Abstract
This report highlights the importance of holistic risk assessments as a basis for developing a comprehensive risk management report. Bank Nordik is used as a case study and its risks are analyzed, relative to their economic and legal impacts. Then main risk categories identified are opportunity, control, hazard, and compliance. Control measures adopted by the firm to manage these risk categories are explored in this investigation and the findings used as a justification for the development of a robust risk management plan. The findings are meant to improve the company’s stability in today’s fast-paced and uncertain business environment.
Introduction
This paper uses Bank Nordik, which operates in the Faroe Islands – Denmark, as a case study on risk management. Founded in 1906, the firm primarily engages in the provision of banking services and insurance products (Bank Nordik Inc., 2017). By studying the enterprise, important risk categories will be identified and their impacts on the organization’s performance assessed from legal and economic perspectives. The conclusions developed from the investigation will be useful in developing the company’s risk management plan.
Occurrence of Risk, Relative to Economic and Legal Implications
The severity of a risk often has varied implications on the operations of a firm. In the context of this study, these implications are assessed based on their legal and economic impacts on firms, as shown below.
Definition of Risk
Risk refers to the exposure of companies to factors that could lead to their failure or underperformance. The Corporate Finance Institute (2021) describes risk as “The probability that actual results will differ from expected results” (p. 1). Risks could originate from within or outside of an organization, implying that it is difficult for companies to protect themselves from them. However, the probability of occurrence varies across businesses and sectors (Luisa and Maria, 2020). Their impact and severity also fluctuate in the same manner and have widespread economic and legal implications.
Difference between Risk and Uncertainty
Risk and uncertainty are related concepts because they both express conditions for loss. However, the concept of risk is different from uncertainty because it describes situations that could lead to negative outcomes for an organization, such as loss or danger, while uncertainty embodies the possibility of realizing both negative and positive outcomes in business (Corporate Finance Institute, 2021). Therefore, both concepts differ in their outcomes because risk is negative while uncertainty could be either negative or positive.
Origins and the Nature of Risk
The nature of risk is that it represents uncertainty in the realization of corporate objectives. Risk originates from various sources, including indecision, technological advancements, market cycles, and political compulsions, just to mention a few (Axler, 2019). Hopkins (2017) classifies risks as compliance, hazard, control, and opportunity risks. Nonetheless, historians first documented risk as discussions involving two French mathematicians – Blaise Pascal and Pierre Fermat (Axler, 2019). The works of Blaise Pascal are central to this investigation because he introduced Pascal’s Wager concept, which dealt with questions regarding risk analysis using God’s existence, as an example. In his texts, Pascal admitted that it was difficult to come up with a definite answer regarding the existence of God by simply using logic and reasoning (Bartha and Pasternack, 2018). Therefore, he emphasized the importance of evaluating risks based on their impact. Broadly, his arguments suggested that two types of outcomes are inherent in risk analysis – “being right” and “being wrong.” Given that each outcome has a cost, they need to be factored in decision analysis processes.
Business and Social Setting
As highlighted in this report, Bank Nordik is a registered financial institution in Denmark. Its target customers are individuals and corporate institutions who need banking and insurance services. The headquarters is in Faroe Island, which is a self-governing territory with a population of about 48,000 people (Bank Nordik Inc., 2017). The culture of the people of Denmark is based on tolerance and a high regard for equality and open communication (Passport to Trade, 2019). Danes also refrain from having personal conversations with unfamiliar people but would be willing to help those who are in need of their assistance (Passport to Trade, 2019). The people of Faroe Island speak Faroese as their first language, Danish as their second, and English as their third (VFI, 2016). They are mostly of European descent and come from Iceland, Norwegian, and Sweden (VFI, 2016).
Identification of Risks in the Context of Economic and Legal Implications
Compliance Risks
Compliance risks refer to hazardous elements in the workplace that could result in material loss or the forfeiture of an organization’s assets if it does not comply with existing laws or policies (Zaby and Pohl, 2019). In the context of Bank Nordik’s operations, compliance risk emerges from adherence to capital requirements, rules, and regulations outlined by the Faroese Financial Business Act (IBP, Inc., 2017). This law requires the bank to maintain a minimum capital requirement of 8% on identified risks (Bank Nordik Inc., 2020a). According to the company’s last audited financial reports, the total capital at risk is DKK 2.5 billion or USD390 million if this type of risk is not complied with (Bank Nordik Inc., 2020a). Legally, the bank could be put under receivership or its operating license withdrawn if it fails to comply with the provisions of the Faroese Financial Business Act. Based on an FSA-approved risk assessment report, there is a low probability of compliance risk occurring (Bank Nordik Inc., 2020a). This is because of the company’s robust financial and capital management policies.
