Contact Us

In 1995, the commercial mortgage fund that I was managing past $1billion in funds under management (on its way to nearly $3 billion by 2003) to become the largest and best performing fund of its type in Australia. Shortly after this 1995 milestone was reached, the research and ratings agency Standard and Poor’s (S&P) asked me during their annual review of the fund to succinctly define my role.

It was a question they had never asked me before and it momentarily stopped me in my tracks before I blurted out “managing risk”. The more I thought about it then, and subsequently over the ensuing years while I continued to manage the fund, the more I knew it was true. Importantly, I still know it to be true today – 27 years on.

Obviously growing the fund’s investor base, lending prudently, managing and developing staff, marketing, developing policies, procedures, and guidelines and providing a good return and professional service to my clients and, of course, making a profit for my shareholders were all important. That said, none of these aims could have been achieved in the absence of a robust risk management framework to mitigate loss and disruption to my business as well as reputation risk.

Sadly, it never ceases to amaze me how many individuals and corporations pay insufficient attention to risk management. Indeed, some individuals and corporations recklessly rely on good luck to manage their risk for them – the, “it won’t happen to me” attitude – while others still, appear truly ignorant of the need to take risk management seriously and are oblivious to the dangers that lurk around every corner.

Many businesses see risk management in all its forms as a hindrance rather than a help. Some even play Russian roulette, taking a reactive rather than a proactive approach to risk. Like a homeowner who does not have home and contents insurance because they believe they live in a safe area, they naively believe that they will be spared from risks such as floods, fires, and burglaries.

For me, RISK is a holistic term which covers all types of insurance contingencies, business continuity, disaster recovery, and risk management frameworks, including policies and procedures; technical, operational, and training. Overarching all this is compliance monitoring and review which should be seen by business as an enhancement and not a detriment to growing a sound profitable business.

For business, the process of identifying, assessing, and managing risks is known as Risk Management. Following the GFC, banking regulators worldwide put the spotlight on risk management and this was a welcome development. In my view, other regulators in other sectors of the economy need to do likewise.

In my experience, organisations which are effective at managing risk have developed risk based organisational cultures where staff and managers instinctively look for risks. Importantly, the same broad principles apply to households which should also put in place strategies to mitigate risk.

It is impossible to go through life or run a business without taking risks. Indeed, it is unhealthy to even try as you will risk stagnation. Companies which can see beyond risks to the opportunities they present are much more likely to prosper, provided their appetite for risk is at a manageable level and they have systems and processes to measure and deal with unacceptable risk. Importantly, managing risk is seen by consumers as an enhancement to doing business with an organisation.

Since the jet age began in the early 1970s, Qantas has been considered the safest airline in the world. Indeed, Qantas has not lost one life. Many people fly with Qantas for that single reason – safety – notwithstanding that Qantas may be seen in the eyes of those same consumers to be less appealing than other airlines in say the quality of food or seat comfort.

On 4 November 2010 Qantas Flight 32 was a regularly scheduled passenger flight from London to Sydney via Singapore. The aircraft operating the route, an Airbus A380, suffered an uncontained failure in one of its four Rolls-Royce Trent 900 engines. The failure occurred over the Riau Islands, Indonesia, four minutes after take-off from Singapore Changi Airport. After maintaining a holding pattern for almost two hours to assess the situation, the aircraft made a successful emergency landing at Changi. No injuries occurred to the passengers, crew, or people on the ground, despite debris from the aircraft falling on to houses below.

On inspection, a turbine disc in the aircraft’s number-two engine was found to have disintegrated, causing extensive damage to the nacelle, wing, fuel system, landing gear, flight controls, and engine controls, and a fire in a fuel tank that self-extinguished. The subsequent investigation concluded that the failure had been caused by the breaking of a stub oil pipe, which had been manufactured improperly.

Many experts in the airline industry considered the safe return of QF32 to Changi airport a miracle. Qantas for its part said then, it was the superior skills of its flight crew that brought the giant jet safely back to the ground. Indeed, Qantas went on to say that safety was its number one priority and that it spent more time training as well as upgrading their pilots’ continuing skills in state-of-the-art simulators more than any other airline.

Not surprisingly in the months that followed, Qantas shares increased in value as did its bookings. Why? Simply stated, Qantas demonstrated that they could manage the risk of safely returning a damaged aircraft to the ground. That’s Risk Management!

The 2018 Haynes Royal Commission shone a disturbing light on unacceptable behaviours in the financial services sector particularly Australia’s “big four” banks. The majority of bad behaviour was brought about by poor bank culture around risk management processes to protect borrowers and investors alike.

