The “gray rhino” concept describes probable events that have a high impact on society. Unlike the unpredictable nature of Nicholas Taleb’s “black swan”events, gray rhinos, which was introduced as a concept by Michele Wucker (and written about in her book “The Gray Rhino: How to Recognize and Act on the Obvious Dangers We Ignore“) are visible and well-known risks that are often overlooked until it is too late. These risks are like a herd of rhinos, which are seen in the distance, and while we are aware of their potential danger, we cannot fully perceive their dimensions or predict when they will charge.
Gray rhinos are imminent risks that organizations must be prepared to handle. They require a framework in place to manage and mitigate the risks when they occur. Sometimes, multiple gray rhinos may stampede simultaneously, leading to a “crash” of rhinos, which can be devastating to society.
The development of artificial intelligence (AI), particularly Artificial General Intelligence (AGI), presents a “gray rhino” problem. AGI has the potential to revolutionize society, but it also poses a significant risk. AGI systems would have a broad range of cognitive abilities and could learn and reason about a wide range of topics, making them potentially more powerful than a human intelligence. However, the risks associated with AGI, such as unintended consequences or AI systems acting in ways that are not aligned with human values or goals, must be addressed.
The last week open letter signed by Elon Musk, Steve Wozniak, and other tech luminaries, argues that AI systems with human-competitive intelligence pose significant risks to society and humanity. The authors of the letter call for a pause in the training of AI systems more powerful than GPT-4 for at least six months highlights the need for a comprehensive risk management framework to mitigate the potential risks associated with AGI. It is crucial that such a framework involves a collaborative effort from various stakeholders, including policymakers, industry experts, and academics. It should be continuously updated and adapted as the development of AGI progresses, ensuring that it remains relevant and effective in mitigating potential risks.
Overall, the “gray rhinos” concept has significant relevance in the context of AI development, especially in the case of AGI. These risks demand a comprehensive risk management framework that requires a collective and coordinated approach from all stakeholders. It is imperative for organizations to anticipate and address the potential risks of AGI, like “gray rhinos”, to minimize their impact and ensure the responsible utilization of AGI’s benefits.
The image, shown below, features a gray rhino standing in the middle of a bustling business center. What makes this image remarkable is that it was generated entirely by AI for this article, utilizing a combination of machine learning algorithms and deep neural networks.
Creating a consistent framework for risk management across a diverse, multi-national organisation can be difficult, but a network of like-minded people can spread the culture needed for its success.
Performing cohesive risk management across different sites is never an easy task, but when the operations of those sites include a multitude of different specialists and technicians, this amplifies problems.
The risk managers interviewed here, along with colleagues, came up with a simple yet effective idea that took risk management outside the traditional risk function to interested individuals so that risk became a part of everyday life.
They then created a centralised tool so this community could share best practice and improve knowledge and understanding globally. The result was an award for best risk communication initiative at the MEA Risk and Insurance Excellence Awards 2016.
Exec summary
At its heart, risk management relies on having the right people in the right place to gather and analyse the information needed to make better business decisions
Alexander Larsen and Peter Smith, who were interviewed for this case study, along with colleagues including Vladislav Kulakovsky, created a network of risk champions to help them improve risk management across a multi-national oil company
Not only did they bring people outside of risk management into the risk function and improve understanding and day-to-day practices and procedures, but they also created a global community underpinned by a culture of sharing to distil best practice across their company globally
Context
The company had a lot of international assets (oil fields) across the world and the company was keen to manage its overseas operations out of one single office in Dubai, which is where Vladislav, who kickstarted risk management within the project, and we, were based. Although based in Dubai, Alexander eventually moved to Iraq for a few years to work on the Iraqi asset that was being managed from Dubai.
We decided early on that the Iraqi asset, a megaproject, would be a good starting point for an initiative that looked to improve risk management on the ground in Iraq, both during the project and when it was handed over to operations for ongoing management of the facility.
The oil field in Iraq was the largest undeveloped asset in the world at the time, and the company was investing billions of pounds into its development over several years, so it was a really mammoth undertaking, with several megaprojects running simultaneously, often inter- linked.
Having appropriate and effective risk management controls would be a big factor in its success both in terms of meeting project timelines and budget, but also for its successful operation once the facility was complete.
We, and indeed the rest of the risk management team, were neither drilling experts nor geologists so we decided to set up a risk champion structure using staff from the various technical departments on the ground in Iraq to help feed into the risk management process. This would be critical to the success of not only risk management or this project, but of other projects too.
Although it took time to gain traction and there were numerous challenges (language, culture, risk understanding and differing project or departmental objectives, to name a few), once it was implemented successfully, the risk team realised the opportunity for sharing the lessons learned.
Taking the successful risk champion structure and then distributing it to assets across different continents would allow other facilities to learn from their successes and develop their own risk champion structure (or improve already established ones). It would also allow sharing of ideas and knowledge that may even bring benefits to the Iraqi asset, where it originated.
Over time, the network expanded further, inviting non-risk staff to join, and providing access to a knowledge database of tools, procedures and best practice.