Hazard Risks
Hazard risks are associated with the occurrence of events or incidences that could lead to the loss of property or life. In the context of Bank Nordik’s operations, fire is the main hazard risk. This type of risk could have an economic impact size of DKK6.4 million or USD1 million, based on the total value of tangible assets associated with Bank Nordik (Bank Nordik Inc., 2020b). In case of liability, the legal implications of this risk will be transferred to the insurer because Bank Nordik has taken insurance policies on fire risk (Bank Nordik Inc., 2020a). However, there is a low likelihood of this risk occurring because its fire safety standards are periodically reviewed and enforced (Bank Nordik Inc., 2018). Therefore, there is a low probability of hazard risks affecting Bank Nordik’s operations.
Control Risks
Control risks are associated with the poor observance of policy rules and regulations governing a company’s operations. In the context of Bank Nordik’s operations, control risks are linked to the management of the bank’s insurance business. The bank owns two insurance firms namely Trygd and NordikLív and they pose a low risk of insolvency to the bank’s operations. This risk is valued at DKK283 million or USD40 million (Bank Nordik Inc., 2020a). It is estimated that the occurrence of this risk would only negatively affect the company’s solvency status by 0.6 points, which is insignificant to its sheer volume of operations (Bank Nordik Inc., 2020a). Therefore, there is a low probability of control risks influencing the organization. However, the legal implications of risk occurrence are that the banking business could be liquidated to cover financial commitments from the insurance division.
Opportunity Risks
Opportunity risks are associated with the cost of following one strategic option for attaining an organization’s objective over another. In the 2020, risk management report, the bank reported the sale of its Danish operations to Spar Nord for a goodwill amount of DKK255 million or USD 40 million (Bank Nordik Inc., 2020a). This transaction amount highlights the economic implications of this risk profile for the bank because it made the sale to maintain its competitiveness. The legal implication of the occurrence of this risk is the regulatory disapproval of the sale. However, there is a low probability of this risk occurring because Bank Nordik’s historical credit risk figures emphasize this fact (Bank Nordik Inc., 2020a). At the same time, this risk would have a low impact on the bank’s operations because it monitors its exposure through an elaborate portfolio management plan.
Risk Management Plan
Control Measures
- Compliance Risk: The main compliance risk highlighted in this document is Bank Nordik’s adherence to capital requirements, rules, and regulations outlined by the Faroese Financial Business Act. The Chief Financial Officer (CFO) has the responsibility of controlling such risks by making sure that financial policies and regulations are followed as originally intended (Bank Nordik Inc., 2018). He does so using three techniques with the first one being monitoring the bond portfolio to make sure its processes are compliant with relevant laws (Bank Nordik Inc., 2018). The second part of the risk management plan involves compliance stress testing, based on the outcomes of daily and monthly risk reports. The third aspect of the contingency plan involves complying with a 12-months funding requirement of the bank (Bank Nordik Inc., 2017). This strategy is aimed at making sure the organization complies with all financial regulatory laws in the Faroe Island.
- Hazard Risk: In dealing with fire, Bank Nordik regularly updates its building fire and safety codes to make sure they are at par with relevant standards (Bank Nordik Inc., 2020a). A fire alarm, fire extinguishers, and a fire management plan have also been formulated in the organization to minimize the occurrence of this risk (Bank Nordik Inc., 2020a). These measures are aimed at minimizing the risk exposure of fire to the bank’s operations.
- Control Risk: As highlighted in this document, Bank Nordik’s control risks are defined by the proper management of the bank’s capital adequacy requirements, which may lead to insolvency if improperly done. The bank conducts monthly risk reports to get frequent feedback on areas that require attention (Bank Nordik Inc., 2020a). Bank Nordik’s credit department also prepares a quarterly risk management report on its capital adequacy status and submits it to the credit risk committee for evaluation (Bank Nordik Inc., 2018). In this plan, individual impairment reports are often compared against group portfolio findings and disparities addressed before they affect other aspects of the bank’s operations. Relative to this statement, Miller (2019) affirms the importance of frequent reporting when conducting risk evaluations and assessments.
