Integration of Strategy & Risk Management

with other core modules

The discussion of the competencies, requirements, typical questions, etc. in
this document is in the context of integration of Strategy & Risk Management
(SRM) with other core modules only, and does not include all competences,
requirements, typical questions, etc. Refer to the EMFM module for the other
competencies and content covered.

Strategy
Strategy can be described as the “how” a company’s vision and mission is attained.
It is about the: How do we get there?
What action steps does a company need to take to achieve its objectives?
Competency area:
Identifies and evaluates an entity’s strategies and makes recommendations for
improvement.
The key requirements to “do” in terms of the Typical required section in assessments (in
Competency Framework(1) (in the context of the context of integration with other core
integration with other core modules) is to: modules):
• Identifies (at a basic level) and is able to • Discuss the key factors that the company
explain the internal factors that should be should consider before in entering into the
taken into consideration in determining an transaction / evaluating whether or not to …
entity’s strategies. / etc.
• Identifies and evaluates significant • Refer to the “risk” section below.
opportunities and risks associated with the
entity’s external and internal environments
(refer to the “risk” section below).
• Identifies information that will help assess
opportunities and manage risk stemming • Refer to the “Supporting guidance: Factors
from the company’s strategy (refer to the to consider” for more detail
“risk” section below).
Assessment level: Level I (Initiates the Task) (1)
Demonstrates an understanding of the requirements of the task and identifies and applies
the required professional skills, including basic quantitative and qualitative analysis, to
perform the task on a preliminary basis (recognising that a review by more senior staff is
still necessary). An intermediate understanding of the subject matter is required. Complex
calculations are not required. Integration with other competencies is straightforward and is
of limited complexity.
 Risk Management
Risk management is a plan-based business strategy that aims to identify, assess and
mitigate strategic, operational, financial, informational and other risks and threads (both
physical and figurative) that may negatively impact an organization's operations and
objectives.
Competency area:
Evaluates an entity’s plans for risk management.
The key requirements to “do” in terms of the Typical required section in assessments (in
Competency Framework(1) (in the context of the context of integration with other core
integration with other core modules) is to: modules):
• Identifies and assesses strategic, • Identify and discuss the risks that the
operational, financial and informational company may face by entering into the
risks, based on an understanding of the transaction / from event / etc.
environment in which the entity operates, • Discuss the methods/steps/actions to
its strategy and management processes manage the risks.
• Identifies and suggests methods to
manage risks (avoid, transfer, mitigate and • Refer to the “Supporting guidance:
accept). Identification of risks” for more detail
Assessment level: Level I (Initiates the Task) (1)
Demonstrates an understanding of the requirements of the task and identifies and applies
the required professional skills, including basic quantitative and qualitative analysis, to
perform the task on a preliminary basis (recognising that a review by more senior staff is
still necessary). An intermediate understanding of the subject matter is required. Complex
calculations are not required. Integration with other competencies is straightforward and is
of limited complexity.
 Supporting guidance: Factors to consider

The discussion of the competencies, requirements, typical questions, etc. in

this document is in the context of integration of Strategy & Risk Management
(SRM) with other core modules only, and does not include all competences,
requirements, typical questions, etc. Refer to the EMFM module for the other
competencies and content covered.

The “Required” section to integrate Strategy and Risk Management with any core module:
• Discuss the key factors that the company should consider before in entering into the
transaction / evaluating whether or not to … / etc.

Exam technique:
• Students should firstly use the information in the given scenario to answer the question – i.e.
the answer should firstly deal with the relevant issues/aspects/concerns in the stated
information/case study.
• Do not just use a ‘laundry list’! The scenario should guide you to identify the relevant items
to include in your answer.
• Make sure you answer the required! Should you discuss the factors, risk, shortcomings,
advantages, etc.?
• Start with the specific and relevant issues in the question. Then consider some of the
following common themes in your answer:
Common themes:
• Strategy of the company – is the new proposal in line with the company’s overall strategy?
• Risks – what are the unique risks for this transaction?
• Ethics – what are the ethical issues relate to this?
• Governance, policies, procedures – are there any governance issues, policies, procedures
related to this?
• Legal implication – any law governing this aspect (i.e. detail of companies act, or labour laws
may be applicable if employees were to be dismissed)?
• Stakeholders – who are the stakeholders and how could they be affected by this transaction?
• Costs vs benefits (rewards) approach
• Value to be added… and to whom…
• Resources available/not – what resources are available/needed to implement the new
proposal?
• Shortcomings/weaknesses of current state vs benefits and opportunities of new proposal
• Alternatives – what is the alternative to this proposal?
• Technology – what technology is needed? / access to it, etc.
• Sustainability – broadly and company specific
• Requirements of Standards – IFRSs, ISAs, Tax Law, etc.
• Integrated Reporting Framework (6 capitals)
o Financial
o Manufactured
o Intellectual
o Human
o Social and human relationships
o Natural
• “Formal” frameworks for business analysis (if relevant) such as:
o SWOT analysis – think of strengths, weaknesses, opportunities and threads
related to the stated issue…
o Porter’s Five Forces Model (e.g. for entry in new market/new product lines,
etc.)
o PESTEL

Again, students need to make these common themes relevant and applicable to the
given scenario!

