Three lessons in risk management from England

Basic CMYKBy Robert ‘t Hart

“When a municipality doesn’t have an effective form of risk management, it doesn’t have an effective management.” Since this argument was first introduced in England, it has been cited in many articles. In the United Kingdom the emphasis lies on the relationship between governance and risk management. Because of the risk culture and the presence of manuals, lessons can be learned from English practice. These factors of success can inspire other European public managers in improving their risk management.

In the UK the central government judges the municipalities with performance indicators with an analysis, the Comprehensive Performance Assessment, or CPA. This assessment has two purposes. Firstly the assessment examines if the policy objectives are achieved. Secondly it examines the management and business processes.

An important part of the analysis is the extent to which risk management has been embedded in the organization. This determines the quality of decision making and the quality of the management of the financial reserves. Since CPA is regarded as the standard for good municipal governance, a poor performance in the analysis means a major loss of image, because the outcome of the analysis of every municipality will be made public. It can also mean that subsidies provided by the central government can be reduced and that they will take administrative measures.
The most important principles that the CPA provides, have been converted by different organizations for some years into fully tailor-made manuals for municipalities. From the manuals 3 lessons can be learned.

1. Create a risk management vision from within the board. In England risk management is regarded as a management tool, it concerns the control of the entire organisation and the policy performance. The objectives of risk management are established by the City Council. In the Netherlands politics only interfere in abstract terms. Money is spent on risk management, but the council doesn’t fully understand what it is and what it can mean to them. This can result in risk management quickly disappearing from the political and administrative agenda.

2. Organization-wide approach instead of a singular approach.To insure an organisation wide approach, the MT is responsible for the entire risk management process. One of the tasks of the MT is to ensure that risk management is accepted by other managers. Subsequently the departments have to effectuate the risk management. They focus more on human error, process flaws rather than purely financial risks.

3. Clear mandate and responsibility.
In England the City Council only focuses on the most important, often politically sensitive risks. The control of other risks is often delegated to service and department managers. The benefit of this is that the board can actively participate in risk management, without being at the same time overwhelmed with information. On the other hand the MT does not interfere with department managers in the management of smaller risks. To organise this approach the MT, colleges and councils have to take the initiative.

Robert ‘t Hart is director of the “Nederlands Adviesbureau voor Risicomanagement” (Dutch risk management consultancy bureau).