Risks and losses remain one of the factors that are inextricably connected with business, and it is extremely important for specialists working for large companies to be able to minimize the negative impact of these factors on performance of enterprises and the quality of products and services that they offer. Speaking about numerous practices used by managers in order to secure businesses, it is necessary to state that a lot of researchers set traditional approach to risk management in opposition to Enterprise Risk Management or ERM which is discussed in the present paper.
Comparing these approaches, many people highlight that the latter involves practices that encourage innovation in different spheres of business whereas traditional risk management just focuses on thorough analysis of circumstances and necessary responses. Considering the fact that ERM is supposed to be an innovative approach that propels risk management to the next level and provides managers with extended opportunities, it can be important to analyze and assess its effectiveness, studying business performance of a particular organization. In the given report, the example of Mars Inc. is used to demonstrate the way that innovative risk management practices are used.
This organization has been chosen due to a few reasons. To begin with, the company is known as one of the most famous manufacturers of alimentary products, and its financial success indicates proper risk management measures taken by its specialists. More than that, the implementation of ERM program was started about fourteen years ago; thus, the experience of this corporation allows researchers not only to study the outcomes of the program but also to understand how these risk management practices have changed since that time. The report focuses on such issues as strategy, current performance, and a view of proper risk management practices expressed by specialists from Mars.
Continuing on the topic, the report touches upon the history of Enterprise Risk Management and innovations related to the sphere. Apart from that, it analyzes ERM practices utilized by the chosen company by comparing risk management measures taken with the COSO model which was developed fourteen years ago. Due to that, it becomes easier to evaluate risk management strategy of Mars. Also, the report discusses issues that surround risk intelligence in the company and proposes certain recommendations that are supposed to enhance capability of the Enterprise Risk Management program developed and implemented by specialists from Mars.
Mars, Incorporated as a Key Business Player
Mars belongs to the number of the most famous enterprises related to alimentary products; the goods produced by the company are consumed almost in every country of the world. More than that, its financial success is obvious as Mars is listed among ten largest companies that were established in the United States. The given company owns a range of brands producing chocolate, bubble gum, beverages, food, and even products for pets which remain extremely popular among people of different generations. The popularity of the products produced by the company is difficult to overestimate as the particular brands owned by Mars include Twix, MilkyWay, Whiskas, Orbit and many others producing goods consumed all over the world.
Speaking about the core business activities performed by the company, it is important to mention that Mars collaborates with a great number of qualified specialists who work with design, production technology, marketing strategies, financial accounting, and sales promotion. Therefore, the key business activities performed by Mars include production and marketing. At the same time, it is necessary to understand that production involves a range of additional activities due to the facts that it is a complex process and that company manufactures a range of products including various ingredients.
Therefore, there are numerous production technologies utilized by specialists from the company. More than that, considering that Mars is supposed to be the company which pays increased attention to safety of alimentary products, its core business activities are represented by development and implementation of more effective quality control strategies that would enable the company to sustain competition in the global market and ensure that customers are satisfied.
Another topic which needs to be discussed in connection with the key business activities performed by specialists working for the company is the primary values promoted and implemented into practice by the management of Mars. The values can be seen as a part of a risk management strategy as they strengthen companies and motivate employees to do their best. The declaration of values to be promoted is a very important step for any business as the primary principles of a company often serve as a critical factor for prospective customers that need to choose from a few high-quality products.
There is no doubt that managers in Mars understand the importance of social image and mechanisms which connect it with the commercial success of any company. Therefore, they developed a clear system of values that are supported by numerous working practices used in the company. In general, values are inextricably connected with intangible resources and norms of behavior prescribed for employees working on different levels.
More than that, it is possible to distinguish between different types of values that touch upon attitude to various participants whose activity remains the important factor allowing a company to exist. The topic which always attracts a lot of attention is the basic principles defining the quality of service from the point of view of the end-customer. On their official website, representatives of Mars, Incorporated pay special attention to explaining customer values. Thus, the practices implemented within the company are based on the idea that commitment is a superior goal in business. As for the particular strategy related to business values identified by the management of the company, it is necessary to say that the approach to customer relationship is focused on five key principles such as “quality, responsibility, mutuality, efficiency, and freedom” (Who we are 2017, para.2).