- Opportunity Risk: As highlighted in this document, Bank Nordik’s opportunity risks refer to the sale of its Danish operations to maintain competitiveness. To minimize the occurrence of adverse effects, the bank uses a “supervisory diamond” plan, to minimize the impact of the risk, based on five key areas of assessment that include loan growth, exposure towards real estate investments, liquidity, and funding (Bank Nordik Inc., 2017). To minimize exposure, the bank holds on to government-backed securities and investments in offshore markets and currencies to boost liquidity (Bank Nordik Inc., 2017). At the same time, it maintains foreign currency reserves to manage volatility that may emerge from large transactions (Bank Nordik Inc., 2018).
Corrective Actions
- Compliance Risk: In the event of compliance risk occurring, Bank Nordik conducts structural liquidity risk adjustments to detect cases of capital inadequacy in affected operational areas (Bank Nordik Inc., 2021). Additionally, internal auditors conduct annual evaluations to improve compliance with rules and guidelines. Chapelle (2019) and the Food and Agriculture Organization of the United Nations (2018) have highlighted the successful use of such an approach to minimize the same type of risk.
- Hazard Risk: Bank Nordik has taken an insurance policy to cover the risk of fire (Bank Nordik Inc., 2017). Journé, Laroche, and Bieder (2020) propose such an approach as an adaptable solution to managing hazard risks in today’s workplace. The risk of fire is also corrected through the transformation of the bank’s operations from brick-and-mortar processes to technology-based processes. Therefore, if property is damaged, the bank’s operations could still go on (Yamani, Long and Itoh, 2020; Abbasi et al., 2019). As recommended by Li and Burns (2017), automation and capacity adjustments are also completed regularly to stabilize the ICT system. In addition, according to hazardous risk guidelines expected of publicly listed companies in the Faroe Island, Bank Nordik also undertakes periodic evaluations of its control environment to ensure that management goals are being met in all business and functional areas.
- Control Risk: As highlighted in this report, Bank Nordik’s control risks relate to its ownership stake in two insurance firms namely Trygd and NordikLív (Bank Nordik Inc., 2021). In the event that such a risk materializes, the company’s insurance operations will be detached from those of the bank and associated losses assigned to the affected enterprise accordingly. Bank Nordik will also activate the reinsurance agreements it has with third party players to avoid paying for associated losses from its company accounts (Bank Nordik Inc., 2021).
- Opportunity Risk: As highlighted in this document, Bank Nordik’s opportunity risks refer to the sale of its Danish operations to maintain its competitiveness. In the event that this risk materializes, the bank has to discontinue its Danish operations and only focus on its Faroe Island business (Bank Nordik Inc., 2021). This is because the company’s shareholders have recognized the difficulty of maintaining the group’s competitiveness in the Danish retail-banking sector, while enjoying a Systematically Important Financial Institution (SIFI) designation in the Faroe Island (Bank Nordik Inc., 2021).
Record-Keeping and Review Frequencies
Overall, the findings of this report have demonstrated that Bank Nordik’s risk profile is categorized into four groups: hazard, opportunity, compliance, and control risks. As proposed by Guha (2018), Ding, and Sickles (2018), organizations need to rank these risks based on their severity and impact to identify priority areas. Gottardo and Moisello (2018) add that, after doing so, management should direct most of its HRM resources to address these risk areas. Consequently, its HRM processes would become more efficient, thereby reducing the likelihood that any of the above-mentioned categories of risk would have an extensive impact on the organization’s performance (OECD, 2020). The risk events present in this report include hazard – fire, opportunity risk – sale of the Danish business, compliance risk – the Faroese Financial Business Act, and control risks, which are linked to the management of the bank’s insurance business. Each of these risks should be managed by different departments and in different frequencies as outlined in table 3.1 below.
