Making matters worse, much of the impact of economic and
political change is completely outside a risk manager's
control. It has always been the case that expropriations,
currency restrictions, acts of political violence, and embargoes
can arise at any time, but, given recent history, businesses
must now also anticipate not only when such incidents may arise
but how many at one time.
Rarely in the 25 years since communism collapsed has the
world been such a perilous place for risk managers. The plethora
of political and economic upheaval—particularly since 2008—has
made the need for anticipatory risk management essential, yet
few small and medium-sized companies have the resources
necessary to be able to address the problem. What follows are
some guidelines for how to stay on top of country risk when
trading or investing abroad in today's evolving landscape.
A Sound Cross-Border Risk Management Platform
To the extent that international companies devote any
resources at all to understanding cross-border trade and
investment climates (and, in my experience, most do not), they
tend to over-rely on externally generated country risk analyses,
which are more often than not produced generically and are not
entirely appropriate for specific transactions. This is perhaps
the most common mistake risk managers make. They believe that,
because they may have some recent information about the general
political and economic profile of a country, they have a true
handle on the nature of the risks associated with doing business
there.
What about gauging legal and regulatory risk, the country's
friendliness toward foreign trade and investment, and other
companies' experience there? Too often, companies get caught in
an "investment trap": they commit long-term resources to a
country only to find that the bill of goods they were sold—or
thought they understood—turned out to be something completely
different.
There are plenty of stories out there about companies whose
investments turned into disaster because the regulatory
environment changed, a legal issue arose, international
sanctions affected their ability to operate, or they selected
the wrong joint venture partner. After the investment has been
made, it is often too late to pull out without incurring large
losses and experiencing reputational risk once the story hits
the press.
A sound cross-border-oriented risk management process will
include certain basic elements that result in the creation of an
environment conducive to effectively managing risk:
- Adequate risk management policies and
procedures
- An accurate system for reporting country
exposures
- An effective process for analyzing country
risk
- A country risk rating system
- Established country exposure limits
- Regular monitoring of country conditions
- Periodic stress testing of foreign exposures
- Adequate internal controls and an audit
function
- Effective oversight by a well-informed board
of directors
Regardless of the extent to which your organization can fully
comply with this "ideal" checklist, given limited resources, it
is important to establish clear tolerance limits, delineate
clear lines of responsibility and accountability for decisions
made, and identify in advance desirable and undesirable types of
business. Policies, standards, and practices should be clearly
communicated and enforced with affected staff and offices.
Quarterly reporting should be imposed—more frequently if foreign
exchange exposure impacts a given investment.
It is naturally also important that analyses be adequately
documented and conclusions communicated in a way that gives
decision-makers an accurate basis on which to gauge exposure
levels and that sufficient resources be devoted to the task of
assessing risk. Since the crisis, some banks have centralized
the analytical process and engage in periodic assessments of
risk on a more regionalized basis (as opposed to strictly on a
country-specific basis).
Best Practices
Best practices dictate that a number of actions should be
taken to create a transactional risk management program. Among
them:
- The risk management function should be
centralized.
- Risk guidelines should be established and
widely disseminated.
- Country/sector limits should be established.
- A system to better delineate the severity of
perceived risks should be established.
- Quarterly transactional risk reporting
should be implemented.
- Maximal use should be made of internal
information capabilities while incorporating a
wide array of external information sources into
analyses.
The ability to obtain primary knowledge through inputs from
local offices, as well as by regular visits on the part of
country risk officers, cannot be overemphasized. Best practices
should encourage in-house assessments before relying on external
sources of information in order to build internal rating
applications.
In most organizations, the country risk function operates
autonomously, as there tends to be diverging interests between
the operating side of the business and risk management. It is
therefore important for senior management to effectively oversee
interaction between the two sides. The risk assessment decision
chain should be transparent and independent of compromise by
business unit practices.
Another common issue is that the lines of communication among
risk management personnel, between risk management and
decision-makers, or among decision-makers is bypassed,
convoluted, or just plain wrong. I have seen instances where:
- Risk management is given only cursory
participation in the transaction approval
process.
- Sales teams bypass risk management entirely,
or ignore risk management's recommendations,
because they fear a transaction will be canceled
as a result of unacceptably high levels of risk.
- A CEO delivers a presentation to a board of
directors that is false, but he believes it to
be true, because the risk manager's staff said
it was.
A risk manager may have the right information, but it is
based on a short-term assessment of the risks. The long-term
view may be completely different. In the absence of knowing what
questions to ask and having clear lines of communication, the
right information may not be taken into consideration.
A board of directors often has no idea what questions they
should be asking of corporate decision-makers. Executive
education on the subject of country risk can be invaluable to
decision-makers up and down the chain and could save an
organization millions of dollars by having a better ability to
avoid costly mistakes.
Staying Ahead of the Curve
Much of what determines whether a country risk manager can do
a good job will ultimately be outside his or her control. No
one, no matter how experienced, can know or anticipate precisely
where a country is heading all the time. All we can do is make
educated guesses based on what history teaches us and what we
have learned in the process. That said, to be effective, a
country risk manager must have the tools necessary to do the job
and have the backing of senior management to both integrate the
country risk function into the decision-making process and take
that process seriously. Whether that occurs may also be outside
the risk manager's control.
In the end, the ability to anticipate what the future will
bring using a combination of knowledge, insight, and a healthy
sixth sense can make all the difference. Listening to your gut
and sense of smell are, in the end, as important as all the
other tools at one's disposal. A good risk manager knows when to
listen to it.