In reference to the importance of quality, Mars acknowledges that its success primarily depends on consumers and their preferences. The second principle represented by responsibility acts as an idea encouraging positive changes related to management levels. As is clear from the conclusions made by the management, corporations usually present complex systems which lack personal responsibility of the particular employees due to the absence of effective mechanisms allowing to prevent violations of company rules in certain units.
Trying to utilize a different strategy in order to have a significant advantage over other corporations, Mars requires all the associates to be responsible for the quality of the goods produced and the implementation of the key principles discussed in the chapter. More than that, in order to be able to stay commercially viable, the corporation pays increased attention to ethical knowledge of applicants who want to join Mars.
Also, associates of the company are supposed to be treated fairly which excludes the possibility of any privileges. Speaking about the third principle which defines the strategy of Mars, it needs to be mentioned that the existence of mutual benefits is seen as an important sign indicating the maturity of business. The benefits highlighted by the company are not presented only by material resources; instead, Mars provides mutual benefits by mitigating negative impact of its factories on the environment. What is more, the principle is used on different levels of the business and the company encourages rewarding hard-working employees.
Efficiency is the value that is directly connected with mitigation of financial risks as the company aims to minimize the waste of resources that does not involve quality improvements and sales growth. In reference to freedom, the company mitigates the risks related to inappropriate social image and negative feedback from employees by supporting private ownership allowing managers to implement independent strategies resulting in a substantial sales growth. Therefore, all the values supported by the company are also aimed at mitigating various risks related to customer satisfaction, employee happiness, responsibility, and resource allocation.
Continuing on the topic of a corporate view of risk management, it needs to be said that the company operates in more than seventy countries which definitely makes risk mitigation a more complicated process. According to Quesenberry who holds a position of an international risk manager in the company, any effective strategy involves a non-stop education of local managers; as for the particular strategy used by Mars, it is focused on three spheres related to recovery, corporate risks, and conservation of assets (Mars’ risk manager discusses risk management strategies 2015, para.8). More than that, the corporation regards loss mitigation as one of the important tasks as well.
Speaking about the greatest risks for Mars, the interviewee claims that industrial accidents on one of the factories would be the most detrimental events. At the same time, other risks which are identified by ERM team of the corporation include social images of Mars brands that are closely related to the quality of goods. Also, risk managers see cyber problems and possibility of clients’ personal data leakage as one of the important threats. Apart from that, specialists from Mars believe that the work with crude materials also involves numerous risks as there are dishonest suppliers selling materials that can be harmful to the environment. Due to these risks, the company is planning to acquire new cyber-insurance software in order to make sure that customers’ personal data will never be illegally used by the third parties interested in undermining current financial success of Mars.
Another topic which needs to be covered in order to shed light on ERM strategies utilized in Mars, Incorporated and their outcomes is the company’s recent financial performance. Operating in six different segments, the corporation earns large sums of money which already exceed $35; the financial progress of the corporation is obvious because the annual revenue was about $33 billion three years ago.
Discussing the topic of the recent financial performance of the company, it is important to note that it can be seen as one of the reasons for criticism towards Mars. The point is that Mars has never been a company that relies on full transparency then it comes to issues related to its owners. Due to the fact that the corporation declares honesty to be one of its key principles, many people see this tendency as one of the factors having a negative influence on the level of trust to Mars in the global community.
The recent financial success of Mars can be explained by the facts that their products are extremely popular among customers in different countries due to their gustatory qualities, distinctive package design, and positive associations produced by the images from promotional videos. Apart from that, specialists from Mars do their best in order to improve social image of the company; thus, the corporation collaborates with numerous charitable organizations. In particular, Mars helps dog shelters and supports wildlife protection initiated by WWF (Product and marketing highlights 2015).
In the end, as it can be seen from the key information concerning the activity of Mars, Incorporated, it belongs to the number of the most influential business players in the twenty-first century. The risk mitigation strategy utilized by this corporation is based on the key principles of Mars and the results of a thorough business risks analysis performed by its RM team.