Table 3.1 Risk Reporting (Source: Developed by Author)
Overall, all the risks identified in this study need to be registered in the group’s overall risk report, which is submitted to the Board of Directors on an annual basis (Bank Nordik Inc., 2021). The assignment of tasks across different departments is consistent with the views of Lam (2017), which suggest a direct line of reporting between departmental managers, risk committee members, and the CEO. Alternatively, the frequency of reporting is informed by the views of Adoko (2017), which outlines thresholds for realizing organizational situational awareness on weekly, monthly, or annual bases.
Summary
This report has highlighted opportunity, hazardous, control, and compliance as risk factors affecting Bank Nordik’s operations. Current control mechanisms adopted by the bank suggest that none of the four risk profiles have a high likelihood of occurrence or a significant impact on the bank’s financial performance. However, the enterprise needs to redirect its HRM resources to address risk categories with the highest impact on current operations. Additionally, the frequency of record keeping should be as per the proposed guideline to enhance accountability and eliminate adverse effects of known risks.
Reference List
Abbasi, W. A. et al. (2019) ‘Research on measurement of supply chain finance credit risk based on Internet of Things’, International Journal of Distributed Sensor Networks, 15(9), pp. 1-10.
Adoko, O. P. (ed.). (2017) Risk management strategies in public-private partnerships. New York, NY: IGI Global.
Axler, S. (2019) Measure, integration, and real analysis. New York, NY: Springer Nature.
Bank Nordik Inc. (2017) Risk management report.
Bank Nordik Inc. (2018)Risk management report.
Bank Nordik Inc. (2020a) Risk management report 2020.
Bank Nordik Inc. (2020b) Annual report 2020.
Bartha, P. and Pasternack, L. (2018) Pascal’s Wager. Cambridge: Cambridge University Press
Chapelle, A. (2019) Operational risk management: best practices in the financial services industry. London: John Wiley and Sons.
Corporate Finance Institute. (2021) Risk.
Ding, D. and Sickles, R. C. (2018) ‘Frontier efficiency, capital structure, and portfolio risk: an empirical analysis of U.S. banks’, Business Research Quarterly, 21(4), pp. 262–277.
Food and Agriculture Organization of the United Nations. (2018) Innovative risk management strategies in rural and agriculture finance: the Asian experience. Rome: Food and Agriculture Organization.
Gottardo, P. and Moisello, A. M. (2018) Capital structure, earnings management, and risk of financial distress: a comparative analysis of family and non-family firms. New York, NY: Springer.
Guha, P. (2018) ‘Application of multivariate-rank-based techniques in clustering of big data’, Vikalpa, 43(4), pp. 179–190.
Hopkins, P. (2017) Fundamentals of risk management: understanding, evaluating, and implementing effective risk management. London: Kogan Publishers.
IBP, Inc. (2017) Faroes islands business law handbook volume: strategic information and basic laws. London: Lulu.com.
Journé, B., Laroche, H. and Bieder, C. (eds.). (2020) Human and organizational factors: practices and strategies for a changing world. New York, NY: Springer Nature.
Kirikkaleli, D. et al. (2020) ‘The perception and culture of operational risk in the banking sector: evidence from Northern Cyprus’, SAGE Open, 10(4), pp. 1-10.
Lam, J. (2017) Implementing enterprise risk management: from methods to applications. London: John Wiley & Sons.
Li, Y. and Burns, C. M. (2017) ‘Modeling automation with cognitive work analysis to support human-automation coordination’, Journal of Cognitive Engineering and Decision Making, 11(4), pp. 299–322.
Luisa, D. and Maria, G. I. (eds.). (2020) Transdisciplinary perspectives on risk management and cyber intelligence. New York, NY: IGI Global.
Miller, G. P. (2019) The law of governance, risk management, and compliance. 3rd edn. London: Wolters Kluwer Law and Business.
OECD. (2020) OECD reviews of digital transformation going digital in Brazil. London: OECD Publishing.
Passport to Trade. (2019) Business culture in Denmark.
VFI. (2016) Language.
Yamani, Y., Long, S. K. and Itoh, M. (2020) ‘Human–automation trust to technologies for naïve users amidst and following the COVID-19 pandemic’, Human Factors, 62(7), pp. 1087–1094.
Zaby, S. and Pohl, M. (2019) ‘The Management of reputational risks in banks: findings from Germany and Switzerland’, SAGE Open, 9(3), pp. 1-15.