Despite being one of the first industries to digitise, the finance sector is still quite traditional. That’s bad news for risk managers who are facing increasing amounts of pressure to keep up with the emerging technological risks. But what could be done? In this article we speak to Jeevan Perera, Senior Engineer at NASA, leaders in technological and scientific discovery, about his approach to risk management, what financial institutions can learn from NASA, and what Perera learnt from financial risk managers.
You’ve had a key role in building NASA’s risk management practice. What were the main considerations that shaped your company’s risk management framework?
NASA’s core risk strategy is to use systematic risk processes and tools for the effective early identification of risks that could adversely affect the performance, schedule, cost, or safety of our programmes, projects or systems. Determination of the probability of occurrence and the magnitude of any potential consequences enables risk-informed decision-making and proactive planning needed to ensure mission success. NASA’s risk management approach is integrated throughout all levels of a project. NASA and all our contractor teammates, no matter their level in the organisation, are responsible for the identification and management of risks. Risks are continually identified and discussed at working group levels whether technical, financial, schedule, or safety in nature. Risk focals who work directly within the teams help shepherd risks through the identification and analysis phases and coordinate the formal discussion and vetting at both stakeholder and risk committee meetings. Once a risk is approved, it is assigned a risk owner who is given the responsibility, authority and resources to mitigate the risk to an acceptable level.
What culture did you want to cultivate? How has that evolved over time?
Risk culture as you know is very hard to change by direct influence, it is one that gradually moves within an organisation through organic stimulus. Often times, the most challenging part of risk management is the human elements including managing an organisation’s culture. Human interactions within a system often are the hardest to predict and is usually the root cause of many costly risks. In addition, having the right organisational culture directly influences the success of the risk management implementation.
Are there any emerging risks that you are concerned about? How would you prepare your team to manage these risks?
Risk is intrinsic to any exploration efforts pushing the frontiers of technology. Space exploration is no different than other types in history – and history has proven that exploration has tremendous benefits not only for those countries involved but also mankind in general. So, exploration is done despite the risks, because of the huge potential rewards.
NASA has always focused on safety of flight crews and the work force. NASA has focused in risk analysis and assessments to ensure we reduce the uncertainty in the knowledge about our risks and are making risk-informed decisions to facilitate and further exploration. Two of the top risks affecting NASA are:
- Ensuring the health and safety of crews as we venture further into space. Radiation, physiological, psychological and other significant health issues in long duration travel beyond low earth orbit will be significant. In addition, the reliability and robustness of systems will pose significant risks since failed/ degraded exploration systems to Mars and beyond cannot be returned for maintenance or even logistically resupplied.
- Establishing the right balance between commercialisation of manned space systems and government developed systems. Developing the right incentives to ensure long term viability of commercial manned operations, while ensuring the safety of our crew.
What are the key differences between financial risk management and NASA’s framework?
NASA’s risk processes are probably similar to many other organisations’ including from the financial sector. NASA management often relies on the risk team to assist in risk-informed decisions regarding many critical aspects of implementation and operations. One of the main differences with other organisations is that often times our risks can result in loss of human life, science, exploration and reputational losses.
How does this responsibility affect your risk appetite?
NASA must not be too risk averse to inhibit exploration. Risks are usually a natural part of any benefit or reward that underlies the exploration. NASA must understand the nature of the risks. Where human exploration is currently infeasible due to risks or other factors, robotic exploration can be used as a pre-cursor. The key question should be whether the reward sought requires humans directly in the exploration mission. The risk appetite must be set accordingly.
What could financial risk managers learn from NASA’s risk management practices?
Integrated processes for risk identification, quantification, and mitigation are universal no matter the domain. Most of these can be tailored for implementation within the financial sector. There are many key areas we employ including the use of data analytics for risk identification, analysis, and evaluating different migration strategies that can be leveraged by financial risk managers.
You’ve been to RiskMinds events before. Did you learn anything from financial risk managers that you were able to take back and implement at NASA?
I have thoroughly enjoyed the sessions at RiskMinds on quantitative and qualitative risk assessments, many of which I have been able to incorporate into our risk practice. These can be used during both design and operation phases of a project to ensure risks are identified and effectively mitigated. Since I mentioned that organisational culture is paramount to fostering good risk management practice, I have also enjoyed listening and adopting advice given during these selected conference proceedings.