Woolworths have the external and the internal auditors that have the separate functions. External auditors have the responsibility to audit the external factors that carry potential risks like the financial and the compliance risks. The internal auditors also focus on advising the Board of managers and board of directors regarding the risk reduction and risk management. The internal auditors also work to minimize the risk arising from the company operation and the strategic risks.

 The third category of the risks is called the external risks, which arises outside the company and cannot be controlled or managed (Soin and Collier 2013). The sources of these kinds of risks are the issues arising from the macroeconomic shifts, political disasters. Companies thus cannot control such a risk, thus emphasis is put to effectively identify and mitigate the impacts of the risks (Thamhain 2013). Woolworths also have external audit team that plays a major role in the identification of the risks arising externally. The financial risk that Woolworths gets affected from is the changes in the foreign currency exchange rates, liquidity and the interest rate risk. Such risks can effectively impact the Woolworths Group.

Strategy Risks: Taking Calculated Risks for Benefits

 The various risk from which Woolworths can get affected is the operational risk, financial risk, strategic risk and the compliance risk. There are generic risks that have the potential of affecting the performance of Woolworths and this, in general, applies to the Australian households and the business. The generic risks associated with the Australian households are the emerging risks, climate change risks, unsuitable changes in the macroeconomic environment. The following are the different types of the risks and the respective mitigation strategies:

Recommendation on the mitigation of the strategic risks-

• Woolworths must have a long-term corporate responsibility strategy that will identify the various goals related to the minimisation of the environmental impacts arising from the Group’s operation and improve the sustainability of the operations
• The long-term and the short-term incentive plans must designate the customers as the number one priority.
• Woolworths must combine the data business, loyalty business and the digital business and integrate into the WooliesX. This will be focussed on the delivering the connected customer strategy.
• The delivery offices must be established to drive the transformation initiatives.
• The Woolworths group must have a strategy based on the investment in the digital channels, technology channels, store network, and investment in the growth enablers. All these to be done keeping the customer at the first priority (Woolworthsgroup.com.au 2018b).

Recommendation on the mitigation of the financial risks-

• Woolworths must have a plan which will be approved by the Board of the managers and the directors regarding the general merchandise business that will monitor regularly. Also, the petrol business can be sold for improving the capital position further.
• Woolworths Group must have treasury policies approved by the Board of directors and the managers so that the foreign currency risks, interest rates risks, liquidity risks and the financial risks can be managed and governed sufficiently.  

Recommendation on the mitigation of the Operational risks-

• Woolworths must organise training sessions, establish standards and policies which will include the product safety, food safety, health and wellbeing, and people safety.
• Woolworths must invest to consolidate and strengthen the cybersecurity, technology, and operational capability across the various processes.
• Woolworths group must establish a Business Resilience Framework that will manage the responses to the business disruptions and the operational incidents (Woolworthsgroup.com.au 2018b).

Recommendation on the mitigation of the compliance risks-

• Woolworths group must establish a compliance framework which that will formulate policies as well as establish and facilitate internal protocols, regulatory compliance, and legal compliance. Woolworths must also work along with the regulatory and the government bodies to function in accordance with the regulatory changes and the proposed legal changes.
• Woolworths group must organise training programs, and have a code of conduct which will promote awareness with respect to the internal policy requirements and regulatory policy requirements (Woolworthsgroup.com.au 2018b).

Conclusion

From the above discussion, it can be concluded that the strategic risk management is a process of that emphasizes on managing, assessing and identifying the risk that exists within an organization. The risk is an important concept and it encompasses the reputational risk, supply chain risk, market risk, product innovation risk. The most basic component of strategic risk management of an organization is to take into account the tolerable levels of risks and framing that as a guide for the purpose of strategic risk management. Woolworths group is a big business entity and it is thus exposed to a range of risks like the operational risk, financial risk, strategic risk and compliance risks that occur along with the operation of the online and the retail markets. The Woolworths Group performs an external and internal audit for the purpose of risk assurance and risk management. The company communicates with the shareholders and engages with them, takes a process of continuous disclosure and also the Woolworths Group provide assurances by the management through the various reports.

Reference

Carroll, Roberta. “Identifying risks in the realm of enterprise risk management.” Journal of healthcare risk management 35, no. 3 (2016): 24-30.

Gates, Stephen, Jean-Louis Nicolas, and Paul L. Walker. “Enterprise risk management: A process for enhanced management and improved performance.” Management accounting quarterly 13, no. 3 (2012): 28-38.

hbr.org. “Managing Risks: A New Framework”. Harvard Business Review. https://hbr.org/2012/06/managing-risks-a-new-framework, 2018a

hbr.org. “The Six Mistakes Executives Make In Risk Management”. Harvard Business Review. https://hbr.org/2009/10/the-six-mistakes-executives-make-in-risk-management, 2018b

Lam, James. Enterprise risk management: from incentives to controls. John Wiley & Sons, 2014.

Larson, Erik W., Clifford F. Gray, Ursula Danlin, Beverly Honig, and David Bacarini. Project management: The managerial process. Vol. 6. Grandview Heights, OH: McGraw-Hill Education, 2014.

Leonidou, Leonidas C., Constantinos N. Leonidou, Thomas A. Fotiadis, and Athina Zeriti. “Resources and capabilities as drivers of hotel environmental marketing strategy: Implications for competitive advantage and performance.” Tourism Management 35 (2013): 94-110.

Mikes, Anette, and Robert S. Kaplan. “When one size doesn’t fit all: Evolving directions in the research and practice of enterprise risk management.” Journal of Applied Corporate Finance 27, no. 1 (2015): 37-40.

Mikes, Anette, and Robert S. Kaplan. “When one size doesn’t fit all: Evolving directions in the research and practice of enterprise risk management.” Journal of Applied Corporate Finance 27, no. 1 (2015): 37-40.

Pritchard, Carl L., and PMI-RMP PMP. Risk management: concepts and guidance. Auerbach Publications, 2014.

Soin, Kim, and Paul Collier. “Risk and risk management in management accounting and control.” (2013): 82-87.

Thamhain, Hans. “Managing risks in complex projects.” Project management journal 44, no. 2 (2013): 20-35.

Woolworthsgroup.com.au. “Woolworths Annual Report 2017”. Woolworthsgroup.Com.Au. https://www.woolworthsgroup.com.au/icms_docs/188795_annual-report-2017.pdf, 2018b

Woolworthsgroup.com.au. Woolworthsgroup.Com.Au. https://www.woolworthsgroup.com.au/content/Document/Woolworths%20Group%202017%20-%20Corporate%20Governance%20Statement.pdf, 2018b

wow2017ar.qreports.com.au. “Material Business Risks – Woolworths Annual Report 2017”. Wow2017ar.Qreports.Com.Au. https://wow2017ar.qreports.com.au/home/business-review/material-business-risks.html, 2018