When I started my career as a chartered accountant, it was instilled into me to assess financial performance using debits and credits as a basis to determine the performance and financial position of an organisation. I practised as an auditor for over a decade, helping to form an opinion as to whether the financial statements showed a ‘true and fair’ view of the organisation’s performance and financial position.
During this time, a few things always bothered me:
Who was, and is, assessing and auditing these? The quick answer was no-one!
In short, traditional accountability of an organisation for its performance covers a very limited view of its financial performance. It is missing so many other components and therefore cannot reflect the entity’s ‘true’ performance.
The analogy I like to use to understand ‘true’ performance: is that of a spaceship.
Imagine your organisation is a spaceship. It is cruising through space and interacting with its environment. On the outside surface of the ship, there are holes (entrances and exits) through which things pass both in and out. This is how the ship (your organisation) interacts with its environment. So,
what are the key entrances and exits?
The ‘true’ performance of the organisation is the net of all the positive and negative ins and outs across all interactions, in a given period.
|Entrance/Exit||Spaceship inflow and outflow||Organisation inflow and outflow|
|1. Financial||Monetary value both in, from funding and revenue (if the ship generates revenue) and out from expenses, salaries, funding repayments, fuel etc.||Monetary value both in from revenue, funding, grants etc, and out from expenses, salaries, loan repayments, taxes etc.|
|2. Employees||Human capital both in, from crew joining the ship and coming onto work shifts and out from leaving the ship and clocking off at the end of the shift. What is their level of satisfaction, well being, physical and mental health, intellectual and financial value between coming in and going out?||Human capital both in, from employees joining the organisation and coming into work each day and
out from leaving the organisation and finishing work each day. What is their level of satisfaction, well-being,
physical and mental health, intellectual and financial value
between coming in and going out?
|3. Customers||If the ship is being used by paying passengers for transport, the inflow is financial through payment for services and goods and outflow is the degree of satisfaction with the trip and service.||Customer satisfaction from the net in and out. In through payment for goods and services and out, the degree to which the goods and services met their needs.|
|4. Regulators||The compliance requirements for the ship flow in and the level of adherence to those requirements flows out.||Compliance requirements flow in and degree of compliance flows out.|
|Goods and services such as fuel, supplies, maintenance etc. flow in and financial payments and supplier relationships flow out.||Goods and services flow in and financial payments and supplier relationships flow out.|
|6. Society||Depending on the purpose of the ship outflows may include such things as research and an increase in human knowledge etc.||What the organisation takes from society flows in and what it adds to society through corporate social
responsibilities etc, flows out. These flows can be both financial and nonfinancial. Financial will include tax
payments, grants, charitable donations etc and non-financial will include such things as benevolent
community service etc.
|7. Environment||The ship will take in raw materials such as fuel and pass out such things as waste.||Environmental inflows will include such things as raw materials, energy, food and outflows, waste, pollution, environmental renewal projects etc.|
The ‘true’ performance of the organisation is the net of all the positive and negative ins and outs across all interactions, in a given period. Over time, there will be trade-offs between the holes. Training, for example, will lead to a depletion in financial resources but an increase in intellectual resources. Value is created and positive performance achieved when there is a net excess of value increases over value decreases.
The issue is, we traditionally have had hundreds of accountants measuring every in and out around the financial hole but no one watching or measuring the ins and outs of the other holes.
If we now wish to add in the impact of decisions made on future periods, we need to add in risk.
The Business Dictionary defines performance as ‘The accomplishment of a given task measured against preset known standards …..’ These standards are the organisation's objectives. A traditional view of performance is, therefore, the degree to which the organisation meets the set objectives. This gives us a wider measure of performance but it is still historical looking. If we now wish to add in the impact of decisions made on future periods, we need to add in risk. Risk is the ‘the effect of uncertainty on objectives’ and it manifests itself in the future.
True performance should therefore consider:
Looking back, one of the reasons I transitioned from accounting into risk management was my passion for overcoming these shortcomings.
