Manage Your Risks Better: It’s About Survival

Share on facebook
Share on email
Share on twitter
Share on linkedin

The Great Recession is the name given to the 2008 – 2009 financial crisis. A perfect storm had been brewing for years and finally, it was unleashed in 2008. But what caused it? Let’s take a look at the events leading up to the crisis.

The credit crisis brought two groups of people together – homeowners and investors. These two groups were brought together by the financial system – banks and brokers, commonly known as Wall Street.

Years ago, investors were sitting on piles of money looking for ways to make more money. Traditionally, they purchased Treasury bills from the US Federal Reserve. But in the wake of the 20001 dot.com bubble, Alan Greenspan lowered the Fed’s interest rates to 1%. Investors said “no thanks” to the low return. Banks on Wall Street, on the other hand, could borrow from the Fed at the low rate of 1%. Add to that surpluses (excess savings) from Japan, China and the Middle East and there was an abundance of cheap credit.

Wall Street banks took out a lot of credit, made great deals, grew tremendously rich and paid back the Fed. Investors saw this and wanted a piece of the action. This gave Wall Street an idea. They could connect investors with homeowners through mortgages. The banks starting selling mortgages to investment bankers who then borrowed millions of dollars and purchased thousands more mortgages and put them into a ‘box’. They received payments from the homeowners, and then decided to cut the ‘box’ into three investment slices: Safe, Okay and Risky.

The debt was repackaged and called Collateralised Debt Obligation or a CDO. Finally, the investors had found a safe investment for their money. They were so pleased, they wanted more CDO slices. So the investment banker called up the bank for more homeowners. But everyone who qualified for a home loan already had one. The banks came up with another idea. They started adding risk to new mortgages by not requiring deposits and proof of income. These were called Sub-prime Mortgages. This was the turning point.

Not surprisingly, homeowners defaulted on payments and banks foreclosed. Soon there were more houses than people could buy and prices plummeted. Investment bankers were left holding a box full of worthless houses. Bankers had a glut of houses nobody wanted to buy, and investors were saddled with thousands of CDOs they couldn’t shift.

The whole financial system froze and things got very dark.

Download your FREE Guide on How to Unlock the Potential of Risk-based Thinking in the New ISO Management Standards and gain an excellent understanding of Risk-based Thinking!


What went wrong with leadership and how did they aid and abet the 2008-2009 financial crisis? Surely banking executives must have known what was going on? A team from the Ivey Business School asked these questions to more than 300 senior business leaders from across Canada, New York, London, England and Hong Kong. They found that a failure in leadership was a root cause of the crisis.

While banking executives were aware of what was going on, they had blinded themselves to the inevitable consequences as they were reaping the rewards. Good leadership and sound risk management practices, on the other hand, had protected organisations that emerged from the crisis unscathed.

So how does a business effectively manage its risks?


“… You can’t control people through policies, procedures and policing. You can only do it through a strong risk management culture and absolute integrity in all leaders.” – Ivey Business School.

A company’s culture is set from the top, so it makes sense that senior leaders need to establish the tone for the risk management culture. As a company’s success and survival can depend on the proper implementation of risk management, it’s important that senior leaders assume overall responsibility for it. Enterprise Risk Management (ERM) has been seen as a hindrance rather than a necessity in the past, but many businesses are realising its importance today.


The internationally recognised ISO 31000:2018 Risk Management Standard, focusses on the importance of implementing a coherent risk culture within a business. It defines the risk management process as “coordinated activities to direct and control an organisation with regard to risk”.

It also provides a definition of the risk management framework as a “set of components that provide the foundations and organizational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management throughout the organization”. The ISO 31000:2018 Standard is practical and business oriented and consists of three components: the principles of managing risks, the framework for managing risk, and the process for managing risks.

The Standard captures ERM as an integrated way of managing risk across an enterprise at all levels of an organisation. Due to the complex nature of risk, market volatility, the changing global risk landscape, and the speed at which risks can now materialise, organisations need to think beyond risk compliance and towards a holistic approach.

This is where ERM comes into its own. Effective ERM will, for example, encourage proactive risk management and a deeper and more meaningful insight into the threats you face and the opportunities for growth.


ERM programmes should be tailored to the needs of the organisation. Broadly speaking, the practice of ERM incorporates the process of risk management, the people who are involved in risk management and the information system used to facilitate the process.

1. Process

Risk should be embedded in management activities. Describe the process in a procedure document so that employees understand the risk management process and how to consistently perform their activities. The risk management activities for the ERM programme should span all areas and functions and cross internal boundaries. Adopting an interlocking or joined-up approach to risk management helps to allocate resources efficiently and to solve the risk more effectively.

2. People

Senior executives set the tone for the organisation’s risk management culture and need to live and breath the culture as well as talk to staff about the reasons why the organisation is engaging in ERM. Ensure that responsibilities and accountabilities are clearly communicated and followed through.

3. Information Systems

Using a well-designed information system to record, report and monitor risk performance across your organisation will improve management insight, speed up response times and assist with knowledge-based decision-making.

Safeguarding your brand and reputation – your two most valuable assets – and protecting shareholder value requires an active, well-managed risk management programme.

Why not opt for the internationally- acclaimed ISO 31000:2018 Risk Management Standard for your ERM programme?


Do you need help managing your risk holistically? Contact us today to find out about our range of services! Visit www.riskza.com/training-schedule-booking to find an upcoming ERM training event closest to you.

Contact Risk ZA on +27 (0) 31 569 5900, email info@riskza.com or using our contact form.

You can also download your FREE Guide on How to Unlock the Potential of Risk-based Thinking in the New ISO Management Standards and gain an excellent understanding of Risk-based Thinking!

You can share this blog on your preferred social media platform:

Share on facebook
Share on email
Share on twitter
Share on linkedin

Leave a Comment

%d bloggers like this: