Extended Balanced Scorecard (2/3): Risk & Compliance as a source for strategic value

Last week, we concluded that risk management and compliance together are important enough to drive strategy for financial institutions and public companies. Under this conclusion, we asked ourselves if risk and compliance can be modeled under the existing perspectives, or do they need a perspective on their own?

In the first post of the series on Balance Scorecard, it was stated how risk and compliance techniques can help to shape the financial statement and obtain the expected financial results. How those results are achieved is so important that in present Spanish legislation, the economic sustainability legislation (Ley 2/2011, de 4 de marzo, de Economía Sostenible), the new public companies legislation (Real Decreto 1/2010 de 2 de julio de Sociedades de Capital), both transpositions of the correspondent European Directives, or the good corporate governance practices Code suggested by the Spanish Stock Exchange Regulator CNMV, force financial institutions and public companies to inform the market, shareholders and investors, about the risk levels undergone in order to achieve their financial results. If there is no equilibrium within the balance sheet (with increasing debt, high degree of exposure to risk, with high operative & financial costs, …), probably the reaction of the market will push share value down and make harder for the public company to finance itself in the near future.

In addition, along with risk and compliance, it comes some terms like “transparency”, “internal control”, “sustainability”, “good corporate practices” and “security”, to mention a few. Let´s take a closer look to one of them, like “transparency”, which is a qualitative characteristic intrinsic to good corporate and business practices. “Transparency” reflects on how an organization informs the market, customers, shareholders and regulators, and because of it, transparency impacts on how public companies are perceived by all of them. In that sense, it is a way of gaining market confidence, which helps a public company to increase its share value and/or its operative income, providing increasing benefits to its shareholders while decreasing the liquidity risk in the process. Under this vision, transparency should be placed and manage under a Risk & Compliance perspective since it does not seem appropriate to place it under a  financial perspective, or treated as an internal business process.

Transparency is so important for the market and existing Regulators, that the European Directive 2004/39/CE relative to markets in Financial Instruments (MiFID), and its correspondent transposition to the Spanish regulation (Ley 47/2007), dedicate a great deal of effort to explain transparency requisites like the necessity to make public an annual report with information about the financial status and activities of investment firms, and related operations, enough for the market to evaluate risks, strategy, risk control procedures, internal organization, financial status, and so on. More of it, all the examples already mentioned about Spanish regulation, insists on transparency as a key process.

In addition to the regulatory framework, Risk and compliance techniques are multitude and affect all levels of the organization, business, processes and technology, and as a consequence, they would be better managed if they are grouped in a perspective of its own. Of course, the type of objectives, procedures and techniques defined under a risk and compliance perspective will drive many actions in the rest of the perspectives.

As a last step in order to confirm that risk and compliance can be placed under its own perspective, it is needed to establish if the strategy defined under this new perspective can be translated into quantitative indicators and thus, they would comply with one of the main premises of a Balanced Scorecard. But this is part of our third and last post to be published next week.