Before the network was in place, there was a lot of communication with, and travel to, overseas suppliers and contractors. So, we thought that by having individuals in each of these different areas of the business, we would reduce the amount of time spent on collecting the information, while also increasing the quality of the information. Then, we could focus on running quantitative risk analysis, reporting across the project and supporting decision- making within the projects – which, after all, was the main part of our job.
Key Steps
Sourcing network champions
The way we decided to approach expanding and improving the risk management programme and bring in expertise from various areas of our business was to set up a network of risk champions.
These were people who had the right roles in the right departments and who could provide us with the right level of information on their aspect of the project. They also had a certain level of technical expertise combined with an ability to learn and communicate ideas.
It started out as an informal process; we needed help speaking to various experts in the business and understanding the technical information being fed to us by people like geologists or engineers.
In order to find the right individuals, we would look for people across the business who were showing an interest in, and enthusiasm for, risk and developing their understanding of risk management.
Getting champions on board
Once we’d determined who was keen to get involved, we would speak to their manager, explain what we were trying to achieve, and get their permission to start involving that worker in the risk management processes.
Sometimes there was some pushback from managers on this, so we would need to involve influential people who were onboard with our project to try and convince any dubious manager of the benefits of letting their employee get involved.
Conversing with champions
We would meet at least once a month, both in formal and informal sessions, to share information around what risks we were facing and how the controls were working. This would be in offices on site in Iraq, but could include more relaxed meetings like going for a walk around the site in the evening, for example.
It was important to build a relationship of trust and friendship with them while also making the risk management discussions more relaxed and fun.
All the information and risks we gathered, as well as the analysis results, we then fed to the Dubai office, where Peter and Vlad would bring all this together into a central source for the Iraq asset that detailed all of our policies, procedures and risk analysis work.
Outputs
Creating consistent reporting
One of the first tangible outputs to come out of the risk champion network project – and the Iraq project more widely – was a set of more complete and more effective dashboard reports that gave an overview of all the different operations in Iraq so they could be reported on in one overarching report.
When this reached the corporate team operating in the Head Offices, they too wanted to expand the value beyond the international business. It also paved the way for these reports and the practices we had put in place to be rolled out across the company.
We were able to take these reports to our partners in joint venture projects, as well as our suppliers, so they could see how we did risk management, but also so that we could incorporate our risk management processes into their operations to better manage the risks we faced from the work they were doing either with us or on behalf of us.
Building a global community
At this point, the overseas office in Dubai was really starting to see and understand the value of what we were doing in Iraq and wanted to roll it out across all of the company’s other assets around the world.
Up until then, these different sites had, of course, been practicing some form of risk management, but there was no overarching structure to it, and the levels of risk management being undertaken at each site varied greatly.
To bring some level of harmony to all these different sites, we decided to establish what we called a community of practice. Peter set it up initially, using the information, policies, procedures and risk champions structure that Alexander and Vlad had developed on the ground in Iraq and in the Dubai office. We then added to what we had in order to provide a more overarching approach that might be suitable for all assets.
The community of practice was a virtual group for everyone within the company who had a responsibility of risk, regardless of which site they were working on or in which region they were based. We then shared best practice solutions and success stories from our experience in Iraq so that they could be incorporated into all the different risk management practices across the company as a whole. Over time other assets shared their success stories and challenges too.
Building a central repository
Once we had firmly established ourselves in Iraq and been given the go-ahead from the overseas office to push these ideas out to the other international operations across the world, we knew that alongside having the community of risk champions, we would also need a
central hub for sharing all the different documents, reports and pieces of information that these individuals were creating.
And that central repository of information we created eventually became one of the successes underpinning the community of practice that had been rolled out across the company.
The repository was initially based on the information we had collected as part of the Iraq project, but we later expanded this to include a database of resources and a chat function so people across the various different sites could comment on the resources, asking each other questions or providing feedback.
The different sites were able to download the various resources in the hub and then tweak and tailor them to the specific needs of their part of the organisation.
This really helped to create a unified approach to risk management across the company, while still allowing processes and procedures to be flexible enough to meet the specific requirements of each region and site.
Expanding the community of practice
As part of this roll-out to the wider company, we knew we also wanted to expand and formalise the community of practice so that other individuals outside of the risk function could be brought in to help the different sites, just as we had done in Iraq. We started working on improving the community of practice along with input from Vlad and other risk managers in the business to build something formalised and engaging.
To do this, we created a training programme that was delivered across the different assets, and at the end of each training session there was a sort of advert for the network, encouraging people who were interested in finding out more to get in touch.
In addition to this, we formalised an agenda that ensured each asset shared their own best practices and training presentations. Each asset was also given the opportunity to share their own documents and reports to the central repository.
While working on improving the community of practice we also revised our original risk champions network in Iraq to improve it further. For those that ultimately got involved as a risk champion, we began incorporating risk management objectives into their performance review. This really helped to give a formal structure to the network, as well as helping to build a culture that was putting risk management at the heart of everything we do.
These objectives would then get progressively more demanding and complex as people improved their understanding of risk management, until they became a fundamental part of the risk management process, and quite a few of those early champions are now carrying out roles that are solely focused on risk within the organisation and also in other organisations.
