Hard times could (emphasize "could") be headed everyone’s way.
Anyone else remember the Great Recession of the late 2000’s? (Rhetorical question. If you don’t remember, then you haven’t been paying attention.) As economies sank into the belly of that beast, we at Farmers Insurance Internal Audit were given a very special project from our parent company. We were asked to do a recession risk assessment.
Now pause, dear readers, to ponder the concepts behind this request. And, as you do so, try your best not to think of barn doors and the closing of such well after the equines’ departures.
It was a fool’s exercise. We were being asked to complete a risk assessment related to the controls and processes the company had in place to mitigate recession risks while knee-deep in the actual impact and fallout from such risk.
We dutifully did our duty, submitted the information, and never saw what came of it.
The economy recovered, our companies continued their existence, and the concerns about the risks disappeared like morning vapor in early sunlight.
And that is why the current conditions — the sinking Dow, collapsing bond yields, and a trade war that seems to only accelerate these effects — brought back memories of the work we did as we risk-assessed the location of deck chairs on a sinking Titanic. (In case you missed the announcement, it is national metaphor day. And, even if it isn’t, I decided to celebrate anyway.)
In a conversation yesterday, a group of us discussed how internal audit’s role reaches beyond helping organizations mitigate current risks to helping identify the new ones on the horizon. I used my current favorite example: Yes, cybersecurity is important and every organization has to address it, but we can’t be so focused on cyber that we don’t look up to see the new risks mercilessly bearing down on us. “So, what is coming down that road,” someone asked. A very good question. And it led to a discussion on artificial intelligence, robotic process automation, and the impacts these and other technologies will have on organizations. A very legitimate answer.
At least, that’s what I thought at the time. But now I am reading today’s headlines and I realized the correct answer is something completely different, albeit something we all should have been watching for long ago.
Whether it is today, tomorrow, or a few years from now, economies will experience downturns and recessions. They happen no matter what anyone does. They can be delayed or accelerated depending on how nations and their leaders act and respond, but they will happen.
Now is the time every auditor should be working with their organization to ensure those organizations are planning for that recession — that they are identifying the risks that exist as part of those downturns. Have the discussions; lead the risk assessments. Do not let the organization be caught without any ideas, plans, or answers as so many of us were in the Great Recession.
And let me throw in another, less depressing, thought, one that looks even further into the future of potential risks. How is your organization planning to address the risks (and opportunities) that will occur as the economy turns positive once more?
The way things are going, we all may be too late to this party. And organizations will pay the price. But better to start looking now than to do so two years after the downturn hits.