When I started my career as a chartered accountant, it was instilled into me to assess financial performance using debits and credits as a basis to determine the performance and financial position of an organisation. I practised as an auditor for over a decade, helping to form an opinion as to whether the financial statements showed a ‘true and fair’ view of the organisation’s performance and financial position.
During this time, a few things always bothered me:
Who was, and is, assessing and auditing these? The quick answer was no-one!
In short, traditional accountability of an organisation for its performance covers a very limited view of its
financial performance. It is missing so many other components and therefore cannot reflect the entity’s
The analogy I like to use to understand ‘true’ performance: is that of a spaceship.
Imagine your organisation is a spaceship. It is cruising through space and interacting with its
environment. On the outside surface of the ship, there are holes (entrances and exits) through which
things pass both in and out. This is how the ship (your organisation) interacts with its environment. So,
what are the key entrances and exits?
The ‘true’ performance of the organisation is the net of all the positive and negative ins and outs across all interactions, in a given period.
|Entrance/Exit||Spaceship inflow and outflow||Organisation inflow and outflow|
|1. Financial||Monetary value both in, from funding and revenue (if the ship generates revenue) and out from expenses, salaries, funding repayments, fuel etc.||Monetary value both in from revenue, funding, grants etc, and out from expenses, salaries, loan repayments, taxes etc.|
|2. Employees||Human capital both in, from crew joining the ship and coming onto work shifts and out from leaving the ship and clocking off at the end of the shift. What is their level of satisfaction, well being, physical and mental health, intellectual and financial value between coming in and going out?||Human capital both in, from employees joining the organisation and coming into work each day and
out from leaving the organisation and finishing work each day. What is their level of satisfaction, well-being,
physical and mental health, intellectual and financial value
between coming in and going out?
|3. Customers||If the ship is being used by paying passengers for transport, the inflow is financial through payment for services and goods and outflow is the degree of satisfaction with the trip and service.||Customer satisfaction from the net in and out. In through payment for goods and services and out, the degree to which the goods and services met their needs.|
|4. Regulators||The compliance requirements for the ship flow in and the level of adherence to those requirements flows out.||Compliance requirements flow in and degree of compliance flows out.|
|Goods and services such as fuel, supplies, maintenance etc. flow in and financial payments and supplier relationships flow out.||Goods and services flow in and financial payments and supplier relationships flow out.|
|6. Society||Depending on the purpose of the ship outflows may include such things as research and an increase in human knowledge etc.||What the organisation takes from society flows in and what it adds to society through corporate social
responsibilities etc, flows out. These flows can be both financial and nonfinancial. Financial will include tax
payments, grants, charitable donations etc and non-financial will include such things as benevolent
community service etc.
|7. Environment||The ship will take in raw materials such as fuel and pass out such things as waste.||Environmental inflows will include such things as raw materials, energy, food and outflows, waste, pollution, environmental renewal projects etc.|
The ‘true’ performance of the organisation is the net of all the positive and negative ins and outs across all interactions, in a given period. Over time, there will be trade-offs between the holes. Training, for example, will lead to a depletion in financial resources but an increase in intellectual resources. Value is created and positive performance achieved when there is a net excess of value increases over value decreases.
The issue is, we traditionally have had hundreds of accountants measuring every in and out around the
financial hole but no one watching or measuring the ins and outs of the other holes.
If we now wish to add in the impact of decisions made on future periods, we need to add in risk.
The Business Dictionary defines performance as ‘The accomplishment of a given task measured
against preset known standards …..’ These standards are the organisation's objectives. A traditional
view of performance is, therefore, the degree to which the organisation meets the set objectives. This
gives us a wider measure of performance but it is still historical looking. If we now wish to add in the
impact of decisions made on future periods, we need to add in risk. Risk is the ‘the effect of uncertainty
on objectives’ and it manifests itself in the future.
True performance should therefore consider:
Looking back, one of the reasons I transitioned from accounting into risk management was my passion
for overcoming these shortcomings.
What does risk management give us regarding a ‘truer’ view of performance?
