EXPLAINED Guide: Risk Appetite

DOWNLOAD THE PUBLICATION HERE

Risk appetite is a key component of enterprise risk management; it refers to the amount and type of risk that an organisation is willing to pursue or retain. Willingness to bear risk can be defined in two ways:

• An organisation’s desire or aversion to pursue opportunities in an uncertain business environment.
• How much volatility around an expected outcome is tolerable in terms capacity, regulatory compliance, ethics, reputation and alternative costs for the business.

Defining and implementing risk appetite (increasingly referred to as a risk attitude) is a strategic activity that involves the Board and top management, as it must be aligned with strategic objectives and requires consensus and engagement from organisation leadership.

Risk appetite varies between industry sectors, between organisations within those sectors, and by geographies and types of risk. The level of regulation and capital intensity of an organisation will influence its perception of acceptable risk in relation to potential opportunities. Organisations and the context in which they operate are dynamic, and an approach of continuous improvement should be adopted to ensure that lessons learned are taken on board and risk appetite is regularly reviewed, updated and signed off by key stakeholders, including the Board.

This guide sets out an introduction to the concept of risk appetite, with the intention of providing individuals, who may not be risk management specialists, with a high-level overview of:

• What risk appetite is and why it is important.
• How risk appetite can be used to support decision-making.
• The role of culture in risk management.
• The practical challenges of applying the concepts of risk appetite.