• Sharebar
Risk Management
Thursday, February 1, 2007
Advice from the FPI

According to recent global research, 90% of financial organisations lose more than R70 million a year each because of poor risk management.

And while the ‘human factor’ is not the only aspect of this complex subject, it is certainly a significant contributor to unnecessary losses.
Mimi Pienaar, ISG representative for the Financial Planning Institute Western Cape Chapter, notes that the institute has identified the following as the main risk areas for its members:
Operational risks, which include the human factor;
Compliance risks;
Financial risks; and,
Reputational risks.

Aside from this, a review of The King Report on Corporate Governance for South Africa 2002 (King II) provides additional insight into some of the factors including:
Physical risks;
Human resource risks;
Technical risks;
Business continuity and disaster recovery; and,
Credit and market risks.

Pienaar points out that the human factor has an affect on all these areas (see diagram).
King II is very clear about the importance of the human factor in a financial planner’s success. Development of human capital serves not only the economic interest of the company but also the requirements of the society within which the business operates.
Comments Pienaar, “Our own industry regulations address these issues as well in the General Code of Conduct for Authorised Financial Services Providers and Representatives.” She highlights the following areas as important:
Control measures. A provider must at all times have and effectively employ the resources, procedures and appropriate technological systems that can reasonably be expected to eliminate as far as possible the risk that clients, product suppliers and other providers or representatives might suffer; for example, through theft, fraud, other dishonest acts, poor administration, negligence, professional misconduct or culpable omissions.
Specific control objectives. A provider, excluding a representative must, without limiting the general provisions of the Code, structure the internal control procedures concerned to provide reasonable assurance that:
• The relevant business can be carried on in an orderly and efficient manner;
• Financial and other information used or provided will be reliable; and
• All applicable laws are complied with.

Insurance. A provider, excluding a representative must, if required by the registrar, maintain suitable guarantees or professional indemnity or fidelity insurance cover.

“As a financial planner, your expertise is to assist your clients to plan and manage risks relating to financial planning,” she notes. “So in your practice check that you have taken steps to reduce the risks relating to insurance; resources, procedures and IT systems; and, effective control procedures.”
She says that King II recommends all companies give due consideration to the application of the report, not only those who fall into a prescribed category.
The risks attached to the human factor are countless. For example, just consider involvement in setting up systems. One slip of the finger; or one step in the process that is missed out and you could have a disaster on your hands. Pienaar illustrates other issues:
• Cheques not banked or invoices for fees not sent out;
• Failure to record telephone messages, or contact details;
• Being rude or distant with clients - face-to-face or on the telephone - perhaps because of underlying discontent, low morale, or simply having a bad day. Indeed, such human factors can generally cause poor performance, inconsistent work, excessive sick leave, and lateness in arriving for duty;
• Overlooking the correct procedures for completing the necessary documentation relating to a transaction. “The Ombud will scrutinise all forms for evidence in case of a complaint,” she warns.

There are also general operational issues, she says. Problems may arise if key personnel are out of the office. A client demands advice, which is given by an unauthorised, but well meaning employee. Administration must be properly structured. If information is given to a key employee too late to assess before seeing the client the wrong details may land up on the schedule and the plan for an entire portfolio may be suspect, and expose the business to damages.
Controls for handling data input and e-mails are vital. If information were left out because it was not received in time, or an e-mail with sensitive information was forwarded to the client, then again the business could be in trouble.
Footnotes.
Risk. This can be defined as ‘the potential future harm that may arise from some present action.’ Risk planning is seen as creating a strategy for the business, including an estimate for the perceived risks… and the ability to see all possible consequences of your activities.
Risk management. This is defined as ‘a process that utilises internal controls as a measure to mitigate and control risk’. Risk management goes beyond the control of just financial risks; indeed the reputation and the company’s future survival are also at stake. And obviously the human factor, though often overlooked, is central to any risk planning (and management) because human actions and attitudes affect every part of any business.
Provider. According to the Code of Conduct definition, ‘Provider’ means an authorised financial services provider, and includes a representative. Despite the FAIS Act the definition ‘financial services provider’ means any person, other than a representative, who as a regular feature of the business:
1. furnishes advice; or
2. furnishes advice and renders any intermediary service; or
3. renders an intermediary service’
 

Copyright © Insurance Times and Investments® Vol:20.1 1st February, 2007
506 views, page last viewed on September 14, 2019