That is the insight that my colleague Diederik Amery, based in Brussels and Luxembourg, shares with us this month; a key focus of his work is in helping shape effective Audit and Risk Committees.
I recently had the privilege to host a dinner in Brussels attended by audit committee members and group CFOs of several major companies. As the discussion round the table made clear, businesses today must place much greater emphasis on audit and risk than they did even a decade ago. They also require a fundamentally different set of skills and know-how in these areas.
As recent corporate crises make clear, a single risk event can knock billions off a company’s share price – or even destroy it as an independent entity. It is not just financial risk that companies must manage, but enterprise risk more broadly – including macro-economic risk, cybersecurity, and risk related to operations, technology, reputation, fraud, tax or litigation.
The financial crisis of 2008-09 revealed many companies’ risk preparedness as inadequate – and served as a stark reminder that the business environment is much more volatile and uncertain than many had assumed. As a direct result, audit committees and risk and compliance functions were given considerably more clout.
As our dinner discussion suggested, this trend is only strengthening. While some companies still have a long way to go, many now recognise the critical business value of their audit and risk structures. They are also placing their best talent in these areas – and giving them the resources and top-management access they need to play their role effectively.
Whereas it was once the norm for internal audit functions to put their “stamp of approval” on recommendations by the CFO or chief accountant, today they are expected to exercise much greater independence of thought – and much greater readiness to be outspoken when needed.
That’s why my advice to anyone aspiring to grow towards a CFO role is to take on an internal audit role at some stage in your career. Not only will this expose you to some of the most critical and complex issues facing your company, it will also help you build the competencies to master that complexity, make good recommendations, and engage and influence senior leaders.
Equally, my advice to established CFOs and other senior executives is to consider seeking a role on the Audit or Risk Committee – and when doing so, to be aware of the demands of that role. Today it is not enough to have mastered accounting rules and the International Financial Reporting Standards (IFRS); you must also be able to dig deeper and pinpoint the economic realities and risks behind the numbers.
Just as important – both for audit committee members and the internal audit function – is the need to cultivate psychological insight. When faced with problems, the instinct of most executives is to report that everything is under control. To be an effective risk manager, you must know how to see beneath the reassurances, raise questions, and crystallise the true issues facing the company.
In today’s business world, that skill is needed more than ever – and it will serve you well in your own development as a leader.
Cagla Bekbolet and Diederik Amery are leaders in the global CFO practice of executive search firm Egon Zehnder.