Enterprise Risk Management: The Current State-of-the-Art
ERM is a sphere that involves numerous methods capable of mitigating business risks for enterprises. Nowadays, there are a great number of companies using ERM as the latter enables managers to protect and multiply assets, improve the experience of customers and employees and accrue benefits from situations that could involve losses. In general, those companies implementing ERM programs aim to improve understanding of risks and the degree to which they pose a threat to companies’ successful performance. More than that, a proper ERM strategy involves systemization of risks allowing to keep track of changes and pay more attention to those problems involving the greatest risks.
Nowadays, there are a few frameworks used by companies implementing ERM to improve performance and secure their assets. The major difference between traditional approach to risk management and ERM lies in the fact that the latter involves application of systems thinking whereas usual RM practices regard business risks for companies separately which makes such approaches less effective.
The approach to ERM developed by CAS more than ten years ago is still believed to be a strategy that propels risk management to the next level (Ching & Colombo 2014). According to the discussed framework, ERM provides managers with an opportunity to define and control financial risks as the given approach combines the knowledge on various RM procedures and the properties of different risks. In reference to the particular types of risks mentioned within the frame of the approach, the major dangers are connected with uncontrolled circumstances (such as the occurrence of accidents, cases of dilapidation, and employees’ malefactions).
Also, CAS framework singles out a group of financial risks, risks related to production processes, and strategic performance (ERM definition and framework n.d). Based on the type of risk, a risk manager is supposed to define the best strategy allowing to mitigate possible losses. In general, steps taken by those risk managers utilizing this approach include identification and analysis of potential risks, defining the possibility of different outcomes, systemization of risks based on the severity of threats they produce.
Having performed these tasks, members of risk management teams are expected to apply the data collected in order to develop a few alternative strategies that would enable specialists from a company to control the identified risks. More than that, the approach developed by CAS involves the last step which is connected with monitoring the work of different units and keeping track of changes that can make the situation more dangerous and complicated. These steps present the algorithm proposed by CAS which remains one of the most popular approaches to ERM used by influential business people.
Another framework that reflects and synthesizes the knowledge in the field was proposed by COSO that is one of the well-known organizations in the United States working with enterprise management theories. Although the framework was proposed more than ten years ago, it is still considered to be a reference model for many organizations. Being actively implemented in practice, the given framework is seen as the best model allowing to assess risks and secure business. The COSO framework states that proper risk management activities should involve participation of specialists on different levels because the combination of various employees’ personal experience allows to conduct a thorough analysis (Hayne & Free 2014). The model proposed by COSO consists of basic elements and categories defining the success of a strategy.
One of the basic notions applied within the frame of the model is the ability to set appropriate objectives. In general, it is believed that objectives need to be established at the beginning of the process because risk managers will need to connect the dots and define the factors that can act as a setback to company’s ambitions. Another element is related to the analysis of an internal environment. The given task enables risk managers to see risks through employees’ eyes. More than that, the elements include analyzing risks and responding to them, identifying the events that may entail risks, effective information exchange within a company, well-timed application of means of control, and monitoring.
Mars, Incorporated and Enterprise Risk Management Strategy
Mars, Incorporated is known as one of the largest companies that have implemented ERM practices to improve their performance and secure revenues.
There have been a lot of moments in the history of Mars corporation that could produce significant risks, and these crisis points usually existed due to major changes in inner structure of the company. For instance, in the beginning of the twenty-first century, the owners have made the decision to hire non-family managers and, therefore, enlarge the team of contributors into the success of this corporation. During the same period, the sales of the corporation were growing drastically which helped Mars to gain a competitive advantage over its key business rivals and strengthen its positions in the global market. In fact, there are a lot of researchers who suppose that there is the direct link between this stunning success and the implementation of ERM tools (Fraser, Simkins & Narvaez 2014).
Ten years ago, there were very few specialists in the field of management who were experienced enough to implement such models as COSO framework that seemed to be very complicated. Being thrown into a dilemma concerning the most appropriate model to refer to, managers working for Mars decided to give pride of place to development and implementation of the custom model that would help the corporation to mitigate significant business risks, taking into account the characteristics making Mars different from other businesses. At the same time, those managers believed that COSO framework was not the best alternative in that situation even though it was used by some of their competitors.
Understanding that it was necessary to apply ERM instead of any other approaches, the specialists started hard work immediately as time is also a precious resource when it comes to management and risk mitigation. As stated in the book by Fraser and his co-authors, one of the first steps taken by the specialists was conducting a survey to understand the opinion of the upper management of Mars. The given survey has proven to be a very useful tool allowing to generalize the way that different managers saw the most important risks.
