#85 - Interview with Stéphane Martin - Risk management isn’t a compliance exercise, it’s a strategic advantage

00:00:06:

00:00:16: Céphane Martin is CEO of Smart Risk Consulting and co-founder of the biggest risk management conference in Switzerland.

00:00:27: Today we will talk about what is the role of risk management in today's corporate world.

00:00:34: Stefan, thank you so much for being here.

00:00:36: Now also in the video podcast.

00:00:38: We already had the pleasure having you in our audio podcast.

00:00:42: How are you today?

00:00:43: I'm very good.

00:00:44: Thank you for inviting me again.

00:00:45: Very happy to be here.

00:00:47: Stefan, I would like to start with the podcast with the question.

00:00:53: What was your motivation?

00:00:55: You built a big conference here in Switzerland, especially in the field of risk management.

00:01:00: You established a big brand.

00:01:02: What was your motivation in building this risk-in conference?

00:01:06: Oh, yes.

00:01:08: I think it came from a frustration.

00:01:11: I was not really happy with the existing network of conferences, so I decided to build one myself.

00:01:21: I believe that you need, when you're a professional, people to discuss with on a regular basis and to discover, of course, new topics, new ideas, ways of working that you can implement.

00:01:34: At the time, before creating the conference, I created a network called Swiss Risk Management Forum.

00:01:41: That was when I was hired and employed by Syngenta as a corporate risk manager.

00:01:47: So I was used to organizing brainstorming activities and workshops, so people knew me by these activities.

00:01:56: So I continued when I... began a consultant.

00:02:01: And this is how the conference basically was born.

00:02:07: And for whom is this conference interesting?

00:02:09: What kind of decision makers?

00:02:11: What kind of companies?

00:02:14: We try to address quite a large spectrum of companies.

00:02:20: You go to medium-sized family-owned companies to very large global organizations such as Novartis or Roche, for example.

00:02:29: The people coming to risk in are interested in decision making for their own organizations.

00:02:35: So they need to better understand risks they are taking.

00:02:39: They need to be able to analyze the right data.

00:02:41: And they need to stay informed about the new topics that are very trendy or challenging, such as AI, for example.

00:02:50: So you know the risk management field so well.

00:02:54: What do you think?

00:02:56: From your perspective, what is the biggest risk that companies face nowadays?

00:03:01: It's a very good question.

00:03:03: I will start by not answering your question.

00:03:07: And maybe by explaining that it is very much linked to the risk culture in the organization.

00:03:14: If the companies or the people within these companies are used to... asking questions about risks, managing risks, analyzing risks, then you will have less surprises.

00:03:26: But I have to be honest, in the number of organizations that I have seen, the risk management exercise is seen as a compliance exercise still.

00:03:37: So we need to inform organizations on the use and the value of risk management.

00:03:43: Now to answer your question.

00:03:45: I believe that a number of risks are increasing in terms of probability and impact, such as the use of AI without having a proper governance model implemented in the organizations.

00:04:02: You can of course look at climate risk.

00:04:05: risk, sorry climate risk scenarios for which organizations are not ready in terms of for long term or medium term impacts.

00:04:16: These are probably the main ones.

00:04:18: but of course one should not be forget is the cyber risk aspect.

00:04:23: with all the quantum capabilities that we begin to see.

00:04:27: Some people say that by twenty twenty eight your encryption capabilities will be just exploding because of quantum anti encryption software.

00:04:39: So Stefan, you're saying basically companies need to create more awareness, especially in terms of governance regulation and the evolving of the new technology AI.

00:04:50: So I mean, everything is really basically changing.

00:04:53: So that's why governance also has to change the rules and regulations.

00:04:58: Yes, absolutely.

00:04:59: Governance is often forgotten because it's not always easy to change your company's model in terms of who to inform what and what is the speed of the information, how to decide on things we don't yet understand.

00:05:17: So we need to have governance models around AI for example.

00:05:21: and that would help organization understand what type of tools to use, what is the reach of the tools, is my data safe, for example.

00:05:30: All these kinds of elements, we're just at the beginning of it at the moment.

00:05:35: So we're at the beginning of a huge change in the risk management governance space.

00:05:42: Yes, especially for AI, I believe so, because for the other topics, most organizations are already concerning AI.

00:05:49: We're still discovering what AI means.

00:05:51: We're still discovering the capabilities of AI.

00:05:54: A number of professionals are for now afraid to use AI because of the secrecy of data, for example.

00:06:02: And it's not yet completely understood how you can use AI for better value for your organization.

00:06:09: So we are discovering that, but there is a lot to do, a lot of positive aspects of AI that we should all endorse.

00:06:16: Stefan, you also help companies managing their risk.

00:06:20: Why do they need you?

00:06:23: Yes, absolutely.

00:06:24: I'm a risk consultant on the side, well, not on the side, on a day-to-day basis, alongside with organizing the risk in conference.

00:06:34: Usually, organizations call me to set up teams, to train teams, to adapt their frameworks.

00:06:41: and to better analyse the risks.

00:06:43: The most important aspect is probably to use techniques that have been proven to be useful to organisations like the bow tie techniques and also adapting their reports to be sure that it is adding value to the board or to the executive committees for example.

00:07:00: So I see too many risk reports being static at the moment, just reflecting the work being done by risk registers along the year.

00:07:10: I don't see enough yet dynamic risk reports that would be linked to geopolitical tensions, for example.

