With ‘technology disruption’ becoming a buzz word, there is an urgent need for Qatar to set up Management Risk Committees (MRCs) at its large companies. The AI and Machine Learning (ML) have just entered. As the pace at which disruptions are impacting the organisations, the region needs to gear up to face off the challenges, and to take opportunities from digital disruptions, said a top technocrat.
“We are in a ‘disruption way’, where risks are hitting us from all sides. Not only from technological sides, but from all types of risks”, he said.
Speaking on the sidelines of ‘7th Annual Risk management Forum 2019”, organized by Msheireb Properties, Darshan Mehta, Managing Director, Protiviti, Middle East, told The Peninsula that almost 80 percent of large companies in the US, have MRCs in place. The region, however, is bit slow in this front. Considering the growing complexity of the risks inherent in the companies’ organization strategy and business model, it is imperative for the companies in the region to set up effective MRCs. Utilities, banks, oil & gas and retail should be the priority sectors, he said.
The MRCs will help ensure successful implementation of the organisation’s approach to enterprise risk management (ERM), focusing management attention on specific risk areas, identify emerging risks, and help the company anticipate and react to disruptive events and trends. The committee’s deliberations can enhance the risk dialogue in the C-suite and boardroom by sharpening the focus on critical enterprise risks and emerging risks, believes Protiviti.
Currently, the way ERM has been structured; you have an audit risk committee and have risk managers. In between there is no layer. The MRCs effectively is creating that managerial layer where in definitely forms the executive risk committee to look into day to day risk aspects.. this will give an added comfort to the audit and risk committee management to do their job in right way, he said.
In the Middle East region, Mehta said, large utility companies and oil and gas companies have started setting up MRCs. “I am sure most of the organisations in the region will have MRCs or something called ‘executive risk committees in place soon.”
“I A and Machine Learning have just entered. It is still not visibly impacting any businesses at this point of time in the Mideast. But within the next two years, things are going to change. Banks have started employing robots in the region. Recently, very large banks in the region, are robotizing 250 processes within the organization. These banks already have robots welcoming customers in the branches..”, Mehta said.
Mehta said just setting up MRCs will not help organizations to address the “Disruption” challenges or take advantages out of it. The MRCs need to function in the right way. There has to be right objective behind setting up these committees. The Boards should meet more frequent.
The MRCs need to be persuasive across the organization. People should understand on day to day basis the risks and opportunities, he said.
In her presentation, Dana Al Abdulla, Compliance and Data Protection (A) Director, Qatar Computer Emergency Response team (Q-CERT), Ministry of Transport and Communication, recalled how shipping giant Maersk suffered very badly from 2017’s NotPetya malware outbreak. Maersk’s own experience is that the attack it endured cost it between $250m and $300m, in line with what the company told a conference call in August 2017.
Source from: The Peninsula