Advertisement: open in new window
The financial crisis may have focused attention on how key individuals in that sector were paid: the widely held perception being that some people were rewarded to take on excessive risks and that this was a significant contributing factor to the crash. However, regardless of whether it is right to blame the economic recession wholly on bankers’ bonuses, the focus on the link between risk and reward is welcome – and not only for City-based organisations. In the private sector, the consequences of a shrinking economy have been widespread pay freezes and, to a lesser extent, pay and pension cuts. In the public sector, the drop in tax revenues has resulted in concerns about the affordability of wage and pension commitments, with the government imposing a 1 per cent cap on salary growth from 2011.All this activity actually gives HR and reward professionals the opportunity to examine their own formulae linking organisational value to fixed pay, variable pay, employee benefits and non-cash recognition/incentive programmes, and to ask whether such approaches are working.
A bonus or a minus?In summer 2009, the CIPD and Cranfield School of Management carried out a survey of around 300 reward professionals. It looked at the risks that organisations faced in how they rewarded and recognised staff, how confident they were that their organisation could deal with these risks, and which of these risks they predicted would grow in importance over the following 12 months.Despite the belief among politicians, regulators and the media that bonuses and incentives can encourage inappropriate behaviour, this concern ranked 28 out of 39 potential risks to organisational value listed by respondents. Instead, they perceived that the greatest reward risks were poor communication and inability to adapt reward policies and practices to the changing business environment. As one respondent put it, “The danger is that we will rest on our laurels and fail to move policy forward in the window of opportunity that the economic downturn is providing.”If an organisation is unable to communicate effectively with its employees about what attitudes, behaviours, skills and performance it needs and how these elements will be rewarded then organisational value is at risk as the wrong attributes may develop among employees. “Communications are not working well,” described one reward manager, “leading to very low morale as pay cuts and time reductions are requested.”If the business environment changes and organisational success is redefined, then what is needed from employees must also change, and so the reward and recognition approach must recognise that.The survey also reveals that some of the risks associated with rewarding employees are becoming ever-greater threats. One survey respondent wrote that: “All our cash is caught up in intangible assets and, [given our] poor relationship with the bank, every month there is a risk of not paying staff.” Increasingly, attention is going to be focused on the risks around cash-flow management, pension and benefit costs and investment strategy management, as reflected by this response: “The risks around our pension deficits overshadow the capability of the main company to pull itself out of recession.”Worryingly, only a small minority (17 per cent) of respondents believed that organisations were prepared to meet the reward risks identified in the survey. To help reward and HR professionals meet these challenges, the CIPD and Cranfield School of Management conducted a second stage of in-depth research and found some telling answers.
What is risk management?Before going on further, it will be helpful to clarify what we mean by risk and risk management. Risk is the combination of the probability of an event and its consequences, while risk management is defined as the coordinated activities taken to direct and control an organisation with regard to risk. We identify and manage risk in everything that we do. For example, we put up smoke alarms to reduce the possibility of our house burning down, and in addition many people further manage the risk by taking insurance cover on this event to allow them to replace damaged goods and property. While the probability of such an event occurring is very low, the consequences may be devastating. Smoke alarms and buying insurance cover are examples of good risk management. In the current social, political and economic climate, inappropriate reward activities can damage reputation. Poor risk management can damage an organisation’s brand, cause loss of customers and reduce ability to attract, retain and engage employees. This led one research participant to conclude that the benefit of proactive reward risk management was the ability to “reduce the likelihood of nasty surprises”.However, risk management is often misunderstood. Good risk management should not be a barrier to risk-taking activity. Taking risks is at the heart of all organisational activity and crucial if organisations are to innovate, develop and create value. Failure to take up opportunities that arise is a huge risk in itself. Risk management is as much about this as it is about avoiding problems.Our second-stage research, involving workshops and interviews, revealed that significant work was under way in some forward-thinking organisations, often led by their reward teams, to manage risks arising from their reward approach. For example, keeping abreast of legal developments to ensure that reward policies remained compliant with the law, so reducing legal risks, or ensuring bonuses are calculated to truly reflect the value added by an individual or team. However, what emerged was that more work needed to be carried out to correctly identify and quantify risk within organisations. We therefore identified seven reward risk groups (see table, below) that can arise from an organisation’s reward strategy. The challenge is for HR professionals to identify, assess and manage these risks within their organisations.
A competent approachHR professionals are advised to use established risk management techniques (such as risk logs, stress testing, impact and probability analysis). This has the dual benefit of saving time and appearing more credible to senior management. Our research proposes three separate phases to effective reward risk management:- Risk identification. Identify the reward risks to which your organisation is potentially exposed. - Risk assessment. Evaluate the extent to which these risks are likely to have a material impact on your organisation.- Risk mitigation. Determine the action needed to manage unacceptable risks and reduce them to a level that is considered appropriate. The competencies required by HR professionals to successfully pursue a risk-based approach to their reward work can largely be found in the CIPD’s HR profession map: curious, decisive thinker, driven to deliver, personally credible, skilled influencer, and collaborative.While the research identifies that reward risks are on the increase, and practitioners are struggling to manage these risks, there are clear steps (see Top tips, below) that HR practitioners can take to more effectively identify, assess and then manage the risks that organisations face when managing their reward practices.
Top tips: improving reward-related risk managementOrganisations can take simple steps to significantly improve reward-related risk management:- Set up effective intelligence gathering systems for reward risk. Use a range of sources to identify the risk that could damage your reward strategy by working with colleagues in finance, legal, compliance and audit functions to gain different perspectives.- Regularly review your reward strategy and systems for risk. It’s not a one-off process – ongoing vigilance is required.- Don’t reinvent the wheel – use established risk management tools to assess and manage identified reward risks.- Know your reward risk threshold and manage risk consistent with this. Engage your senior management in this discussion.- Build your risk management resilience and develop a permanent risk management culture.