Apart from that, the team assessed risks, operating such categories as geographical location of certain units whose work was associated with the greatest threats, risks related to suppliers’ performance, and the primary functions of the business. Initially, managers decided to implement such method as the analysis of gaps which still remains extremely popular when there is the need to solve problems related to management.
In fact, the use of this method involves a thorough analysis of two situations – the actual state of things and the desired one. Thus, conducting such analysis, managers are supposed to compare the two states in order to single out certain gaps that still have an influence on the performance of a company. Obviously, the application of such method is extremely useful as it allows specialists to analyze different operations performed by their companies to define which spheres need to be improved in the first instance. Speaking about the initial stages of ERM implementation in Mars, it needs to be said that it was clear to every person that these new steps related to effective risk mitigation had to involve the concerted efforts of its key managers.
Therefore, a series of meetings devoted to discussion of risk environment and the most obvious threats were conducted. In this connection, it is important to summarize the conclusions that the members of risk management team were able to come to; according to Fraser, Simkins, and Narvaez (2014), the working group holding those meetings concluded that Mars was excessively ambitious in terms of development and brand building.
To put it in other words, specialists from the corporation were setting aside too little time to achieve success and strengthen the positions of Mars in the global market whereas everyone should understand that it has never been easy to earn customer loyalty and such processes usually require more time. Having understood the simple truth, the representatives of the corporation declared that the company was ready to change the approach to introduction of new products into the market. It is clear from the story described by the authors that those meetings enabling every member of the global management team to express her or his opinions on the needs of the company were extremely important. In fact, difficult situations may require teamwork as the experience of each member helps to see the aggregate picture of risks for a company more clearly. To continue, there is no doubt that the active position of specialists from risk management team was significant in terms of knitting people from different units together.
Making the attempts to take into consideration the opinions of senior managers on further RM strategy, they were able to attain their commitment and, therefore, strengthen the links between different levels of the enterprise. Apart from that, the meetings encouraged the positive change of power in the corporation as the new chief financial officer was found very fast. The new approach to risk management that involved the use of regular meetings was an important innovation as it allowed every person to unlock their potential; if often happens in different companies that there are important problems strictly related to business risks that are discussed only in personal conversations.
Thinking that they lack specific knowledge helping to mitigate the risks in an effective manner, some specialists may be underconfident which prevents them from declaring that they need others to come to a meeting to discuss something they have invented. At the same time, holding meetings with representatives of senior management teams, specialists responsible for the effective risk management were encouraging the former to share any ideas concerning urgent risks and unite their strong points for the sake of the final results.
As the experience of many people shows, the ideas which tend to be omitted during official meetings often provide a fresh perspective on a problem, and this is why people should be motivated to express any thoughts they find important. After a series of successful meetings conducted in 2004, risk managers were expected to implement other ERM practices, and this is why the new multifunctional team was created (Fraser, Simkins & Narvaez 2014). Another important fact concerning ERM at Mars is that the practices chosen suffered significant changes; the team created at least two different programs as the initial variant was rejected.
In general, the strategy was based on the following goals:
- To encourage risk discussions among representatives of different business units;
- Create new methods to track business performance;
- Encourage financial responsibility.
One of the tools used by RM team during the work was a risk profile score, a tool which helps to prioritize risks so that the following measures will be based on the objective analysis. As indicated in the picture below, the severity of consequences of the event and its possibility should be considered during risk assessment.
Another important step that helps to define if a company is mature in terms of ERM is to compare the practices which it utilizes within the COSO framework. As is clear from one of the books used, risk managers from Mars corporation did not agree to apply this framework thirteen years ago. Nevertheless, the situation could have changed.
The first component of ERM defined by COSO is the analysis of internal environment. Among other things, this point is used to define the vision of risks that associates have. When it comes to the first component and its application, it is obvious that its importance has been taken into account more that ten years ago when risk managers started using surveys to summarize the vision of general managers and understand the way they responded to risks. Also, the component includes analysing employees’ ethical values – nowadays, Mars focuses extensively on ethical principles of its employees to ensure their inclusion (Mukerjee 2014).
