Why ‘people risk’ is jumping to the top of the corporate agenda

Article content

We’ve all heard the slogans “we put our people first” or “our people are our greatest asset.” In the wake of the pandemic and in the grip of near-full employment, that should now be truer than ever. However, “people risk” is a growing and immediate concern for many organizations. This is unfortunate, as businesses that lead on people risk perform better.

What is people risk? It’s an emerging and evolving topic in risk management. Employees, managers, directors and leaders are ultimately people. And they are a significant source of value as well as risk for all organizations. Today, a significant percentage of a company’s value is in “soft assets” (think people, reputation and brand). And those assets can literally walk out the door unless they’re managed and nurtured effectively.

Article content

Managing people risk means mastering topics such as health and safety; talent attraction and retention; retraining and up-skilling; corporate culture; employee engagement and wellbeing; diversity, equity and inclusion; succession planning; and salaries and benefits. All are immediate and long-term people risks that businesses must recognize and resolve, or potentially pay a steep price. For example, companies that do not pay a “living wage” have much higher attrition.

Yet chief risk officers (CROs) say their companies often remain on their back foot when considering people risk, aware of the challenges but uncertain about how to deal with and overcome them. Recently, the Global Risk Institute (GRI) and Cleveland Clinic Canada partnered on a cross-industry survey of CROs from GRI member institutions. The survey found that people risk, which was seen as limited in scope pre-pandemic, has rapidly grown to a top-of-agenda item with significant corporate implications.

Risk leaders cited several significant people-risk factors that have become elevated post-COVID, including health and wellness, safety and workplace mental health.

Article content

Article content

Hybrid work sparked several CRO concerns around leadership capabilities. They stressed that leaders need to be more resilient and flexible to develop different ways to motivate people. They specifically cited the growing adoption of virtual work environments and artificial intelligence (AI), which has been linked to pervasive anxiety in the workplace, and the need for leaders to solve for physical and fear-based obstacles to build a “culture of confidence” to empower employees.

Up-skilling the workforce around empathy and communication skills is a dominant topic of CRO conversation that is often reflected in today’s job descriptions. CROs expect advanced capabilities in emotional intelligence and resilience to be key to solving future people risk challenges.

These concerns and expectations come as CROs see key stakeholders such as employees, customers and investors continuing to demand more from the workplace.

Unfortunately, as people risk gains traction and sparks concern, CROs say it often remains orphaned when it comes to its ownership within the corporate hierarchy.

Article content

Lack of clarity around ownership is not new, especially when it comes to novel and emerging risk areas. We have seen parallel historical challenges in other areas of risk such as cybersecurity, which was initially the sole domain of the chief technology officer (CTO) but eventually migrated to shared accountability with governance and oversight from the CRO.

Every CRO must have a framework in place for robust oversight of people risk and should tap cross-industry experts for support in key areas such as workforce health, safety, wellness and performance. Risk culture and organizational culture are closely linked and are clearly the domain of every people leader in an organization.

In addition to their concerns about elevated people risk and ambiguity of its ownership, many CROs feel their organizations are not well prepared for upcoming policy or reporting changes. Indeed, people risk metrics are largely absent in public disclosures. In the United States, the only people metric that companies are obliged to report on externally is the number of employees. In Canada, the latest international sustainability standards that include human capital reporting are largely voluntary.

Article content

Yet it is the external disclosure of data — such as people-health metrics, the volume and themes of whistleblower conversations and “early warning” cultural health indicators such as employee sentiment — that will eventually lead to better performance and reduced people and reputational risks.

Accelerated by the pandemic, the time to focus on people risk as a pillar of corporate culture, business strategy and risk management is now. Organizations with a clear definition of people risk, a strong governance model and developed practices around metrics and reporting can expect to perform better and be more resilient.

If business leaders are not hearing conversations about people risk at the board table, in executive meetings, or over lunch with their colleagues, it’s time they start the discussion.

After all, people are your most valuable asset.

Dr. Talia Varley is the physician lead for advisory services at Cleveland Clinic Canada. Daniel Moore is the former chief risk officer of Scotiabank. Bruce Simpson is a senior partner emeritus at McKinsey and advisor to Blackstone on ESG.

Bookmark our website and support our journalism: Don’t miss the business news you need to know — add financialpost.com to your bookmarks and sign up for our newsletters here.

Article content