00:07:19: So creating more of a dynamic risk reporting, also adapting to different political scenarios that might occur.

00:07:28: Yes absolutely boards need to be informed more in a quicker way if you want in terms of decisions because today we are facing a number of events that are relayed into social media.

00:07:46: Social media is extremely quick in relaying good stuff but also bad stuff.

00:07:53: So you want your boards and your executive members to be able to connect with the risk owners within your organization and take decisions very, very quickly on how to respond to specific risks when they occur.

00:08:08: And if you look back into time... Stefan, how do you think risk management evolved?

00:08:14: Maybe you can elaborate on that a little bit.

00:08:17: Yeah, I think that unfortunately risk management has not evolved a lot.

00:08:22: I don't think that the associations or the academics have adapted their frameworks and ways of working in terms of what's really needed, in terms of practicalities of risk management.

00:08:36: So we are still selling risk management certificates, risk management diplomas, Instead of trying to train executive members, board members, to what is risk management and how to analyze risks.

00:08:49: I mean, having said that, I believe risks have evolved a lot more rapidly than risk frameworks, for example.

00:08:56: So, as mentioned a little bit earlier, AI is evolving very, very rapidly.

00:09:02: Cyber risks are also evolving very rapidly.

00:09:06: and climate change.

00:09:07: If we have to just name three, that would be these ones.

00:09:12: And you said also getting the board more involved in the risk management aspect.

00:09:17: I think it's really about embedding the data that you need to make decisions in the day-to-day company decisions.

00:09:29: And this is not always what is done.

00:09:31: I can take an example.

00:09:32: When you have a project you want to launch a new office, a new service, a new product, enter a new market, a new country, it's always very positive.

00:09:42: I mean, these projects are positive and the risks are not being taken care of seriously.

00:09:48: And it's a mistake.

00:09:50: You need to understand the risks you are taking when you take a decision.

00:09:54: And by that, I mean having the data needed to take a decision, not just using your cognitive biases to say, well, it's a great project, it's going to work.

00:10:05: And seventy percent of projects around the world failed because they don't use risk management equipment.

00:10:11: So, analyzing data, taking the data into account and also on a higher management level and board level, analyzing this data is important.

00:10:22: Yes, absolutely.

00:10:23: It's absolutely critical that people don't take decisions because they like something, they don't like something, and they have to base their decision on the best information they can get.

00:10:34: And this should be given by the risk management team or the risk owners.

00:10:38: Stefan, finally, I also have some questions, some personal questions.

00:10:42: So our viewers also get to know you a little bit.

00:10:46: It's also a question that I love to ask my guests is what kind of superpower would you like like to possess.

00:10:53: So we get to know you a little bit

00:10:57: better.

00:10:58: You probably already have so many, but maybe one you would like to have.

00:11:02: I'm not aware of my superpower.

00:11:06: I believe that something I keep on doing on a day-to-day basis is improving things.

00:11:13: So I don't know if it's a superpower, but on My daily life with my friends, with my family, with my clients, I try to constantly improve the things we do.

00:11:26: It's quite tiring, I have to admit.

00:11:30: It takes a lot of energy, but I believe this is the only way to do things.

00:11:34: You need to improve things.

00:11:36: a regular basis.

00:11:37: And also a question I would like to ask you is what kind of autobiography would you buy the next one if you had a choice?

00:11:45: Which one would you like to buy?

00:11:46: I'm not sure I would buy the one from Elon Musk today.

00:11:50: Too many controversies linked to that guy.

00:11:52: But maybe Richard Bronson.

00:11:56: I think he's an extraordinary entrepreneur.

00:12:00: And he made something rare.

00:12:03: He converted his weakness, well, what people think is a weakness is dyslexia into strength.

00:12:10: So he created online universities to help kids work differently, learn differently, look at bigger picture.

00:12:20: And these people are very, very successful.

00:12:22: Thanks to Richard Bronson.

00:12:23: So yeah, I think I admire him.

00:12:25: Oh, absolutely.

00:12:26: Good choice.

00:12:27: And finally, do you have a motto, a credo, or like a mission statement you live by?

00:12:34: I'll give you two.

00:12:37: You can

00:12:38: give me four if you want.

00:12:42: Probably the first one is the one linked to the risk in conference where we repeat regularly, stop breaking silos.

00:12:51: Build bridges instead.

00:12:53: That's a good one.

00:12:53: I don't like to break things.

00:12:55: I believe that within organization you need to talk to your neighbor To talk to the other processes because the risks are going across organizations.

00:13:05: They don't stand still in one process.

00:13:07: they go across.

00:13:09: so that would be the first one stop breaking things and start bridge silos Britain processes

00:13:15: The.

00:13:16: the second one would be the Pareto rule which I very much like.

00:13:20: Twenty percent of efforts for eighty percent of the results.

00:13:24: I try to live by that.

00:13:26: I try to push that to the freelancers I'm working with on risk.

00:13:30: For example, I believe you can achieve a lot by being really, really focused.

00:13:36: so that eighty twenty rule.

00:13:38: I try to leave by it.

00:13:40: Yeah, that's a good one.

00:13:41: Stéphane Martin, CEO of Smart Risk Consulting and founder of the biggest risk management conference in Switzerland.

00:13:49: Thank you so much, Stéphane.

00:13:50: It was a true pleasure and I hope to see you soon.

00:13:53: I hope to see you soon.

00:13:54: Thank you very much.

00:13:55: I really enjoyed it.