I don’t mean to be the spectre at the feast, a harbinger of
doom, but…well, as the Magic 8-ball occasionally said, “Outlook not so good.”
As I type this, the Dow is plummeting and (as quoted from an
online article from Inc.) “The recession watch is in full swing.”
Hard times could (emphasize "could") be headed everyone’s
way.
Anyone else remember the Great Recession of the late 2000’s?
(Rhetorical question. If you don’t remember, then you haven’t been paying
attention.) As economies sank into the belly of that beast, we at Farmers
Insurance Internal Audit were given a very special project from our parent company.
We were asked to do a recession risk assessment.
Now pause, dear readers, to ponder the concepts behind this
request. And, as you do so, try your best not to think of barn doors and the
closing of such well after the equines’ departures.
It was a fool’s exercise. We were being asked to complete a risk
assessment related to the controls and processes the company had in place to
mitigate recession risks while knee-deep in the actual impact and fallout from such
risk.
We dutifully did our duty, submitted the information, and
never saw what came of it.
The economy recovered, our companies continued their existence,
and the concerns about the risks disappeared like morning vapor in early
sunlight.
And that is why the current conditions — the sinking Dow, collapsing
bond yields, and a trade war that seems to only accelerate these effects — brought
back memories of the work we did as we risk-assessed the location of deck
chairs on a sinking Titanic. (In case you missed the announcement, it is
national metaphor day. And, even if it isn’t, I decided to celebrate anyway.)
In a conversation yesterday, a group of us discussed how
internal audit’s role reaches beyond helping organizations mitigate current
risks to helping identify the new ones on the horizon. I used my current favorite
example: Yes, cybersecurity is important and every organization has to address
it, but we can’t be so focused on cyber that we don’t look up to see the new risks mercilessly
bearing down on us. “So, what is coming down that road,” someone asked. A very
good question. And it led to a discussion on artificial intelligence, robotic process automation, and the impacts these and
other technologies will have on organizations. A very legitimate answer.
At least, that’s what I thought at the time. But now I am
reading today’s headlines and I realized the correct answer is something completely
different, albeit something we all should have been watching for long ago.
Whether it is today, tomorrow, or a few years from now, economies
will experience downturns and recessions. They happen no matter what anyone
does. They can be delayed or accelerated depending on how nations and their
leaders act and respond, but they will happen.
Now is the time every auditor should be working with their
organization to ensure those organizations are planning for that recession — that
they are identifying the risks that exist as part of those downturns. Have the
discussions; lead the risk assessments. Do not let the organization be caught
without any ideas, plans, or answers as so many of us were in the Great Recession.
And let me throw in another, less depressing, thought, one
that looks even further into the future of potential risks. How is your organization
planning to address the risks (and opportunities) that will occur as the
economy turns positive once more?
The way things are going, we all may be too late to this
party. And organizations will pay the price. But better to start looking now
than to do so two years after the downturn hits.