What does risk management give us regarding a ‘truer’ view of performance?
Firstly, the level of risk taken in achieving the reward is recognised. This allows risk-based performance to be identified — not just reward-based performance.
Secondly, the recognition of risk allows the recognition of the uncertainties around the achievement of objectives. This provides an understanding of the future impact of past decisions.
Thirdly, enterprise risk management encompasses both non-financial and financial risk. This means that as risk managers we recognise the non-financial objectives. These are defined as the various impact/consequence types. These typically include:
Lastly, the range of reward and risk impact types ensure that all key stakeholders are included in a true performance assessment:
|Stakeholder||Primary objectives/risk impact types|
|Shareholder||Financial objectives: (profit and loss, financial stability, share price).|
|Employees||Employee satisfaction, people safety|
|Vendors, third parties||Financial stability|
|Environment||Environment (carbon emissions, energy use etc.)|
HRH Prince Charles was concerned about the lack of reporting by companies, in which the royal family invested, on how they impacted society and the environment. As a result in 2006, he started the ‘Accounting for Sustainability Trust’. This led to the formation of the International Integrated Reporting
Council (IIRC) whose chairman is the father of governance and risk management from South Africa, Mervyn King.
From here, the ‘Integrated Reporting’ movement was born which seeks to address the serious shortcomings of current accounting practice to show ‘true’ performance. In short, integrated reporting is measuring all of the ins and outs across every hole in the spaceship. An integration of all value-adds and value-subtracts.
The International Integrated Reporting Framework addresses these concepts as follows:
With these developments in risk management and accounting, we can start seeing a practical solution for measuring true performance using a mix of reward, risk and risk appetite.
The Australian Prudential Regulation Authority (APRA) in its Prudential Inquiry report into the Commonwealth Bank of Australia (CBA), highlights the concept of the ‘voices’. I like to use this concept to bring together all of the above to provide a true view of performance.
So, what are the ‘voices’?
Each stakeholder has a voice, the voice of the customer, the voice of the shareholder, the voice of the environment etc. Each of these voices has two parts, the voice of reward and the voice of risk. The true performance of an organisation is, therefore, the aggregation of all of the risk-based rewards across all
It is interesting to note that the CBA was highlighted by APRA as having a sustained period of financial success. Financially they are a high-performing bank. However, APRA highlighted that the voice of finance was much louder than the voice of the customer or the voice of risk. Given the current enforceable
undertaking and the remediation effort in progress, it reflects that the ‘true’ performance was perhaps somewhat lower once all of the other non-financial and a wider range of stakeholder risks and rewards were taken into account.
Risk and reward information across the various stakeholders should not be viewed in isolation but instead brought together to provide a balanced snapshot of all the things that matter.
There are clearly many difficulties in practically implementing a truer measure of performance. The key challenges are how non-financial rewards and qualitative risks can be measured. There will no doubt be much development in this space over the next few years. However, there is plenty to do right now if you wish to begin measuring the true performance of your organisation. The following is a list of considerations to get you started.
This highlights that the voices of shareholders and employees are most keenly heard while the voices of the customer, regulator and suppliers are not being prioritised. It also shows the voice of reward (KPIs) is louder or preferred to the voice of risk (KPIs).
This highlights that risk and reward information across the various stakeholders should not be viewed in isolation but instead brought together to provide a balanced snapshot of all the things that matter.
In conclusion, risk management should not be viewed in isolation or as just a compliance/risk process. Its true value is much more than that. Measuring true performance requires the measurement of both risk and reward across each stakeholder. Does your enterprise risk system encapsulate the reporting of all risk as well as reward and present it in a manner that truly integrates the risk/reward performance across all stakeholders?
This article was first published in the November 2018 issue of Governance Directions, the official journal of Governance Institute.
David Tattam is the Chief of Research, Knowledge and Consulting and co-founder of the Protecht Group. David’s vision is the redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht’s clients. David is the driving force in driving Protecht’s risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.