One last initiative we decided to launch was to open up parts of the central repository to contractors and partners in order to encourage knowledge-sharing among them and improve performance on our own projects. This also involved inviting contractors and certain partners to attend our meetings.
Results
One of the most successful projects we were able to use the risk champion network for was the building of a quantitative risk model based on several scenarios that included oil price, credit worthiness of partners and investors, production output, reservoir pressure and other factors.
Due to the information we had gathered and analysed with the help of all the risk champions, we could run in-depth analysis quickly and effectively. In a number of weeks we were able to build and run over 60 scenarios, something that would have been impossible without the risk champions. A couple of scenarios would have been challenging enough!
With these scenarios, we were able to demonstrate to the overseas office, as well as the HQ, the power of risk analysis. The fact that they were already used to seeing the dashboards we had created for the ongoing risk management reports meant that they were already familiar with how we operated, they trusted our data and our reports, and it was therefore much easier for us to secure their support for taking a more risk-focused approach to decision-making. This was a fantastic way to demonstrate the value of what we were doing with the risk champions network and this different approach to risk management in Iraq.
Meanwhile, the success of the community of practice was demonstrated by the fact that all the assets were providing better and more consistent risk management analysis and data despite different cultures, projects and contractors. We won a risk communications award for the work we did on the wider risk champion and community of practice project, and we even took our internal risk management training to a conference where they asked us to run a one- day masterclass in which we, along with Vlad, led various mini exercises and presentations.
The award was a great opportunity for us, and it also demonstrated once again to head office the value of what we had created, as well as representing the business in a good light in front of our peers at a big industry event.
Lessons Learned
Understanding people and their personal and business objectives lets a risk manager understand who will be a blocker and who will be an enabler to a project. This allowed us to quickly navigate through the teams to ensure we targeted those who would engage with the process, drive adoption from within their own team and get results
People want to share knowledge. Simply creating the platform allowed a passionate group of risk managers, risk enthusiasts and interested parties to share, communicate and learn, and that central repository of information created a hive of activity and discussion that only served to benefit the business
Finally, the knowledge and experience sharing within the community of practice was so effective in strengthening risk management immensely across all assets globally
Originally published as a shorter version in the IRM’s Winter 2022 Edition magazine “Enterprise Risk”
The last few years have seen a lot of hype around the converging technologies of web3, blockchain, cryptocurrencies, NFT’s and the Metaverse. In a previous article we laid out how the Metaverse is shaping up and whilst we concluded that the Metaverse will take a while to become a reality, blockchain technology, in which much of web3 is built upon, has now risen to prominence, gaining wide spread adoption.
According to Blockdata research, 81 of the top 100 companies use blockchain technology. It was found that the technology is being used in areas such as payments, traditional finance, banking, supply chain and logistics. This is no longer a technology of the future that may or may not be useful, but a technology that is established and being developed. For more information on the Blockchain refer to a previous article here
The tumultuous rise and fall in the wider cryptocurrency market, led by Bitcoin, over the last two years has no doubt triggered renewed concerns regarding legitimacy of the asset class, with many pointing this out as proof that this is just a passing fad being fuelled by speculators. Whilst on the surface it may look this way, there are many indicators that suggest that it is actually here to stay. We will therefore take a closer look at the opportunities and risks of Bitcoin corporate adoption and review the possibilities that may exist in Web3, where cryptocurrencies, NFTs, the Metaverse, decentralised finance (Defi), community tokens and decentralised autonomous organisations (DAO’s) all converge.
What are Bitcoin and Cryptocurrencies?
Reflecting on the events of the past two years, you may be forgiven if you missed hearing about how Bitcoin has won over some of worlds best known billionaires. From technology entrepreneurs such as Jack Dorsey, Peter Thiel and Elon Musk to Wall Street legends such as Stanley Druckenmiller and Paul Tudor Jones. All have embraced Bitcoin, but why? What qualities does this relatively new, highly volatile and digitally intangible asset have that would garner such interest? To attempt to answer that question, one must first understand what Bitcoin is and what it does.
Bitcoin is a new digital form of money that is censorship resistant, seizure resistant, borderless, permissionless, pseudonymous, programmable and fully peer-to-peer. It is therefore available to everyone around the world and all that is required to interact with the network is a mobile phone and an internet connection. With Bitcoin, transactions are not managed by banks or financial intermediaries, but instead value travels directly from one person to another. Payment processing is not done by a regulated company like Visa or PayPal, but instead it is all facilitated by a decentralized global software network, with custodianship not handled by a bank but the users of the network.
Other cryptocurrencies aim to emulate these attributes.
While the wider cryptocurrency market is awash with different digital assets and tokens (over nineteen thousand of them), Bitcoin has, since inception, remained the largest cryptocurrency by market capitalization. To many investors, it’s Bitcoin’s longevity and simplicity that sets it apart from the rest of the digital asset market.
