Corporate Risk Management: Identification, Assessment, and Response Strategies for AstraZeneca, EE, and Royal Bank of Scotland

Verified

Added on  2023/06/12

|13
|4671
|340
AI Summary
This study focuses on three firms that mostly operate in the United Kingdom, AstraZeneca, EE, and Royal Bank of Scotland, and their corporate risk management strategies. It covers the identification and assessment of risks related to different businesses, response of the risks by the organisations, and communication of the risks to different stakeholders. The study also discusses the COCO framework and its criteria for effective control.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Corporate Risk
Management

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Contents
Contents................................................................................................................................................
INTRODUCTION................................................................................................................................
MAIN BODY.......................................................................................................................................
Identification and the assessment of risks related to different businesses...................................3
Response of the risks by the organisations..................................................................................6
Communication of the risks to different stakeholders.................................................................9
CONCLUSION..................................................................................................................................
REFERENCES...................................................................................................................................
Document Page
INTRODUCTION
The tools and procedures employed by various firms to limit the financial losses that may
occur in the business are referred to as corporate risk management. The following study focuses
on three firms that mostly operate in the United Kingdom. The first section focuses on
identifying and assessing the various risks that exist in the business (Chan, and et.al., 2018). The
second component defines how the organisation responds to these various risks, and the third
portion gives information on how these risks are reported to stakeholders. Business risk refers to
a company's or a business concern's exposure to different factors that might damage the banking
business' profitability or even cause it to collapse. In a nutshell, business risk is described as any
circumstance that jeopardises an organization's capacity to achieve its goals and objectives. The
following are the three businesses addressed in the report:
AstraZeneca is a pharmaceutical and biotechnology multinational corporation based in the
United Kingdom and Sweden. The company's headquarters are in Cambridge, England. EE is a
British firm that provides internet and mobile network operator services. It is the country's
second-largest mobile network provider. It all began in the year 2010. The company's
headquarters are in Hatfield, England. It covers the majority of its target region with double-
speed 4G and 2G services. This study contains an assessment of the risk to EE, as well as
various methodologies for identifying the risk (Disse, and et.al., 2020). The Royal Bank of
Scotland offers personal banking services to its customers, including the establishment of bank
accounts, mortgages, lending facilities, and the provision of credit cards. The Royal Bank of
Scotland is a significant retail and commercial bank based in Scotland. The holding company
was renamed the Royal Bank of Scotland in 1979 and became the new firm in July 2020 after a
merger between national and commercial banking groups with around 662 branches throughout
Scotland.
MAIN BODY
Identification and the assessment of risks related to different businesses
Risk identification, as the name implies, is the process of recognising negative and positive
risks that affect a goal. Consider the following scenario: you're arranging a vacation to the
Bahamas. You've purchased the tickets and reserved accommodations in a premium resort after
paying several thousand dollars (Manhart, Summers, and Blackhurst, 2020). A storm hit the
Document Page
Bahamas a few days before the flight, and all resorts were shuttered. Your vacation has been
cancelled, and you're seeking for reimbursements and a new vacation spot. If you had known
when hurricane season was, you may have avoided this problem. As a result, in this case:
Hurricanes have been identified as a potential threat. The repercussions of failing to detect
dangers may be severe, expensive, and even fatal. Here's another example of the consequences of
failing to take risk identification seriously. A risk must be analysed subjectively and
quantitatively when it has been discovered. Risk assessment is the process of determining the
risk's consequences. In layman's words, the risk's likelihood and effect are considered. Let's
return to the Bahamas holiday scenario. In this situation, the season determines the likelihood of
storms striking the island. The risk assessment will suggest a high possibility if you visit during
hurricane season. For both hurricane and non-hurricane seasons, the impact on vacations
following a storm would be consistent (Manhart, Summers, and Blackhurst, 2020). In this
scenario, the result is that the vacation is cancelled. Isn't that horrifying? You may avoid this
outcome by implementing a risk mitigation plan that is appropriate for your situation.
Following are the risks identified in the businesses:
AstraZeneca
AstraZeneca is facing 29 separate risks, according to the company. The company is
responsible for managing business risks and providing assurance to AstraZeneca's many
stakeholders. The three primary risks that AstraZeneca's management faces are listed below.
Failure to meet development targets:
This is one of the significant dangers that AstraZeneca's business faces. Any
pharmaceutical product's development is a lengthy and complicated procedure. It
necessitates significant financial investments in research and development (Berry, and
Berry, 2018). Because of the volatility of product development, the business's
development objectives are heavily influenced. This risk is associated with the business's
operational risks.
Delay to new product launches:
In the pharmaceutical industry, patenting is crucial. Because of the patenting of many
drugs all around the world. The company is unable to introduce new items to the market,
and the launch takes an inordinate amount of time owing to product risks and research.
This risk is linked to the company's product risk.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Price controls:
The challenges associated with price control are substantial, and AstraZeneca's company
must cover the costs associated with these pricing (Rana, Hoque, and Jacobs, 2019). This
poses a serious concern since the company's liquidity is harmed, and they are legally
obligated to produce cheaper items on the market. Medicine prices must be kept under
control, but this poses a major problem for AstraZeneca's operations. This risk is linked
to the revenue risk that the company faces.
EE
Data integrity and confidentiality are the risks assessed in the EE (Everything Everywhere).
The data used to provide services to clients is extremely vulnerable. Because it is limited
material, certain information is not available to the general public (Finger, Gavious, and Manos,
2018). Restricted content is sometimes published in an erroneous manner. This strategy damages
the public's trust and lowers the firm's total revenues. There are several risks identified by the
telecom communication.
Operational risk – The operational risk is related to the organization's day-to-day
operations. There is a danger of monitoring, overseeing, and providing technical advice
on the telecommunications system. There is a variety of peripheral devices to install and
address difficulties with.
Financial risk - The operational risk is linked to the day-to-day operations of the
company. Monitoring, managing, and offering technical advice on the
telecommunications system poses a risk (Zamani, and et.al., 2021). There are many
different peripheral devices to install and troubleshoot.
compliance threats – It is a danger that arises when an organisation fails to follow the
legal framework and laws established by the government of a certain country. The EE
must adhere to the Communication Act of 2003. The organisation must follow a number
of processes and legal frameworks.
Strategic threats – It is a threat that has arisen as a result of external circumstances. It
interferes with the organization's strategic vision. When technology evolves, it becomes
more difficult and expensive to keep up with the new technology.
Royal Bank of Scotland (RBS)
Document Page
As commerce is done abroad, the banking industry faces a number of risks, including
payment risk. Importers want to buy or get their goods on schedule, whereas exporters need their
funds as soon as possible. Furthermore, they are exposed to foreign exchange risk as a result of
exchange rate fluctuations. Because the Royal Bank of Scotland works worldwide, there is a
difficulty in terms of international trade practises, as the baking business has a wide range of
norms that are also perplexing (Chenet, 2021). One of the most significant hazards facing the
banking business is credit risk, which entails assessing the counterparty's creditworthiness as
well as the risk of interest rate fluctuations, international trade risk, and foreign exchange risk
when dealing with various currencies. The Royal Bank of Scotland conducted frequent risk
assessments in the following manner:
Providing proof of business worries in the form of a bank guarantee and a standby letter
of credit, which provides extra safety for their company or consumers.
The letter of credit, which ensures a safe payment and reduces the danger of not receiving
payment after the items have been delivered.
Documentary collections offer a more efficient means of making and receiving payments
in international trade. When products are received, the exporter contributes shipping
documentation to the documentary collection.
The bank's primary risks may be categorised into the following areas:
Credit risks arise when a borrower fails to satisfy his or her contractual obligations.
Operational risk, which encompasses any sort of harm produced by the system,
operations, or customers, as well as loss due to errors or disruption (Ding, Khan, and Ji,
2020).
Capital market risk, which arises when banking activities are linked to such markets.
Response of the risks by the organisations
A Risk Response Strategy is a plan of action for dealing with a risk on your project.
Mitigate, Avoid, Transfer, Actively Accept, Passively Accept, and Escalate a Risk are the
primary risk response tactics for threats. A risk response strategy is an important component of
any successful project management strategy, and it may help your company avoid humiliation,
legal action, and financial loss. If you're clever, your plan can open up new doors and propel
your business ahead. Risk response techniques classify all threats to a project's development into
several categories and assign a severity rating to each (Pearson, and Mitroff, 2019). Creating a
Document Page
risk response strategy is crucial to ensure that the project is not endangered. Another conceivable
application for this method is to increase the opportunity given by positive risk. The goal is to
make sure that if there are any positive risks to the project, you have a strategy in place to
capitalise on them.
All businesses must have controls in place to reduce risk and ensure accurate financial
reporting. Management implements systems, processes, and strategies to assure the company's
efficiency and effectiveness, the accuracy of internal and external financial reporting, and
compliance with regulations and laws.
The Canadian Institute of Chartered Accountants (now CPA Canada) established the
criterion of control (CoCo) framework, which comprises 20 control criteria that management
may use to monitor corporate performance and enhance decision-making. People and
organizations outside of the firm, such as shareholders and tax authorities, get external financial
reporting. The framework talks about the criteria which helps the organisation on effective
control. These are:
Purpose- First and foremost, the company's goals must be defined and conveyed to all
stakeholders involved. Then, an evaluation of the internal and external risks that may
obstruct the company's achievement of the goal must be done. The organisation may then
adopt rules to guarantee that the identified risks are successfully managed. These
regulations should also be conveyed to staff so that everyone is on the same page. After
that, specific plans are made and shared. Targets that can be monitored as a tool to
monitor performance should be included in the objectives and strategies produced during
this phase.
Commitment- The company's ethical ideals, in particular, should be developed, codified,
practised, and conveyed to all personnel. Human resource policies should be modified to
match the company's ethical ideals, according to management. Furthermore,
accountability and obligation must be clearly defined and aligned with the company's
goals. Finally, a trusting atmosphere should exist to guarantee that info is accessible to all
staff who require it in order to meet the company's goals.
Capability- This stage comprises carrying out the action that has been pre-programmed.
Employees will have a clear purpose, a determination to reach their goals, and the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
capacity to cope with difficulties and opportunities before they take action. Any activity
taken following these conditions has a better possibility of yielding a positive result.
Monitoring and learning- People must believe in the organization's progress and
participate in it. Internal and external environments are monitored, performance is
monitored, assumptions are challenged, information needs and systems are reassessed,
follow-up processes are followed, and the efficacy of control is assessed. In that it
overlaps with inspection, verifying, overseeing, and scrutinising, monitoring is a harsh
control. Challenging assumptions is a crucial soft control since it allows individuals to
grow and achieve. Each action is viewed as a step in a learning process that propels a
business forward.
The business of AstraZeneca's reaction to the threats outlined above is discussed below:
The firm first sets the objectives at a low level in reaction to the danger of not reaching
the development targets established by management. To meet the needs of its operations,
AstraZeneca focuses on assessing the true threat that this poses to the company's
operations (Lin, and et.al., 2021). The company's growth is expected to be gradual. The
company gathers all required information about the company and its competitors from
outside sources and organises its next line of action appropriately.
AstraZeneca may use COCO framework and start with their employees. The business can
provide them detailed guidance about what the business wants to achieve and try to
provide them knowledge about what their capabilities are in the organisation and how
they would help in reducing the external risks.
The market responds to the delay in new product introductions by offering a variety of
items. The majority of product risk is managed through research and development. The
company seeks to get patent rights and, with the support of research and development,
tries to implement a better and more sophisticated strategy to fulfil market demand and
deliver items that will increase the company's income.
The pricing control of the company's products is mostly out of the company's control.
AstraZeneca's company seeks for new methods to cut expenses associated with
operations. To mitigate revenue risk, Astrazeneca's company diversifies its product mix
and produces items that are not subject to market price regulation (Moretti, and et.al.,
2018). The company is looking for more effective ways to make its supply chain so that
Document Page
they may save expenses. The most common solution to these financial risks is to lower
the costs associated with corporate operations.
EE
Risk exposure is the process of determining the risk that will occur in the future as a result of a
particular action or undertaking. The following is a description of the response to risk exposure:
It is vital to quantify the risk based on the organization's priorities. EE may protect its
physical assets by ensuring that the hardware is checked on a regular basis. Passive
telecom equipment, such as wireless towers, fixed line ducts, and conduits, are examples
of physical assets. It necessitates a high level of upkeep of the gear necessary to provide
communications services.
As the market of EE is ever transforming, the business may apply coco framework in a
way that they transform their own business values and missions and get super progressive
which would help them to bring out more and more advanced technologies in the market
and be competitive enough to reduce external risks.
In the telecommunications business, there is a danger of software and system failure. It
may be reduced by hiring fresh technical personnel who are capable of resolving
technical challenges. The evolution of 5G technology, edge computing, artificial
intelligence advancements, and the Internet of Things present a significant challenge for
internet and mobile operators.
In exchange for licencing fees, the organization's licence is distributed to numerous
organisations (Coburn, Leverett, and Woo,2018). The licensee's fees offer a source of
revenue for the EE. It is required to maintain track of the licensor's payments. It assists in
lowering the company's financial risk.
A five-step risk management methodology aids in the assessment of company risk. It may be
summarised as follows:
1. Risk identification: The first stage is to identify high-risk areas that are difficult to
manage and must be considered by the organisation. In the context of EE, it is necessary
to determine if the network speed is constant or not (Moktadir, and et.al., 2021). Its
rivals, such as Claro, Teletalk, and Dhiraagu, pose a higher risk. It has to figure out what
other companies in the telecommunications business are doing.
Document Page
2. Quantitative risk – It is a type of danger that can be quantified numerically. EE has a
detrimental influence on the organization's profitability and revenue. It decreases the
organization's financial profit.
3. Qualitative risk - It is a danger that cannot be quantified but has an indirect influence on
the organisation.
4. Risk response planning – To reduce the risk's impact, it is vital to plan ahead. The
proactive risk detection procedures aid EE in stabilising the company's operations.
5. Risk monitoring and control – Risk monitoring entails identifying deviations and
taking corrective action to address them.
Royal Bank of Scotland (RBS)
The main issue that arises when building a risk management system is deciding between a
centralised and dispersed structure. Globally, there is a tendency toward centralised risk
management with a good treasury management system that aids in the netting of risk exposures
and easy reporting to bank top management (Nugraha, Khotimah, and Rietjens, 2018). To reduce
the danger of losses, the bank will hold its capital to offset all types of risk. The bank will lower
its operational risk by establishing an effective ORM capability that will have full access to the
bank's current risk profile and will create a database with a road plan for internal and external
risk occurrences. To manage risk within the organisation, the organisation might use coco
framework and set different guidelines for the employees in what way they can work which
would guarantee customer satisfaction and more engagement within the organisation. In
addition, the bank will limit market risk by hedging its portfolio to reduce interest rate and
currency risk. The Bank of Scotland will reduce their liquidity risk through frequent financial
planning, which will aid in anticipating cash flow on a regular basis, as well as optimising
working capital and extending credit lines. The most reliable financial systems are those that can
recognise danger in a short amount of time.
Communication of the risks to different stakeholders
AstraZeneca
A crucial part of every firm is effective communication to shareholders about various business
developments. It raises shareholder knowledge of AstraZeneca's operations and enhances
shareholder value. The investing community wants information about the dangers that the
company is now facing since these factors influence their decision-making inside the company.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
AstraZeneca's company uses a variety of reports to offer information about its operations to its
stakeholders. It publishes a sustainability report that contains information on AstraZeneca's
business strategy and governance. This significant paper focuses on the use of sustainability and
how different business risks are addressed. The information relates to the road that a firm takes
and the method that they adopt to function in the pharmaceutical sector. Different strategies and
values are addressed, and business investors can examine the company's operations in order to
make decisions about AstraZeneca.
EE
1. Information on various risks is used by many stakeholders in EE, including as investors,
the government, and other financial authorities, to plan their plans accordingly. For
example, while making investment selections, investors consider the degree of risk
associated in the company. As a result, all telecom firm stakeholders must be informed on
the company's risk profile.
2. Physical risk - It refers to the circumstances that exist in the workplace that are harmful to
employees' health. There are a number of risks, such as the installation of network signals
and circuits, which entails a significant risk of serious harm to personnel's health.
Royal Bank of Scotland (RBS)
Because stakeholders own the bank, it is critical to convey risk to them, and excellent
banking communication will enhance the connection between consumers, suppliers,
stakeholders, staff, and the board of directors. The bank utilises a variety of communication
channels since communication is a vital part because it contains significant updates and concerns
that must be conveyed to stakeholders on a regular basis. Furthermore, when operational changes
occur, efficient communication is critical to the banks' ability to assist its regular customers.
Regardless of the bank of Scotland's size or complexity, they employed a variety of strategies to
communicate with their stakeholders. In order to comply with banking rules and regulations,
they must maintain an adequate degree of security and privacy. Stakeholder reporting is critical
since not only banks will participate in the project, but also stakeholders will put their money
into it. External shareholders have the greatest effect on the long- and short-term success of
projects undertaken by the Bank of Scotland.
Document Page
CONCLUSION
It can be inferred from the above-mentioned research that risk assessment and response
are a top priority and critical for every firm. The industry in which the company operates does
not always imply that the risk is lower or higher. Every business encounter significant risks due
to a variety of circumstances.
To mitigate the consequences of these risks, AstraZeneca must obtain several patents
linked to biotechnology and pharmaceutical goods. Every risk has a specific mitigation strategy.
The EE performs a variety of corrective actions, including as defending the communications
industry's physical assets. The danger of system failure can be mitigated by hiring a qualified IT
specialist. EE earns money from a variety of ways. As a result, EE must be checked on every
source of revenue in order to reduce the possibility of default. Royal Bank of Scotland risk has
been examined in this research in terms of risk linked with several categories. This paper
discusses the many sorts of risks they encounter, as well as how they manage or decrease those
risks over a long period of time. At the conclusion of this report, shareholders will be informed
about the many types of risk that Royal Bank of Scotland faces.
Document Page
REFERENCES
Books and Journals
Chan, F.K.S., and et.al., 2018. “Sponge City” in China—a breakthrough of planning and flood
risk management in the urban context. Land Use Policy, 76, pp.772-778.
Disse, M., and et.al., 2020. Exploring the relation between flood risk management and flood
resilience. Water Security, 9, p.100059.
Manhart, P., Summers, J.K. and Blackhurst, J., 2020. A meta‐analytic review of supply chain
risk management: assessing buffering and bridging strategies and firm
performance. Journal of Supply Chain Management, 56(3), pp.66-87.
Manhart, P., Summers, J.K. and Blackhurst, J., 2020. A meta‐analytic review of supply chain
risk management: assessing buffering and bridging strategies and firm
performance. Journal of Supply Chain Management, 56(3), pp.66-87.
Berry, C.T. and Berry, R.L., 2018. An initial assessment of small business risk management
approaches for cyber security threats. International Journal of Business Continuity and
Risk Management, 8(1), pp.1-10.
Rana, T., Hoque, Z. and Jacobs, K., 2019. Public sector reform implications for performance
measurement and risk management practice: insights from Australia. Public Money &
Management, 39(1), pp.37-45.
Finger, M., Gavious, I. and Manos, R., 2018. Environmental risk management and financial
performance in the banking industry: A cross-country comparison. Journal of
International Financial Markets, Institutions and Money, 52, pp.240-261.
Zamani, A., and et.al., 2021. Developing a framework for applying risk management in a fuzzy
environment for implementing construction projects value engineering: case of
Khorramshahr port. Management Research in Iran, 21(3), pp.139-166.
Chenet, H., 2021. Climate change and financial risk. In Financial Risk Management and
Modeling (pp. 393-419). Springer, Cham.
Ding, L., Khan, F. and Ji, J., 2020. Risk-based safety measure allocation to prevent and mitigate
storage fire hazards. Process safety and environmental protection, 135, pp.282-293.
Pearson, C.M. and Mitroff, I.I., 2019. From crisis prone to crisis prepared: A framework for
crisis management (pp. 185-196). Routledge.
Lin, S.S., and et.al., 2021. Risk assessment and management of excavation system based on
fuzzy set theory and machine learning methods. Automation in Construction, 122,
p.103490.
Moretti, L., and et.al., 2018. Runway veer-off accidents: Quantitative risk assessment and risk
reduction measures. Safety science, 104, pp.157-163.
Coburn, A., Leverett, E. and Woo, G., 2018. Solving cyber risk: protecting your company and
society. John Wiley & Sons.
Moktadir, M.A., and et.al., 2021. Analysis of risk factors in sustainable supply chain
management in an emerging economy of leather industry. Journal of Cleaner
Production, 283, p.124641.
Nugraha, A., Khotimah, K. and Rietjens, I.M., 2018. Risk assessment of aflatoxin B1 exposure
from maize and peanut consumption in Indonesia using the margin of exposure and
liver cancer risk estimation approaches. Food and chemical toxicology, 113, pp.134-
144.
1 out of 13
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]