Firstly, the level of risk taken in achieving the reward is recognised. This allows risk-based performance
to be identified — not just reward-based performance.
Secondly, the recognition of risk allows the recognition of the uncertainties around the achievement of
objectives. This provides an understanding of the future impact of past decisions.
Thirdly, enterprise risk management encompasses both non-financial and financial risk. This means that
as risk managers we recognise the non-financial objectives. These are defined as the various
impact/consequence types. These typically include:
Lastly, the range of reward and risk impact types ensure that all key stakeholders are included in a true
|Stakeholder||Primary objectives/risk impact types|
|Shareholder||Financial objectives: (profit and loss, financial stability, share price).|
|Employees||Employee satisfaction, people safety|
|Vendors, third parties||Financial stability|
|Environment||Environment (carbon emissions, energy use etc.)|
HRH Prince Charles was concerned about the lack of reporting by companies, in which the royal family
invested, on how they impacted society and the environment. As a result in 2006, he started the
‘Accounting for Sustainability Trust’. This led to the formation of the International Integrated Reporting
Council (IIRC) whose chairman is the father of governance and risk management from South Africa,
From here, the ‘Integrated Reporting’ movement was born which seeks to address the serious
shortcomings of current accounting practice to show ‘true’ performance.
In short, integrated reporting is measuring all of the ins and outs across every hole in the spaceship. An
integration of all value-adds and value-subtracts.
The International Integrated Reporting Framework addresses these concepts as follows:
With these developments in risk management and accounting, we can start seeing a practical solution for
measuring true performance using a mix of reward, risk and risk appetite.
The Australian Prudential Regulation Authority (APRA) in its Prudential Inquiry report into the
Commonwealth Bank of Australia (CBA), highlights the concept of the ‘voices’. I like to use this concept
to bring together all of the above to provide a true view of performance.
So, what are the ‘voices’?
Each stakeholder has a voice, the voice of the customer, the voice of the shareholder, the voice of the
environment etc. Each of these voices has two parts, the voice of reward and the voice of risk. The true
performance of an organisation is, therefore, the aggregation of all of the risk-based rewards across all
It is interesting to note that the CBA was highlighted by APRA as having a sustained period of financial
success. Financially they are a high-performing bank. However, APRA highlighted that the voice of
finance was much louder than the voice of the customer or the voice of risk. Given the current enforceable
undertaking and the remediation effort in progress, it reflects that the ‘true’ performance was perhaps
somewhat lower once all of the other non-financial and a wider range of stakeholder risks and rewards
were taken into account.
Risk and reward information across the various stakeholders should not be viewed in isolation but instead brought together to provide a balanced snapshot of all the things that matter.
There are clearly many difficulties in practically implementing a truer measure of performance. The key
challenges are how non-financial rewards and qualitative risks can be measured. There will no doubt be
much development in this space over the next few years. However, there is plenty to do right now if you
wish to begin measuring the true performance of your organisation. The following is a list of
considerations to get you started.
This highlights that the voices of shareholders and employees are most keenly heard while the voices of
the customer, regulator and suppliers are not being prioritised. It also shows the voice of reward (KPIs) is
louder or preferred to the voice of risk (KPIs).
This highlights that risk and reward information across the various stakeholders should not be viewed in
isolation but instead brought together to provide a balanced snapshot of all the things that matter.
In conclusion, risk management should not be viewed in isolation or as just a compliance/risk process. Its
true value is much more than that. Measuring true performance requires the measurement of both risk
and reward across each stakeholder. Does your enterprise risk system encapsulate the reporting of all
risk as well as reward and present it in a manner that truly integrates the risk/reward performance across
This article was first published in the November 2018 issue of Governance Directions, the official journal of Governance Institute.
Author of 'A Short Guide to Operational Risk', David Tattam is an internationally recognised specialist in all facets of risk management, particularly at the enterprise level. His career includes many years working with PwC, as well as two Australian banks. His achievements include the creation of the Middle Office (Risk Management Department) for The Industrial Bank of Japan in Australia and the complete implementation of all Australian operations, systems, procedures and controls for Westdeutsche Landesbank (WestLB).