Bitcoin’s Mainstream Acceptance
A telling metric that reflects Bitcoin’s mainstream acceptance, is the increasing trend of corporate adoption. One of the most prominent examples of this was NASDAQ listed MicroStrategy Incorporated’s announcement in December 2020 that it had made more than $1B in total Bitcoin purchases in 2020, claiming that would “provide the opportunity for better returns and preserve the value of our capital over time compared to holding cash.” Following this other companies, such as Tesla, followed suit.
There may be several reasons why a company may wish to add Bitcoin to its balance sheet. This may be to leverage a potential opportunity for asymmetric risk returns observed over previous years (given its early stage of global adoption) or as a hedge against currency devaluation brought about by unprecedented state intervention in the money supply. It could be part of a corporate strategy to embrace modern, open-source technologies or to support an operational strategy that includes accepting Bitcoin as payments.
A major developing area of Bitcoin is that of energy optimisation and reduction of carbon emissions. Despite the commonly held view that Bitcoin is bad for the environment, there are a number of initiatives that are focused on using Bitcoin mining to both reduce carbon emissions and increase the use of and viability of, renewable energy. As an example, Bitcoin Mining is integrated with wind and solar farms to help balance grid loads and optimise energy generation. The weakness of solar and wind is that they are intermittent and there may be periods where supply exceeds demand, thus leading to waste. By signing agreements with Bitcoin mining companies who get exclusive rights for times of low demand and to turndown mining in periods of high demand, energy companies are able to more efficiently run their operations. The measures implemented by the Electric Reliability Council of Texas (ERCOT) is a great example of this. By augmenting power generation with Bitcoin mining energy companies’ are able to raise capital to build more infrastructure which will help speed up renewable adoption and support making grids more resilient. Some hydroelectric dams in North America are already seeing the advantage of Bitcoin mining with an increase of revenue allowing them to make repairs and upgrades and keeping them in operation.
Oil and gas companies such as Exxon, ConocoPhillips and Equinor are also exploring Bitcoin mining as part of their operations. Instead of letting excess gas be vented or flared which releases Methane (a more harmful greenhouse gas than CO2), they are looking to mine bitcoin with the excess gas which reduces emissions by up to 63% (according to Crusoe, a company dealing with Digital Flare Mitigation) whilst increases revenues (Bitcoin) allowing them to potentially invest in green initiatives or to make their operations more efficient.
Evolving landscape: From Cryptocurrencies to Web3
The past two years have been transformative when looking at the wider altcoin landscape. In the early days of Bitcoin, altcoins were largely cryptocurrencies that sought to challenge bitcoin. This is no longer the case. The concept of Web3 has risen to prominence where it’s staunchest supporters claim that we will have an “internet owned by the builders and users, orchestrated with tokens.” If Web1 was the Read internet and Web2 is the Read-Write internet, then Web3 will be the Read-Write-Own internet. In the following sections we will touch on various aspects of Web3 to understand whether this goal is being realised and what risks and opportunities may be presented.
Risks of investing in Bitcoin
Whatever the reason, holding a new asset such as Bitcoin on a balance sheet, most certainly exposes an organization to risk.
As this is a digital financial investment, it is essential that the CEO, Chief Financial Officer, Chief Risk Officer, Chief Technology Officer, Board of Directors all have a clear assessment the asset’s risk profile and where this aligns and diverges from the company’s tolerance for risk. As such risk managers are key to helping make their organizations aware of these risks so that appropriate mitigating strategies can be developed and implemented to help ensure success in this venture. Key areas of risk to consider are as follows:
* Regulatory Compliance Risk: Arguably the most important risk to consider given the relative immaturity of the asset class and the lack of firm regulatory treatment of Bitcoin and other digital assets across different jurisdictions. Not only is it important to consider the company’s regulatory obligations, but also those of it’s counter parties (e.g. exchanges or custodians). Items to consider would be KYC/AML rules, accounting rules, tax rules, commodity laws and securities laws. These should tie in with existing company Code of Conduct rules.
* Liquidity Risk: This risk seeks characterize the company’s ability to meet its day-to-day working capital requirements through deployment of cash reserves. A working capital threshold should typically be established with only cash in excess of this to be made available for digital asset investment.
* Technology Risk: While Bitcoin has a provable decades long track record of performance, it is vital that the technology be understood and monitored as it evolves. Material changes affecting the validity of the protocol are deemed to be highly unlikely (not necessarily the case with other blockchains). Nonetheless, the protocol continues to evolve, albeit at a measured pace. Incorporation of bitcoin improvement proposals (BIPs) typically take years to agree before being incorporated into the protocol. Adoption of the proposals does come with new features that allow for more functionality (e.g. BIP9, which facilitated deployment of the Lightning Network, a layer 2 solution that scales Bitcoin’s transaction throughput). These could be leveraged by the company, but may also introduce unforeseen risks.
* Custody and Information Security Risk: Thorough appreciation of the various risks associated with custody of bitcoin needs to be undertaken. This is particularly important in the face of historical high-profile hacks. There are different strategies a company may decide to follow with respect to custody of its bitcoin. Self-custody, fully outsourced custody to a trusted third party, or using some combination of the two via multi-signatory custody may be considered. Self-custody is considered harder to do securely for most organizations, but outsourced and multi-signatory custody are not without risk either. Should the latter two options be explored, secure private key storage, assurance of account statement accuracy, custodial service liquidation risk management, market volatility management (especially if the bitcoin is being rehypothecated) and information security protocols all need to be thoroughly understood and vetted.
* Transaction Control and Authorization Risk: Executing inbound and outbound transactions and cross account transfers will create several risks. Transaction workflows need to be fully understood with key controls put in place. These include documented segregation of duties outlining who has access to the accounts and clear levels of authority detailing what type and threshold of transaction each person can or cannot undertake.
* Stakeholder Risk: Bitcoin’s energy consumption has been a major point of concern raised by environmental groups and competing less energy intensive blockchains in mainstream media. While recent studies have largely refuted these claims and indeed Bitcoin has even been demonstrated to promote responsible and efficient use of energy (e.g. the one USA’s oldest running renewable energy plants was kept afloat as result of mining bitcoin during off peak demand periods, promoting grid resilience). Nonetheless, understanding and addressing stakeholder concerns with respect to adopting Bitcoin must be an imperative. This will require well thought out proactive stakeholder engagement planning.
Decentralised Finance
To understand Decentralised Finance, one must first appreciate the challenges associated the traditional (centralised) finance system. Most people can relate to the friction, inaccessibility and regulatory burden associated with interacting the current banking system. In recent years, these challenges only seem to be worsening and a trip the dentist seems preferable to a trip to the bank. In many parts of the developing world even having a bank account is a privilege.
Decentralized Finance or DeFi attempts address these challenges by allowing users to utilize financial services such as borrowing, lending, and trading without the need for a bank or financial institution. These services are provided via Decentralized Applications (Dapps), which are deployed on smart contract blockchain platforms such Ethereum, Solana or Cardano. Many have benefited from the boom in Defi. It has also however had its fair share of controversy. This ranges from abuse of smart contract bugs, Miner Extracted Value front-running, flash loan manipulation, and rug pulling. Any venture into Decentralised Finance should only be undertaken with a full understanding of all the risk categories mentioned above.
Decentralised Autonomous Organisations (DAOs)
As with Defi, let’s start with a definition. A DAO is a digitally native community that centres around a shared mission and whose assets are managed by the community’s contributors. A DAO is code committed to a public ledger and the blockchain guarantees user accessibility, transparency and rights. The DAO’s token determines its voting power, allocation of funds to achieve the groups goals, incentivizes participation, and punishes anti-social behaviour.
DAOs can be set up for a variety of purposes where groups of individual need to raise funds to achieve a goal. Some examples of this include Uniswap, a decentralized cryptocurrency exchange built on the Ethereum blockchain worth $ billions; and UkraineDAO, a fundraising DAO set up to collect and distribute donations to assist those affected by the war in Ukraine.
A significant advantage of DAOs over traditional organisations is the lack of trust needed between two parties with no leader or board making decisions. DAOs are however not without risk. The now famous Ethereum DAO hack highlighted the importance of ensuring Technology risk is properly managed. A bug in the DAO’s code led to the theft of $60 million worth of Ethereum tokens. Regulatory Compliance risk would be another area that will require detailed understanding as regulators seek to define how these entities should be treated.
The Metaverse, Cryptocurrencies, NFTs and Community Tokens
In a previous article we already highlighted all the opportunities and risks of the Metaverse and its important to highlight that if the Metaverse becomes a reality and widespread, the use of cryptocurrencies and NFT’s will boom. Cryptocurrencies is the main way in which people will conduct financial transactions in the metaverse whilst NFTs will be the items you buy.
Whilst the Metaverse will ensure widespread adoption, NFTs don’t require the metaverse to have a use case. They can be, and are being adopted right now for university degrees, house ownership, artwork purchases and any other real-world item that is unique and requires ownership proof that can be stored and found securely on the blockchain.
Some organisations are developing their own Cryptocurrencies or NFTs in order to reward customers or staff and tie them into their own ecosystem. JPMorgan developed one to make global transfers cheaper and faster whilst Amazon have developed one to work as a store card. Binance, a cryptocurrency exchange that allows users to trade various tokens, have their own cryptocurrency to reward users for using their services and helps provide a competitive advantage against the competition. Football clubs have developed NFTs for fans, allowing them access to players and allowing them to vote on things such as what song to be played when a player scores a goal and this could be extended to much more serious votes in the future. Expect the emergence of cryptocurrencies and NFTs being created by companies to increase further with Google and Facebook expected to launch too in the near future.
What about Central Banking Digital Currency (CBDC)?
Central banks have been providing money to the citizens of the respective countries for centuries. To keep pace with a rapidly changing world and pursue their digital public policy objectives, some central banks are actively investigating offering their own digital currencies to the public
CBDC’s are being considered as a future for the national currency by some central banks. Where previously we had paper money and money sitting in our bank accounts, some central banks are now looking at creating CBDC’s which are essentially centralised cryptocurrencies. They claim it has a number of benefits from reducing tax evasion to understanding population spending habits and reducing fraud and the funding of illicit activities. The potential risks it poses however include the ability of a government to fully monitor the population and restrict access to their funds or what they can spend their money on. Currently countries like the UK and USA are already reviewing the concept and have plans to implement them whilst the e-Krona in Sweden is already under testing and countries like the Bahamas have already adopted it. Whether benefits outweigh the risks remain to be seen and it is likely that CBDC’s will live alongside their decentralized counterparts such as Bitcoin.
Conclusion
Despite the concerns and scepticism associated with of Bitcoin, NFTs and altcoins, it is clear that adoption is happening, and it is likely only going to become more wide-spread. The question is what involvement should an organisation looking to get involved have? From investment to developing their own cryptocurrency or investing in the ecosystem, there is plenty to explore, and as with all initiatives that have high rewards, they come with plenty of risk.
Alignment with the organisations vision, mission and values would be the starting point, followed by development of a digital asset strategy. Once this is in place a thorough assessment of the opportunities and risks needs to be undertaken with particular emphasis on where these converge and diverge with the company’s risk tolerance.
Written By
Alexander Larsen, CFIRM – Founder of Risk Guide & Chair of the IRM Energy & Renewables SIG
Dylan Campbell, SIRM – Secretary IRM Energy & Renewables SIG
Risk Guide is delighted to bring a very special short episode from the very first series of our Extreme Risk Podcast in collaboration with Runderc.
In this special episode, Alexander Larsen speaks to Mykhailo Rushkovskyi about the need for more Risk Governance at a governmental level in the form of for example a Government Chief Risk Officer which will bring accountability and visibility to how societal and country risk is managed and how risks are considered in decision making.
The need for resilient countries is becoming more evident by the year and ensuring transition initiatives consider risk is critical to remaining resilient. Over-reliance by the EU on gas from Russia for example has proved a disaster for many countries in the EU. Re-opening of coal mines (despite ESG and environmental targets) indicates how poorly the green transition was thought out in terms of risks and resilience.
And what influence does Leadership play? Alexander highlights an excellent example from Pakistan of strong and positive leadership that can only improve risk culture.
For further information about Mykhailo and his career, you can find the Risk Managers Getting Coffee series on: https://youtube.com/riskguide
You may also find the Extreme Risk Podcast on the most popular platforms: ⚪️ Apple podcast 🟢 Spotify 🟡 Amazon
Episode Content:
1.00 – Risk Management at Government Level 3.00 – Resilience & Risk-Based Transition Plans 4.20 – The Gold Standard – Pakistan Case Study – Risk Leadership & Culture 7.00 – What is the Role of Risk Management at Government Level 10.00 – Where is Resilience? (Banking, Natural Disasters, Government Budgets) 11.26 – Risk-Based Strategy & Resilience – Norway Case Study – The Norwegian Oil Fund
About the Podcast
The Extreme Risk Podcast is a new podcast that focuses on Crisis and people working under extreme circumstances. The podcast seeks to learn from the few Risk Masters who have experienced extreme events and share it with as many people as possible.
The first series of the podcast are focused on risk management during the largest military conflict in Europe since World War II – the Russia-Ukraine war. Together with Mykhailo, we speak extensively about the lead up to the war, the invasion as well as the months that followed. Undertaking a war risk assessment, preparation for potential scenarios, monitoring, how people reacted and how businesses responded. We also discuss the potential wider ripple effects of the war on the world economy 🌍
The Extreme Risk Podcast – How the Russia-Ukraine war could cause a global ripple effect on countries, societies, individuals and organisations.
Risk Guide is delighted to continue the very first series of our Extreme Risk Podcast in collaboration with Runderc.
In this episode, Alexander Larsen speaks to Mykhailo Rushkovskyi about the potential ripple effects of the war. Looking at what industries are being impacted and what regions could face major risks (from Europe’s energy crisis to an expanding war, through to the Middle East struggling with increased grain and wheat production and potentially facing social unrest). There is an additional focus on resilience with mention to a children’s book focused on resilience called Mr Goose (this can be found at www.mrgooseonline.com
For further information about Mykhailo and his career, you can find the Risk Managers Getting Coffee series on: https://youtube.com/riskguide
You may also find the Extreme Risk Podcast on the most popular platforms: ⚪️ Apple podcast 🟢 Spotify 🟡 Amazon
Episode Content:
01:00 – What is the Ripple Effect? 02:56 – What scenarios are you considering from a Ukrainian perspective? 05:45 – Reviewing our strategic plans during times of potential uncertainty 07:00 – The various timescales for the end of the war 10:30 – Regions of the world and how they might be impacted by the war 19:20 – The Insurance Role 26:00 – The Risk Appetite 27.45 – Industries Risk and Opportunities from the war 33.20 – Global Economic impact of the war 35:25 – The impact on Society 38:55 – The Individual Responsibility and learning resilience at School 43.00 – Season Wrap Up 44.00 – Long Term Transition and Resilience – The Norwegian Case – Electric Vehicles
About the Podcast
The Extreme Risk Podcast is a new podcast that focuses on Crisis and people working under extreme circumstances. The podcast seeks to learn from the few Risk Masters who have experienced extreme events and share it with as many people as possible.
