More than the sum total of parts…!
The position of municipal and provincial authorities (hereinafter local governments) in society at large is rather complex. This complexity is especially visible in the number of relationships local governments maintain: e.g., many parties are involved in project development. Another reason for this complexity involves the additional tasks and innovations imposed on local governments in the last few years. This would include the Social Support Act [Wet Maatschappelijke Ondersteuning – Wmo], the Land Development Act [Wet op de grondexploitaties – “Grexwet”)) and the amended Town and Country Planning Act [Wet ruimtelijke ordening – “Wro”). And if that is not enough, the credit and economical crisis tops it all off.
This situation offers many challenges and opportunities, demanding alert and dynamic local governments and reflecting on old ways and adjusting them, and contemplating the future. Political leadership is now all important and its most important basis is adequate risk management.
With the implementation of the Budget and Accounts Decree [Besluit Begroting en Verantwoording – “BBV”) in 2004, local governments are required to publish a statement on some important competence fields. Local governments have to pay specific attention to their financial capacity, take stock of financial risks, and formulate a policy for risks and stress capacity.
This demands a dynamic and permanently operational risk management system, because the above statement has to be presented (at least twice a year), when presenting the budget and the financial statements. The regulator’s objective is to permanently gain a better view of the financial position of local governments. The BVV includes a number of key terms. What is risk management?
- Risks: chances of an event occurring that may have an effect – negative or positive – on the management’s continuity and on achieving the organization’s objectives.
- Control measures: the system of measures and procedures taken to either overcome any risks identified or to identify any risks rising and to limit their impact.
- Buffer capacity: the whole set of resources and possibilities to hedge costs not included in the budget and which have not been foreseen. This capacity may both be incidental and structural.
- Buffer capital: the degree in which any financial setbacks can be buffered, with which the capacity is compared with the risks run.
- Risk management: identifying and quantifying risks and implementing procedures to curb the chance of risks arising and/or the consequences of current risks.
Since the implementation of the BBV, local governments have been struggling with the question how to effectively implement the requirements in the stress capacity paragraph: responses varied from “we cannot anticipate everything”, “we don’t have a crystal ball”, “many risks cannot be quantified”, “who should do what during the entire process and who is responsible for identifying the risks?”
These are relevant comments and questions, certainly. Still, listing the risks results in many answers. Although aimed at finance, listing risks gives priority to the calculation of a quantified risk within a certain bandwidth – an encouraging start. What’s more, once an organization has become aware of risks and the need for an early response, the benefit has been realised. Three aspects are important: behaviour, awareness, and response. As we all know, changing behaviour is difficult. Below we offer some suggestions.
An unequivocal and logical approach
If progress and taking opportunities is the goal, uncertainties and risks are unavoidable. It is important for all parties to acknowledge and anticipate this. This means identifying risks early on, taking steps, getting to know new circumstances and ensuring a growing awareness about risk management.
Clear agreement between the municipal council, the municipal executive and the civil servants on the phases of the risk management process is vital, while the accountability framework (See figure) should be defined.
In addition, good governance has to be complied with the full cycle. This is the framework of rules in relationships. The following is an explanation of the four pillars of the governance cycle:
- Managing: regarding the risk profile that the municipal council wishes to adopt: has this been clearly formulated and is it clear how the council wishes to be informed about its development?
- Control: what measures have the municipal executive and the senior civil servants taken to identify risks, to anticipate risks by implementing control measures and to quickly identify changes?
- Accountability: how and with which periodicity is an explanation provided on the development of risks, the impact of the measures, the impact of unforeseen risks, the scope and working within the frameworks set out?
- Monitoring: “keeping track” of the existing risk management system and ensuring that it is effective (and efficient).
The reason local governments want to list risks is their need to achieve social objectives. Risk quantification provides an understanding of whether the financial position allows new undertakings and analyses developments. In addition, it provides an impetus to reduce risks, thus allowing objectives to be achieved at an acceptable level of risk. It renders the organization adaptive to the highest degree.
It is important for local governments to be able to respond to new circumstances caused by issues such as new joint ventures, changes in regulations or contracts, or the implementation of new policies. Hence, risks must be acknowledged and adequate provisions should be taken.
Such circumstances call for a balanced mix of hard and soft controls. Hard controls can be described as measuring whether targets have been achieved or testing compliance with regulations. Such measuring is objective, as the targets have been agreed within the organization.
Soft controls are a management control tool for measuring employees’ individual performances. These controls test motivation, loyalty, integrity, inspiration and employees’ ethical principles. Mixing both types of control should provide the right balance.
Clear procedures and consensus
Besides a clearly defined risk management process, an adequate governance cycle, and a balanced mix of hard and soft controls, consensus and clear procedures are important ingredients for a successful implementation. We have a few recommendations:
- Choose a risk management concept that suits your organization.
- Ensure that individual employees in the line organization are made responsible for estimating, managing and reporting risks.
- Consensus between the management team and the municipal executive for the concept is vital.
- Organize a knowledge session where the subject is discussed extensively and the added value is illustrated clearly.
- Start in a simple manner, with a pilot. An essential basis for consensus is sound project management.
- Avoid, if possible, burdening the organization with an additional workload and using existing initiatives, concepts and systems.
Sound implementation of risk management is not merely identifying a sum total of risks. Risk management is more than financial quantification and identification of risks. It is not a static, once-only implementation effort, but an important driver for realizing targets, making the most of opportunities, and developing an organization.
If an organization’s own strength is carefully mapped out it will remain alert, while tools and working methods will always be up-to-date. This method of working enhances trust and transparency. This is what we call leadership.
The authors Frank van Kuijck and Rob van Vugt are partners at Deloitte Accountants B.V.
Photo by Louise G.S. Kruf ©