In business risk management, risk-reward is a concept known by many, but understood by rather fewer. Starting from the basic idea of comparing risks taken with reward gained, the risk-reward concept is that greater rewards may be accompanied by greater risks.
As a result, if you want to win big, then be prepared to take and manage considerable risks. The confusion sets in when higher risk is assumed to generate higher probabilities of reward.
In other words, organisations assume that simply because they are taking a bigger risk, they should automatically stand to gain a greater reward. Some organisations, however, are better positioned to deal with this confusion than others.
Financial institutions have an advantage in that financial risk and reward are often both easier to manage. For instance, with a little due diligence, they can see that an investment in the bond market may be capped in terms of returns, but that the risks of losses may be incommensurately large.
A quick calculation can suffice to show that less risk is then a better risk management decision. For enterprises in other sectors, the risk and the reward may not be as easily quantifiable.
On the other hand, due diligence, preceded by careful and complete knowledge gathering, can go a long way to weed out unsuitable risk.
In addition, over-management of risks can be wasteful in terms of time and effort. It can even have a noticeably negative impact on an organisation.
When operational risk managers act as firefighters, they dull the risk awareness of other managers. They also hinder their own responsibilities to challenge and report on the way risk is being handled across the organisation.
Risk managers may therefore also need to do less to accomplish more, spending a greater portion of their time on planning, monitoring and perfecting risk strategy and policies for the enterprise as a whole.
In summary, less uncharted risk and less risk management firefighting should bring more to any organisation.