The first series of the podcast are focused on risk management during the largest military conflict in Europe since World War II – the Russia-Ukraine war. Together with Mykhailo, we speak extensively about the lead up to the war, the invasion as well as the months that followed. Undertaking a war risk assessment, preparation for potential scenarios, monitoring, how people reacted and how businesses responded. We also discuss the potential wider ripple effects of the war on the world economy 🌍
In the recent scientific article by Mykhailo Rushkovskyi for “Green, Blue & Digital Economy Journal” one can find an outlook of the fundamental trends of the last decade related to climate change, as well as interstate and global economic campaigns to slow it down, which create a powerful new determinant for multinational enterprises (MNEs) in corporate governance, risk management and the sound management of climate risks and opportunities.
The analysis is based on recent studies by leading international scientists such as the International Energy Agency and the Economist Intelligence Unit, authorized UN bodies, universities, and the MNE Task Force on Climate-related Financial Disclosures.
The results of the analysis showed that climate risks and opportunities already have a clear monetary value and impact on MNE. Today’s efficient business faces the need to build an effective system for managing such risks, which, in addition to its direct effect on MNE, will also be an important signal to stakeholders, which, in turn, can reduce the cost of capital raised and increase revenues level. For some EU countries, it will soon become mandatory to highlight climate risk management principles and approaches in annual reports. Internal models are being developed to show the impact of cli-mate change on the business of MNEs (e.g. an increase of 1.5 °C, 2 °C, 4 °C in total temperature).
A unified approach to climate risk management is therefore becoming a topic of great importance to MNEs and their stakeholders, including regulators, investors, shareholders, and society. The analysis provides an in-depth understanding of the main factors of climate-risk management for MNEs, as well as its practical implications arising in the global economy.
The Extreme Risk Podcast –Adjusting to new opportunities, taking risk, living up to values and mission and developing resilient organisations using risk-based strategies.
Risk Guide is delighted to continue the very first series of our Extreme Risk Podcast in collaboration with Runderc.
In this episode, Alexander Larsen speaks to Mykhailo Rushkovskyi about the new reality of living and working in a state of war. How did people and organisations adapt? what is the importance of being agile and resilient and what opportunities exist in such a reality? Mykhailo uses some great examples of industries that have been created, the importance of values and mission (and living up to them) and the balance between Risk and Reward.
For further information about Mykhailo and his career, you can find the Risk Managers Getting Coffee series on: https://youtube.com/riskguide
You may also find the Extreme Risk Podcast on the most popular platforms: ⚪️ Apple podcast 🟢 Spotify 🟡 Amazon
Episode Content:
01:45 – How long did Mykhailo expect the war to take? 03:35 – Where did these timelines come from? 06:50 – The importance of considering the other side and culture 09:10 – How do organisations live up to Vision, Mission and Values 13:30 – What is Reputation, and the risks around it? 14:55 – How long has the New Reality existed? 19:50 – A Global Cyber Crisis and Resilience 22:10 – When did people realise there was a new reality? Risk Appetite of the people coming back to Kyiv 23:40 – Risk Appetite – Would you Jump out of an airplane? 26:39 – Risk and Reward – Quantitative Risk Analysis and Risk Management’s role in decision making 29:30 – Risk Culture, taking risk and Appetite (the Warren Buffet example) 30:45 – How are people and businesses adapting on the ground? 33:50 – Risk-Based Strategies 35:10 – Types of businesses in the War scenario 37:35 – IT Industry 39:15 – Banking Industry – how did they avoid disruption and stabilise the economy?
About the Podcast
The Extreme Risk Podcast is a new podcast that focuses on Crisis and people working under extreme circumstances. The podcast seeks to learn from the few Risk Masters who have experienced extreme events and share it with as many people as possible.
The first series of the podcast are focused on risk management during the largest military conflict in Europe since World War II – the Russia-Ukraine war. Together with Mykhailo, we speak extensively about the lead up to the war, the invasion as well as the months that followed. Undertaking a war risk assessment, preparation for potential scenarios, monitoring, how people reacted and how businesses responded. We also discuss the potential wider ripple effects of the war on the world economy 🌍
The Extreme Risk Podcast – Evacuation, communication channels, planning routes, recovering business and infrastructure….
Risk Guide is delighted to continue the very first series of our Extreme Risk Podcast in collaboration with Runderc.
In this episode, Alexander Larsen speaks to Mykhailo Rushkovskyi who is based in Kyiv about the invasion itself. Mykhailo shares his experience of evacuating Kyiv, what considerations were needed, what plans he had in place (including routes and petrol stations) and how businesses focused on recovery.
