The Future of Risk is Informed by its Past

‘Risk’ has been around pretty much from the dawn of time, ever since cavemen first burned their hands in the fire. Since then, we’ve developed a number of different ways in which to measure and manage risk, asserts David Walter. In fact, many of the fundamental principles of risk assessment have remained constant for over 500 years. By understanding these core principles and applying them to modern risk practices, such as data analytics, we can better understand how to make the most of this data, provide better insights and improve business outcomes.

Let’s take a walk down memory lane… ‘An accountant, a mathematician, a lawyer and a gambler… The birth of risk management…’

In 1494 Luca Pacioli, otherwise known as ‘the father of accounting’, posed a seemingly simple problem: a scenario where Players A and B are competing in a fair game of chance to win a prize. They agree to continue until a player has won six rounds, but the game would stop after Player A has won five and Player B has won three. The question was: ‘How should the prize be divided?’

This became known as the “problem of points” and stumped mathematicians for nearly 200 years. That was until Chevalier de Mere, a renowned gambling addict, posed the same question to mathematician Blaise Pascal.

Pascal teamed up with lawyer Pierre de Fermat to solve the problem once and for all, using a systematic method for analysing future outcomes. This formed the beginnings of a logical analysis of probability (one of the key inputs into understanding and being able to manage risk by assessing likelihood).

Mathematical exercise

Luca Pacioli

Luca Pacioli

In Pascal’s time, risk management wasn’t connected directly to commercial benefit. In truth, it was largely a mathematical exercise. It wasn’t until 1687, in London, that risk management became an industry.

Edward Lloyd operated a coffee house on the docks of the Thames, which was a favourite haunt of sailors and tradesmen who dropped in during their worldwide goods trade. While Lloyd did serve a mean-spiced chai latte, he made his fortune by realising the value of the maritime risk intelligence his customer base possessed.

As the sailors and traders sipped their warm beverages, they ‘talked shop’. Lloyd engaged with his customers and began capturing the information they were communicating – titbits regarding hazards on new and existing shipping routes as well as the conditions of goods in newly discovered ports. This information became Lloyd’s List, one of the world’s oldest continuously running maritime intelligence journals and which is still published today.

Lloyd’s List provided the critical context required by brokers to properly price insurance premiums on trading vessels. In fact, several of the brokers that frequented Lloyd’s Coffee House organised themselves as a syndicate that became Lloyd’s of London.

Already, you can begin to see the fundamentals of risk management at play. Lloyd’s List sourced data from the front lines and compiled this into presentable information that helped insurance brokers to understand the potential impact of an action, giving insight that informed their plans.

Taking Lloyd’s into the present

Blaise Pascal

Blaise Pascal

While the core principles of risk management are still the same, the risk landscape has evolved dramatically. Today, businesses must account for a vast range of risk factors, ranging from interest rates and commodity prices through to institutional risks such as laws, environmental regulations and Government subsidies. In other words, businesses are required to amalgamate much more data than Lloyd would have had the time and resources to gather in the confines of his humble Coffee House.

Today, data is sourced from a huge range of systems and channels and in a wide variety of formats. To avoid the danger of ‘data overload’, the challenge for risk management is to ensure that information can be formalised and fed into a single risk management platform. This data can then be put into the context of an organisation’s key business priorities and, when informed by correct analysis, will help to support intelligent decisions and strengthen an organisation’s lines of defence.

This large amount of data must then be presented in such a way that allows end users to easily spot trends, identify high-risk areas of the business and feed this information back to the business both quickly and effectively. This can be done by engaging end users through, for example, simple workflows and easy-to-understand visualisations or simply by integrating risk platforms into mobile platforms for ease-of-use.

Taking risk into the future

Lloyd's Coffee House

Lloyd’s Coffee House

Interestingly, the future of risk borrows from the same core principles of Lloyd’s Coffee House: likelihood, insight and collaboration.

Imagine if Edward Lloyd had the ability to process all of the discussions in his Coffee House automatically, compiling these insights from a huge number of different organisations into a single platform. ‘Crowdsourcing’ this information and coupling it with emerging technology means that organisations can fundamentally change how they respond to the altering regulatory environment by making instant decisions based on real-time insight.

By employing Artificial Intelligence technology and automation tools such as Natural Language Processing – which categorises raw text from a number of sources into comparable, clean data that can be analysed and compared in a single environment – organisations can streamline risk mapping processes. This will, in turn, highlight policy gaps and suggest controls based on context and previous assessments, ultimately helping businesses to produce better insights and improve decision-making.

These instant insights will not just help with protecting value. Risk management is also becoming a tool that can accurately identify new business opportunities. Enterprises are already recognising the value of risk data more broadly. In a recent survey conducted by Forbes Insights, 87% of organisations thought risk management should drive value creation.

David Walter

David Walter

By using an intelligent risk platform, organisations can apply quantitative analysis to each risk domain in a business, carrying out a level of “risk economics” that can leverage data to analyse where risks need to be mitigated, where investments need to be made and assess how risk appetite and tolerance is balanced, while also taking those all-important costs and the overhead of controls into account.

Weathering the storm ahead

We’ve come a long way from Luca Pacioli posing a mathematical question and Edward Lloyd serving coffee to sailors. Effective risk management is now an essential part of how an organisation rides the waves of unpredictability that are faced every day.

As risk management evolves, risk platforms will continue to evolve as well, connecting risk data to business context in order to provide insights that help businesses to prosper going forward.

David Walter is Vice-President of RSA Archer at RSA Security

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts