F.A.J. van Kuijck en R.M.J. van Vugt
Deloitte Accountants B.V.
The position of municipal and provincial authorities (hereinafter local governments) in society at large is rather complex. This complexity is especially visible in the number of relationships maintained by local governments. For example, the many parties involved in project development. The complexity is also due to the additional tasks and innovations imposed on local governments in the last few years. For example, the Act on Social Support (Wet Maatschappelijke Ondersteuning (WMO)), the Act on land exploitations (Wet op de Grondexploitaties (Grexwet)) and the changed Act on Town and Country Planning (Wet ruimtelijke ordening (WRO)). And now there is the credit and economical crisis to top it all.
This situation offers many challenges and opportunites. It demands an alert and dynamic local government and adjustment of and reflection on old ways and on the future. In the meantime, local government elections are coming up on 3 March 2010. Political leadership is now all important and its most important basis is adequate risk management.
With the implementation of the Decree Budgeting and Rendering Account (Besluit Begroting en Verantwoording (BBV) in 2004, local governments are required to render account on some important fields of competence. Local governments have to pay specific attention to their financial capacity, take stock of financial risks, and formulate a policy for risks and stress capacity. This demands a dynamic and permanently operational system of risk management, because the state of the art has to be presented (at least twice a year) at the presentation of the budget and at the presentation of the financial statements. The objective of the regulator is to gain a better view of the financial position of local governments on a permanent basis.
What is risk management?
The BBV sets out the main definitions. We first explain these definitions.
Risks: a chance that an event occurs which will have a (negative or positive) effect on the continuity of operations and the realization of the objectives of the organization.
Control measures: the set of measures and procedures to deal with known risks or identify emerging risks and mitigate their effect.
Stress capacity: the sum total of resources and funds available for non-budgeted, unforeseen and possibly substantial costs. This capacity is measured for incidental and regular costs.
Stress test: the extent to which financial setbacks can be cushioned. This test compares the financial capacity against the risks incurred.
Risk management: the identifying and quantifying of risks and taking steps to reduce the chance of the risk occurring and/or keep the effects of risks within reasonable limits
Since the implementation of the BBV, local governments struggled with the question how to give substance to the requirements in the stress capacity paragraph. Some responses were ‘we cannot foresee everything, ‘we do not have a looking glass’, ‘many risks cannot be quantified’, ‘who should do what during the entire process and is accountable for identifying the risks?’
These are certainly relevant comments and questions. Yet, the stock taking of risks offers many answers. Although aimed at finance, taking stock of risks gives priority to the calculation of a quantified risk within a certain bandwidth. That is encouraging for a start. Moreover, if an organisation becomes aware of risks and the need to respond at an early stage, the benefit has been realised.
Three aspects are important: behaviour, awareness, and response. As we all know, changing behaviour is a difficult task. Below, we have made some suggestions.
A systematic and logical approach
If growth and opportunities are our mission, uncertainties and risks are unavoidable. It is important that all parties acknowledge this fact and anticipate on it. It means identifying risks at an early stage, taking steps, learning in new circumstances and ensuring that our behaviour evolves. It is vital that there is a clear agreement on the phases of the risk management process between the municipal council, the municipal executive and the civil servants and that the accountability lines are defined.
The risk management steps and their consistency may be illustrated as follows:
Gemeenteraad = Municipal Council
Kaderstelling & Strategie = Framework & Strategy formulation
Verbetering = Improvement
College & Management Team = Municipal Executive and MT
Beheersmaatregelen = Control measures
Risicoweging = Risk weighting
Resterende risico’s = Remaining risks
Gebeurtenissen = Events
Weerstandscapaciteit = Stress capacity
Monitoren Resultaten = Monitoring and Results
In addition good governance has to be complied with. This is the framework of rules in relationships.
The four pillars in the Governance cycle are
Steering: Is it clear which risk profile the municipal council finds acceptable and on how the municipal council wishes to be informed on developments?
Control: Have steps been taken by the municipal executive and the top of the civil servants to enable risk identification and risk management by management control and being alert for changes?
Rendering account: How and how regularly should individuals render account on the development of risks, the effects of new policy, the effects of non-foreseen risks, achievement of objectives, and compliance with regulatory frameworks?
Supervising: Is the risk management system evaluated for effectiveness and costs.
The reason that local governments want to take stock of risks is that they have to achieve social objectives. Risk quantification provides an understanding of whether the financial position allows new undertakings and gives an analysis of developments. In addition, it provides an impetus to reduce risks, so that objectives can be achieved within an acceptable risk level. It renders the organisation adaptive to the highest degree.
It is important or local governments to be able to respond to new circumstances caused by changing operations such as new joint ventures, regulatory changes, contract changes, or new policy implementation. This means that risks must be acknowledged and adequate provisions taken. In these circumstances one needs a balanced mix of hard controls and soft controls. Hard controls can be described as measuring the achievement of targets testing compliance with regulations. The measuring is objective, as the targets are agreed within the organisation. Soft controls are a management control tool for measuring employees’ individual performances. These controls test motivation, loyalty, integrity, inspiration and the ethical principles of employees. A mix of both types of control gives the right balance.
Clear procedures and consensus
Besides a clearly defined risk management process, an adequate governance cycle, and a balanced mix of hard and soft controls, consensus and clear procedures are important ingredients for a successful implementation. We have a few recommendations: choose a risk management concept that suits your organisation. Ensure that individual employees in the line organisation are made accountable for estimating, managing and reporting risks. Consensus between the management team and the municipal executive for the concept is vital. Organise a knowledge session where the subject is discussed in-depth and the added value clearly illustrated. Start simply with a pilot. An essential basis for consensus is sound project management. Last, we recommend avoiding an additional workload on the organisation if possible, and using existing initiatives, concepts and systems.
A sound implementation of risk management is not identifying a sum total of risks. Risk management is more than financial quantification and identification of risks. It is not a static once-only implementation effort. It is an important driver for realising targets, making the most of opportunities and developing an organisation. If the organisation’s own strength is carefully mapped out, the organisation remains alert and tools and working methods up-to-date. This method of working enhances trust and transparency. This is what we call leadership.
F.A.J. van Kuijck RA RO EMIA en Drs. R.M.J. van Vugt RA – who are partners of Deloitte Accountants B.V.