Episode Content:
02:00 – How the invasion started and what were the immediate actions? 04:50 – What are the emotions when something like this happens? 09:04 – What did Mykhailo do when the invasion happened? How did he evacuate? 12:00 – What research and preparation did Mykhailo need in order to prepare? 15:00 – How long did it take to get to safety and to get back to work (and what did that look like?) 22:00 – Mykhailo discusses communications, platforms for communications and rules. 25:00 – How did businesses prepare and what did they expect of staff? What does good plans vs bad plans look like? 31:30 – Importance of Early Warning Signals / Key Risk Indicators in order to focus evacuation 32:38 – Importance of clarity for staff and empowering staff, ensuring they know their roles. 35:15 – What were the key learnings? what would you focus on next time? 39:40 – The importance of testing plans! 41:00 – What did organisations need to focus on from a recovery point of view?
About the Podcast
The Extreme Risk Podcast is a new podcast that focuses on Crisis and people working under extreme circumstances. The podcast seeks to learn from the few Risk Masters who have experienced extreme events and share it with as many people as possible.
The first series of the podcast are focused on risk management during the largest military conflict in Europe since World War II – the Russia-Ukraine war. Together with Mykhailo, we speak extensively about the lead up to the war, the invasion as well as the months that followed. Undertaking a war risk assessment, preparation for potential scenarios, monitoring, how people reacted and how businesses responded. We also discuss the potential wider ripple effects of the war on the world economy 🌍
These Episodes of Risk Managers Getting Coffee were filmed on Zoom with host Alexander Larsen asking Paul Edge about Blockchain Technology. Discussions included what the technology actually is, the benefits it brings as well as how it can be used for Risk Management including securing supply chains, improving fraud and auditing. These videos can be watched alongside the Blockchain Article published by the Institute of Risk Management which can be found here
Part 1 – What is Blockchain
In this episode, Paul Edge and Alexander Larsen discuss how they met, their moves to Portugal and what Paul Edge’s background is and how he found interest in Blockchain technology. Paul explains the basics of what Blockchain is in technical terms and provides some examples.
Episode Content:
00:45 – Paul and Alexander discuss how they met
01:18 – A background to Paul and his Quants education
02:45 – Paul discusses how he got into Blockchain
03:47 – Ethereum changes things for Paul and he discusses why
04:24 – Paul describes what Blockchain actually is
07:55 – A discussion around how businesses currently operate and how Blockchain could change this.
Part 2 – Uses of Blockchain from a Risk Management perspective
In Episode 2, Paul links risk management to Blockchain technology. He explains how Blockchain can provide many benefits to securing supply chains, building transparency and improving numerous risks. Topics include Internal Audit, Fraud Reduction, Competitive Advantage and its application in financial services.
Episode Content:
00:45 – Paul explains how Risk Management can benefit from Blockchain starting with Supply Chain
02:45 – Paul continues by discussing Blockchain in the Financial Services
03:45 – Alexander asks Paul if we really need Blockchain to do a lot of these things. Trust is discussed along with some other aspects
07:05 – Paul discusses how Audit can improve whilst Fraud can be minimised
Part 3 – Weaknesses of Blockchain and Challenges to Implementation
The third episode focuses much more on the challenges to implementation of the technology as well as the current weaknesses. Paul outlines some weaknesses including the need for collaboration (which is challenging at the best of times) and Human Factors. In terms of the challenges to implementation and mass adoption, there are also a few key areas that Paul focuses on which include the Speed, Space and Cost.
Alexander and Paul also discuss the sensitive issue around Environmental Impact, and discuss the use of geothermal power and other green energy, although at the end of the day, there needs to be something of use that comes out of it.
Episode Content:
00:45 – The topic of weaknesses is brought up with a specific focus on the need for collaboration in order for it to work
01:45 – Trust leads on to Human Factors and fraud and potential solutions are discussed
04:00 – Paul explains the importance of Space, Speed and Cost with regards to blockchain information
07:54 – Paul tackles the Green Energy question as well as the environmental impact of Bitcoin
Alexander LarsenMeets Aarn Wennekers in Qatar and like the others, this Episode of Risk Managers Getting Coffee was filmed in Qatar with Aarn Wennekers speaking about his views on the 5×5 Matrix, how Risk Management should be adding value and the Dark Art that is Risk Management.
00:45 – Aarn is questioned by Alexander as to whether Risk Management is adding any value
01:40 – Alexander and Aarn discuss the uses of the Risk Matrix, whether it has any value and what needs to be done going forward
03:50 – Aarn brings in his experience of business continuity and crisis management and why its so important to ensure integration with risk management.
04:50 – Aarn and Alexander debate whether Risk Management is Art or Science… or a mixture of both perhaps…
06:45 – BLOOPERS REEL
Aarn Wennekers
In this episode, Alexander Larsen met Aarn Wennekers in Qatar. The backdrop is the City of Doha. Aarn support teams with a deep contextual understanding of leadership team and performance dynamics gained by coaching and advising 40 multi-cultural, multi-disciplinary Boards and Executive Leadership (C-suite) Teams since 1996 at tech start-ups to a multi-billion revenue fully integrated National Energy conglomerate since 2010.
He has worked for Ministries and government authorities in Governance roles, risk roles as well as audit roles both in Qatar as well as in Canada and has a wealth of experience. His advisory ability at board levels and senior executive levels have allowed him to excel in the companies he has worked in.
A Guide to Risk Management 