The second component which is connected with objective setting is also presented in the work of the corporation. For instance, it is clear from the interview with Donny Quesenberry that specialists at Mars do their best to set objectives. For instance, this specialist visits different units on a regular basis to identify potential problems in their infancy. In order to prepare plans for future meetings and process the data in an effective manner, risk managers at Mars use a range of tools such as Excel, Word, and other programs allowing to categorize and classify risks.
Another component included in the COSO framework is related to identification of events which may become roadblocks on the way to success or, instead, provide new opportunities. In general, there is a great number of such events and every large enterprise tries to take them into account. Similarly, specialists from risk management team at Mars conduct their analysis to identify the potential problems. Thus, Quesenberry supposes that the range of risks faced by Mars includes numerous uncontrolled events such as accidents (Mars’ risk manager discusses risk management strategies 2015). At the same time, he and other specialists are able to find opportunities in certain events – thus, the possibility of data leakage is seen as the stimulus to improve the protection of customers’ personal data.
As for the risk assessment that remains one of the key components of the COSO framework, it is clear that Mars utilizes advanced tools helping to define the possibility of the occurrence of identified risks and the degree to which they may complicate basic business operations. Obviously, due to strong competition, the company does not put the detailed information online, but Quesenberry presents the most significant risks such as reputation, data protection, and safety of crude materials in his interview.
The next component, a response to risk, is also considered by the risk management team of the corporation. In fact, there is a wide range of measures that are planned to be taken to mitigate the most significant risks named by Quesenberry during the interview. Speaking about this stage of risk management, it needs to be noted that risk managers at the corporation propose numerous solutions during their regular meetings.
Thus, Mars has taken the decision to acquire new software ensuring cyber security. In 2015, Mars has managed to significantly reduce the amount of waste, trying to respond to environmental risks and improve its reputation (Reduce waste 2016). Control activities performed by Mars also bring important results. For example, the quality of products which is listed among the primary risks for the corporation is controlled by special teams. Due to the complicated structure of the corporation, its control activities are successfully performed in each unit (Our quality and food safety policy n.d.).
In reference to good communication within the enterprise which is also a component mentioned in the COSO framework, it is obvious that Mars ensures proper information exchange allowing employees to stay informed in case of important changes. For instance, Quesenberry also supports effective information exchange by paying regular visits to units in different countries to give presentations on ERM and let other specialists adopt his experience.
Monitoring is another component that involves controlling RM processes and making adjustments where necessary. The early stages of ERM practices implementation art Mars indicate that numerous changes were incorporated into its strategies.
Therefore, it is clear that specialists at Mars have an extensive experience when it comes to ERM. Through trial and error, they have managed to improve ERM processes in the corporation. The changes implemented into their strategy exist due to unstable business environment; their strategy involves prompt responses to new threats such as improved tools used by cyber criminals. In general, the success of their ERM activities is indicated by stable revenue growth. To sum it up, the ERM approach of Mars involves all the elements indicated in the COSO framework which proves the corporation’s RM maturity.
Enterprise Risk Management Difficulties at Mars, Incorporated
It is clear from the data reported in previous sections that the approach of Mars to ERM seems to be quite effective due to its improving financial performance. In fact, the example of Mars corporation demonstrates the responsible attitude to risk management among specialists assigned with this task. Despite that, it is possible to identify certain difficulties that surround collating and acting upon risk intelligence in the corporation.
To begin with, the surveys used by the members of risk management teams as one of the initial steps of ERM implementation could contain contradictory information (Fraser, Simkins & Narvaez 2014). Consequently, some members of the global management team were likely to give answers that thwarted one another. Therefore, it is possible to suppose that such peculiarity could significantly reduce the practical applicability of the data collected.
Speaking about the difficulties that could cause this misunderstanding, it is important to note that the presence of common terms that are clearly understood by every participant of the survey can be regarded as one of the most significant factors that are indissolubly related to the objectivity of risk intelligence data. At the same time, objectivity and self-consistency of data collected to perform ERM practices should always be prioritized due to the fact that they often define the success of the entire risk management strategy.
There is no doubt that the importance of common terms and thorough explanations (especially when it comes to implementing innovative approaches to risk management) should never be underestimated as it defines future performance. Therefore, one of the major difficulties indicated by the representatives of the discussed corporation can be regarded as a direct consequence of misinterpretations of terms and the lack of common RM language understood by employees on different levels.