Collectively, the financial services sector has paid out over half-a-billion dollars in compensation to their clients resulting from the finding of the Royal Commission.

In more recent years a Risk Appetite Statement (RAS) is considered fundamental to good governance by a corporation, company or business.

The RAS sets out the company’s risk appetite to manage the company in alignment with its vision and strategic objectives.

The company RAS provides an enforceable set of risk statements that are set by the Board, regarding the amount of risk that the company is willing to accept and which management is required to operate within at all times (unless a specific exemption has been formally granted). These statements are supported by RAS metrics to quantitatively measure whether the position of risk for a given activity is within or exceeds risk tolerance settings.

The company RAS supports strategic and core business activities and stakeholder, partner and client relationships ensuring that:

• Only permitted activities are engaged in, and the scale of these activities do not lead to adverse client outcomes, brand impacts or financial losses that exceed the company’s approved risk appetite.

• Risk appetite is measured through limits and tolerances and reported on to management and governance committees and,

• Risk appetite is cascaded through the company to inform, guide, and encourage the business to both take risk and manage risk in an informed manner.

For me, the two most important “recipes” in almost any successful business or commercial venture, among many, are:

A. Motivated and competent staff; and

B. A culture which respects risk management in all its forms.

For those who are still wondering what is needed to cover off major risks, it is the following:

1. An overall Risk Management Policy and Framework;

2. A Disaster Recovery Policy;

3. A Business Continuity Plan;

4. Policies, procedures, guidelines, charters, manuals, and check lists relevant to your business; and

5. PI Insurance, D&O Insurance, Property Insurance, and Business Insurances generally.

Importantly Boards must provide leadership to ensure an effective risk aware culture is constantly in place. Moreover, they must have the director competencies and capabilities to be able to fearlessly challenge management if and when necessary.

My full-time funds management career ended in 2010 with an unblemished record – I never lost one cent of investor money entrusted to my care primarily due to my compliance with (A) and (B) above.

So, the message is clear: It is very risky business to avoid embracing Risk Management.

John (JT) Thomas

This opinion piece is provided by John (JT) Thomas, a 46-year veteran of the financial services industry and since 1987 a specialist in commercial mortgage funds. Considered by many to be the father of the modern commercial mortgage fund sector, JT helped establish and then managed – for 17 years – what became the largest and most successful commercial mortgage fund in Australia – The Howard Mortgage Trust – with assets exceeding $3 billion. Under JT’s stewardship, investors never lost one cent of their investments and indeed, investors always received competitive monthly returns. JT was also Chair of the $40 billion mortgage trust industry sector working group.

JT has been proudly involved with Princeton for eight years and sits on both the Princeton Credit Committee and the Princeton Compliance Committee as well as being an advisor to the Princeton Board.

Other Articles

Read the latest in thought leadership from Princeton.

Waiting time

We all have strengths and weaknesses. One of my faults which is heightened in the “instant” world in which we live in 2023, is a lack of patience when it comes to waiting in line. If you want to really punish me, ask me to stand idly in a queue. I find waiting [...]

Performance Measure pitfalls

Distinguished economists, statisticians and mathematicians often have their name associated with some economic theory, concept or tool. Some examples include Giffen goods, the Nash equilibrium, the Phillips curve and the Gini coefficient. Today, I would like to introduce you to another economic concept - Goodhart’s law. This “law” testifies that social or economic [...]

Mortgage and Debt

Marriages and mortgages have something in common - they are both “death pledges”. In a non-secular marriage ceremony, each partner vows to stay with the other ‘until death do us part’. Home buyers who execute a mortgage also commit to a “death pledge”, but not in a literal sense. To explain this, we [...]

Personal Financial Myths

Elvis is alive, the Earth is flat and the Moon walks were a hoax. We humans cling to myths even when they are patently false. Our natural gullibility sees us embrace almost any invented story, no matter how unreal. As a Doubting Thomas, I am a natural sceptic. For me, reported sightings of [...]

Extrapolating trends – a word of caution for business owners

Making predictions about the future based on past trends is fraught with danger. What lies ahead is rarely a straight-line extrapolation of historical data. Rather, the path to the future bobs and weaves and zigs and zags as unforeseeable factors almost always intervene. This is why managed investment schemes warn investors that “past [...]

Outstanding Leadership 2023

I am speaking to you today about Leadership because it is - like an airline pilots check list - critical to review - often. Interestingly, the very sad revelations out of the Banking Royal Commission - and the Aged Care Royal Commission, all speak about a lack of Leadership as well as poor Culture [...]

Go to Top