The Association of Finance Professionals recently disclosed, via its Corporate Cash Indicators, that U.S. corporations accumulated more cash in the third quarter of 2017 than had been anticipated. This is consistent with other indications: corporations are concerned about the risks of the present environment and are working to ensure they have dry powder on hand.
In a separate but related matter, the AFP has released the results of a survey of treasury and finance professionals concerning risks and risk management, and the survey report announces seven key findings:
- The big risks are strategic or cybersecurity-oriented.
- A majority of organizations employing these professionals have no board-approved risk appetite policy.
- Spreadsheets are still being used to manage risk. (AFP reacts to this rather as one might react to being told that organizations are still chiseling their balance sheets out on stone tablets).
- Predictive analytics are likely to increase the efficiency with which risks are managed.
- Emerging technologies (such as artificial intelligence) are exposing organizations to new risks, though most do not yet think these are “significant” risks.
- When new techs are seen as significant risks, they are seen as specifically cybersecurity risks, and
- A majority of organizations (54% of the respondents) report that they are “moderately prepared” to manage risks that may result from the increased use of technology.
The uncertain and polarized political situation in the United States is part of the reason the responsible professionals worry about strategic risks. The broader geopolitical scene, including the “instability being demonstrated by the North Korean regime,” is another part.
Looking Backward and Forward
Asked whether the difficulty of forecasting risks is greater or less great than it was three years before, the largest group of respondents said it was “relatively the same” — 35%. But the number who said it was more difficult (30%) was larger than the number who said it was easier (25%). And the number who said “significantly more difficult” was greater than the number who said “significantly less difficult” (5% and 4% respectively). So what one gets is a skewed curve, skewed in the direction of an acknowledgment of greater difficulty.
Yes, that skew is a fairly modest one. Looking forward, though, that is, when finance professionals are asked to compare forecasting difficulty now to what it will be in another three years, there is a greater consensus that the crystal balls are going to fog up. Only 16% say “easier” against the 54% who say “more difficult.”
Risk Appetite and Spreadsheets
With regard to risk appetite statements, the survey report observes that the Institute of Risk Management defines “risk appetite” as “the amount and type of risk that an organization is willing to take in order to meet their strategic objectives.” It is of value for the various people within an organization who might have to face risk-taking or risk-avoiding decisions on a day to day basis to be on the same page, or at least in the same library: to know what is the risk appetite of the organization for which they all work. Self-consciousness on this point can assist, for example, in deciding on acquisitions, capital expenditures, and the development of weighted average cost of capital (WACC) calculations.
Survey respondents broke down five ways on whether or not their organizations had a formal risk appetite statement: 37% neither have one nor are in the process of developing one; 17% don’t have one but are working on it; 14% have a “primarily qualitative” risk appetite statement; 7% “primarily quantitative,” and the remaining 25% have a statement that is both quantitative and qualitative.
Those finance professionals who say that their organization doesn’t have such a statement give various reasons for this: some believe the appetite is implicit and doesn’t need the spelling out; others say that there are other benchmarks or/guidelines that are used in risk management; or that the concept of risk appetite is too broad or vague anyway.
As noted above, many treasury and finance professionals still rely on spreadsheets in their risk management. The AFP suggests that this is a matter of preferring the devil one knows to the devil one doesn’t. “Taken overall, the new technologies [AI or blockchain] may reduce or address some of the risks that could be present due to the heavy reliance on spreadsheets, but could also introduce risk, such as cyber risk.”