Home > Book Reviews, CorpFin Cafe, Risk Management > Discipline #6: CFO as the Regulator of Risk

Discipline #6: CFO as the Regulator of Risk

August 14th, 2009

     In my last segment on Jeremy Hope’s book, “Reinventing the CFO”, I covered Discipline #5, or the CFO as the Master of Measurement. I had mentioned that this was one of my favorite sections of the book, and the one area I so rigorously incorporate into my day-to-day operations. Not only in a financial perspective, but in an operational perspective. Without measurement, there is no assessing the progress the company is making, not to mention the accountability that measurement can bring into the development of management goals.

     However, there is no more an important role for the CFO than as a Regulator of Risk. Assuming the role of “Regulator” needs to be more than ensuring your producing financial reporting that is compliant with GAAP or that you’ve taken the time to meet with your Sales group to ensure that there is legitimacy to a recently submitted Forecast. If this is the extent of your risk regulation activities then you’re doing nothing more than assuming the role of a Controller or Auditor. In Hope’s book he identifies key areas in the management of risk and uncertainty:


         Set the highest standards of ethical reporting and behavior

         Regularly review the key pressure points for excessive risk taking

         Manage risk across the whole organization

         Approach uncertainty with an open mind

         Provide effective feedback controls


     Regardless of the size of organization I have been involved with, I’ve always made it my business to be hands-on in the areas where I perceived a material level of risk with the company. Whether this was in the area of A/R for key accounts and the application of credit insurance, management of our IP asset base, order backlog & our outstanding P.O. commitments, legitimacy of an aggressive sales forecast, or any H.R. related issues, I was involved. It doesn’t mean that I was necessarily setting policy or managing the day-to-day in these specific areas, but I did have an understanding of what was happening in these areas and the concerns of the Managers responsible. It also doesn’t mean that we never encountered hiccups in these areas either. However, the flow of information was consistent enough that when it hit the radar we were able to act pretty quickly to mitigate the negative impact to the company.

     This is a great area of Hope’s book and it should be clear to anyone responsible for managing risk that it can’t be covered in a single chapter. But Hope brings up some great points for review. As I’ve heard discussed in the circles of Law Enforcement, the CFO “should respond to the spirit of the law rather than just the letter of the law. Governance and risk management are about more than checking off the boxes.” He also discusses the need to “be uncompromising about ethical behavior. Be the guardian of ethical standards and the last line of defense against unethical reporting.” 

     I do like these points, but again, these tend to be reactionary as opposed to preventative. Prior to my CFO roles, I was fortunate enough to work under some great CFO’s who mentored and included me in their daily regimen. They were all forward looking and instilled the need to look ahead and be wary of that which would derail the ability to meet your results; anything that would have a material impact on the financial results. Trust in nothing and always have your contingencies in place. It’s the approach that I’ve continued to incorporate in my day-to-day routine and in the development of longer term financial plans. As a “Regulator of Risk” you need to ensure that you’ve done more than just make sure your insurance policies are current. Have you done what you need to protect and ensure your results?


Thanks for reading . . . . 

Jeffrey Ishmael

Comments are closed.