In order to improve the situation, risk managers may need to pay more attention to the knowledge of theoretical positions related to ERM which is demonstrated by employees on different levels. Apart from developing measures (such as making, correcting, and translating special glossaries or preparing educational mediums) to improve the average competence level within the corporation, specialists related to risk management are supposed to put an increased focus on knowledge of those individuals whose activity may have an impact on the outcomes of ERM programs.
Another difficulty related to risk intelligence at Mars which is indicated by Fraser, Simkins, and Narvaez (2014) is connected with the necessity to find specialists responsible for each risk and set the most appropriate project completion dates. Experimenting with templates and tools allowing to collect data on risks and the measures that could improve the unwanted situation, the members of risk management team understood that there was a need to set additional elements that would encourage a more responsible attitude to risk management activities identified by the team and the outcomes of their implementation. Therefore, it was decided to analyze each risk, find the party that could be responsible for the outcomes of the project, and set a clear time frame helping the chosen parties to organize their work in a more effective manner.
The difficulty related to this stage of risk management planning lies in the fact that assigning one group with responsible tasks to be shared cannot be seen as the most appropriate initiative. In fact, the need to bear responsibility for the outcomes of projects developed in accordance with ERM principles could be added to other regular duties of specialists from these groups. More than that, there were a few cases when certain mistakes related to assigning tasks were made. Due to that, some of the units that were supposed to implement risk mitigation strategies and report their results were not able to complete the assigned tasks before the deadline identified on the upper level. At the same time, imperfections related to the process could cause the situations when responsible teams did not have enough resources to accomplish the tasks.
Recommendations to Enhance Enterprise Risk Management Capability
Even though Mars Corporation is often identified as one of the most successful enterprises and the most influential players in the global market, there are no companies whose approaches to ERM could not be improved. Based on the information about Mars Corporation retrieved from different sources, it is possible to give the following recommendations aimed at enhancing their ERM capability:
- Hiring new employees is much more expensive than improving the knowledge level of people who already know specific features of the company. Considering that specialists on all levels are somehow connected with risks, it may be necessary to pay more attention to employee education based on the latest ERM trends.
- Implementing the ERM project, specialists responsible for the outcomes should establish the unity of terminology and ensure parties involved in project execution have no disagreements.
- Mars operates in more than fifty countries which means that there is a great variety of risk appetites. Therefore, developing projects, risk managers from large companies should take into consideration unique risk appetites in different countries and units.
- The relationship between costs and benefits of any ERM project may vary due to changes in business environment. To improve ERM capability, it may be necessary to assign people responsible for the project outcomes with the task to report any dangerous changes to their managers.
- Projects aimed at reducing environmental risks caused by crude materials’ quality should enable the company to improve communication with suppliers and demonstrate its willingness to be transparent in terms of quality.
- Prior to project implementation, more attention needs to be paid to preliminary analysis indicating whether the unit assigned with the task has enough time and resources to fulfill the objectives set by the upper management.
- Due to scandals with funding animal testing which had a negative effect on the corporation’s social image, risk managers at Mars have to pay more attention to practices in the particular units as they can reduce ERM projects’ effectiveness.
Reference List
Ching, HY & Colombo, TM 2014, ‘Enterprise risk management good practices and proposal of conceptual framework’, Journal of Management Research, vol. 6, no. 3, pp. 69-85.
ERM definition and framework n.d. Web.
Fraser, J, Simkins, B & Narvaez, K 2014, Implementing enterprise risk management: case studies and best practices, John Wiley & Sons, New York, NY.
Hayne, C & Free, C 2014, ‘Hybridized professional groups and institutional work: COSO and the rise of enterprise risk management’, Accounting, Organizations and Society, vol. 39, no. 5, pp. 309-330.
Mars’ risk manager discusses risk management strategies 2015. Web.
Mukerjee, K 2014, ‘Fostering employee engagement in organisations: a conceptual framework’, International Journal of Management Practice, vol. 7, no. 2, pp. 160-176.
Our quality and food safety policy. n.d. Web.
Product and marketing highlights. 2015. Web.
Reduce waste. 2016. Web.
Risk assessment matrix. 2017. Web.
Who we are. 2017. Web.