We are looking at the changes taking place in risk management too closely to know what pattern they are making, Lee Coppack believes.

The Financial Times on 6 August 1999 showed an illustration of a cropped portrait by the artist Chuck Close. Psychology professor Andrew Derrington explained: “From a normal reading distance it does not look like a portrait at all: the face is broken into large blocks patterned in different colours and the picture looks like an abstract block pattern. But if the picture is reduced in size, ... or if its visual size is gradually reduced by viewing it from a distance, the face begins to look solid, although the blocks can still be seen clearly. Increasing the viewing distance still further makes the blocks blur together and eventually the face looks like a completely realistic representation, indistinguishable from a photograph.”

When it comes to the fundamental changes taking place in risk management today, the situation is not dissimilar. We have our noses pressed nearly against the canvas and it will take the distance of time for us to see what picture emerges from all the blocks and colours.

Traditionally, the risk manager dealt purely with fortuitous, concrete risks. The risks were identified, assessed and controlled or transferred. These risks arose as a consequence of the business – whether profit or non-profit. They were not risks undertaken for the business, such as development of new products or expansion into new territories.

Today, the distinctions are blurred. Reputational risk, for example, is one with which risk managers are increasingly concerned, but where conscious decisions by senior managers are probably the critical factor, even where the initial problem is a fortuitous event. Historical events show that a tardy and grudging product recall is likely to have a longer lasting effect on brand reputation and shareholder value than one which is well handled.

The risk manager can play an important role in ensuring that his or her company reduces the risk of product contamination or defect and has a good crisis management plan in effect. However, among the most common reasons for reverses in shareholder value are overly optimistic earnings forecasts, ill-judged takeover bids and uncontrolled expansion, which are the result of conscious decisions by senior management.

This bring us to the issue of corporate governance. Shareholders, are concerned that the business they own should be run in their best interests, but today they can only rarely exercise any meaningful control over the senior management. Hence, transparency in the company's dealings with its shareholders and the presence of independent, non-executive directors are regarded as critical elements of good corporate governance.

Shareholders – and their proxies the investment analysts – want the people who are managing the business on their behalf to be aware of what risks they are assuming and manage them properly. As a result, risk managers see the growing importance of corporate governance issues as giving them an opportunity to demonstrate the value of their discipline to a wider world, particularly shareholders.

The risk manager, so the thinking goes, should be an essential part of the process by which the risks to which the business is exposed are identified, assessed and controlled, according to the risk strategy agreed by the directors.

Responsibility for looking after the shareholders' interest in relation to the business decisions taken by senior management falls to thenon-executive directors.

Since risks of either sort can seriously erode the value of the organisation, neither form of “risk management” is adequate on its own to protect the interest of shareholders and other stakeholders.

There clearly needs to be some link between the two and some discussions on corporate governance suggest that the risk manager should have direct access to non-executive directors.

What is not clear is where the risk manager will stand if the senior management of the organisation has chosen a course of action which he orshe believes is not in the best interests of shareholders or other stakeholders. It could be an uncomfortable position.

Some risk managers may also see the corporate governance role as limiting them to a monitoring role, while they are looking for a way to be more expansive in their definition of risk and innovative in its management and, particularly, financing.

Lee Coppack is editor of the international risk edition of Global Reinsurance and co-editor of Global Reinsurance. E-mail:lee.coppack@globalreinsurance.com.