State of Green Business

Overdriving your headlights on climate risk

Getting Real

Overdriving your headlights on climate risk

Shutterstocksolarseven

Over the years, my husband has taught me many things about automobiles and driving. One key concept he covered was that of "overdriving your headlights." This is a situation in which your braking distance exceeds the reach of your headlights. The result is that by the time you see something in the road, it’s too late to avoid running into it.

It’s also a feature of traditional enterprise risk management.

We in the sustainability community often bemoan the tyranny of short-termism in our corporations, but we don’t often appreciate the extent to which it has been institutionalized in systems throughout the business. From extreme reliance on contract labor to short-changing security under the pressure of time-to-market, there are embedded systems ripe for disruption and ready (or at least needing) to be infused with a longer-term perspective. And one of these is the approach to enterprise risk assessment. 

Harmonizing nomenclature

Back in 2014, and rather ahead of the curve (if I do say so myself), a strong collaboration sprung up between my team and that of my company’s chief risk officer. She is a visionary woman who recognized that we had aligned missions but dissimilar approaches using inconsistent terminologies, taxonomies and criteria for defining "risk."

We took a number of steps to align our work, starting with meeting regularly to learn about each other’s domain. We collaborated in our materiality assessment, helping to harmonize our nomenclature. We created a model that described the relationship between the frameworks we were using to evaluate risk — including endogenous versus exogenous risk, system boundaries and, especially, time horizons. We provide input to each other’s strategies. And we put people on each other’s extended teams. 

The risk assessment team was guided by a large, well-known external consulting firm who brought in a classic evaluation framework that used a basic 2D matrix of impact versus probability of occurrence. Obviously, probability can be very dependent on the time window, as can consequences.

Unfortunately, as with most companies, our headlights were aimed squarely at the next three to five years. The rubric for rating likelihood significantly discounted anything more than two or three years out and reduced essentially to zero anything that wasn’t highly probable within five years. 

That’s okay, if you can eliminate, mitigate or adapt to a risk with two or three years' notice. Would that climate change fell into that category. Or inclusion. Or human rights. Or elimination of hazardous materials and waste. Yes, they are all having consequences in the here and now, but their most dire and most likely impacts will be beyond the short-term planning horizons of most businesses. Climate change is a speeding train coming straight at us, but it’s not being illuminated by the corporate headlights and we’re running out of braking distance. If that’s a tortured metaphor, I apologize. But you get my point. 

So, what do we do? Well, for a start, we might consider using variable timeframes. That is, instead of asking "How likely is this to happen in the next two years?" we might ask "How likely is this to happen before we can be ready for it?" Yes, that involves understanding what "ready" means.

Good idea, right? A good starting point to encourage some scenario planning and envisioning of the future we want to have!

Last year, COSO issued a document providing guidance on the incorporation of ESG into enterprise risk management. It suggests considering a number of additional assessment criteria, including "velocity" — that is, how fast is it coming at you — which it says is "best understood by studying longer temporal horizons than is usually associated with enterprise risk management." No kidding! They also suggest adaptability, complexity and persistence (no, climate change is not a single event that will happen once and then go away).

While it’s taken too long, it’s exciting to see the evolution of risk frameworks that include long-term, unquantifiable — and, to many, unfamiliar — risks. Yes, they create a complicated, many-dimensional matrix, but some leading companies are making the effort.

Is yours?