Financial aspects:
Some financial aspects (calculate, analyse it and comment on it) to consider in your answer
may be:
• Profitability
• Contribution
• Margins
• Relevant costs
• NPV / PV calculations, etc.
• Break-even analysis
• Applicable ratios, such as debt:equity, etc.
• Cash flow (current and expected)
• Tax implications
• Foreign exchange implications (if any)

Again, students need to make these financial aspects relevant and applicable to the
given scenario!

 General remark – keep your answer neutral, without any bias (in respect of issues
such as politics, gender, race, etc.). Do not make assumptions that is not supported
by the information in the scenario (i.e. that truck drivers are only men, etc.).
 Supporting guidance: Identification of Risks

General
Business
Risks

External environment Internal environment

Market Financial Operational Financial Ethics Compliance Information
risk risk (Business) risk risk risk risk risk
• Economy • Currency • Products • Cash flow • Fraud • Legal • IT
• Environmental • Interest rate • Product generation • Capital • Cultural • Standards • Technology
• Political • Inflation • Product pricing structure • Social
• Technology • Supply chain • Credit performance
• Social • Marketing • Going
• Fashion • Trading Concern
• Stakeholder • Dealer
engagement • Counterparty
• Environmental
• Intellectual property
• Labour
 Supporting guidance: Identification of Risks

Risk management is a strategy process that aims to identify and assess

operational, financial, informational and other risks (both physical and figurative)
that may negatively affect an organization's operations and objectives.

The “Required” section to integrate Strategy and Risk Management with any core module:
• Identify and discuss the risks that the company may face by entering into the transaction /
from event / etc.
• Discuss the methods/steps/actions to manage the risks.

Exam technique:
• Students should firstly use the information in the given scenario to answer the question – i.e.
the answer should firstly deal with the relevant issues/aspects/concerns in the stated
information/case study.
• Do not just use a ‘laundry list’! The scenario should guide you to identify the relevant items
to include in your answer.
• Make sure you answer the required! Should you discuss the factors, risk, shortcomings,
advantages, etc.?
• Start with the specific and relevant issues in the question. Then consider some of the
common risks describe below in your answer.
• The following is meant to assist you with the identification and classification of business
risks. This list is by no means complete, and you may very well encounter risks in
scenarios that are not contained within the list below.

Market Risk
Economy This relates to the Country risks of South Africa in which all business
operate (or any country where one of the group entities may operate).
Some aspects that affect the risk are the rising public debt, inefficient
state-owned enterprises, and spending pressures, which reduces the
country’s global competitiveness. Despite this South Africa has a highly
developed economy and advanced economic infrastructure, making the
country the leading African economy and home to 75% of the largest
African companies.
Public debt is over 50% of GDP and the budget deficit is around 4%, as
economic growth slower than expected and revenue collection fell.
The country struggles with socio-economic challenges, such as growth,
high unemployment, persistent social inequalities, a highly volatile
currency, and rising inflationary pressures.
Private investment growth is expected to remain cautious as the elections
approach and uncertainties about land reform continue to be a cause for
concern. The prevailing political uncertainty in the country seems to have
eroded business and consumer confidence.
Environmental This refers to the effect that an entity can have on the natural
risk environment and vice versa.
An entity can have a negative effect on the environment by
generating pollution in the form of effluence or emissions. This may
result in fines levied on the entity or the entity being required to incur
rehabilitation costs. This risk can result in a strategic risk as the
entity's reputation may also be damaged as a result of its effect on
the environment (environmental risk may drive reputational risk).
Environmental disasters can also pose a threat to an entity (such as
 floods, earthquakes, cyclones and tornados). These events
hamper the continuity of business, and result in physical damage to
the entity's property and assets.
Political risk This risk relates to actions taken by the government of the day that
may result in financial loss for the entity. Such risks arise in respect
of local and foreign operations.
Examples of political risk include imposing foreign exchange
controls that hamper the flow of funds across borders,
implementing quota systems or import tariffs, the nationalisation of
assets owned by the enterprise, and the strict regulation of merger
and acquisition activity.
This risk can be negative for one party while creating opportunities
for another. For example, local entities can benefit from quota
systems while foreign suppliers will not.
Technology Inability to standardize products across the industry to ensure effective
integration of IT in future.
Inability to achieve seamless integration and communication between
various digital products and platforms including mobile platforms, tablets
and other forms of access
IT risks relating to malfunction or disruption in the operation of the
systems, or cyber-security breaches, could adversely impact the
company's ability to compete.
Social This relates to the individuals who are dependent upon the business for
livelihood and how they are affected by certain events. Some of the
aspects that often require assistance from business are old-age, death in
the family, and disabling accidents or illnesses, permanent
unemployment, and the technological redundancy of skills. Other aspects
that may affect households are drought, inflation or a financial crisis.
Fashion risk A key risk for clothing retailers is fashion risk. Put simply, the risk is
that the buyers of clothing retailers misjudge fashion for the next
season. This can result in significant inventory write-offs owing to the
accumulation of obsolete inventory.

Financial risk (external)

Currency risk An entity that enters into transactions with foreign suppliers or foreign
customers and is invoiced or invoices in a foreign currency is
exposed to the effect of adverse movements in the currency before
cash settlement of the transaction (transaction risk).
An entity that has foreign operations or foreign subsidiaries (or any
foreign assets or foreign liabilities, for that matter) runs the risk of
adverse movements in foreign exchange rates from one reporting
date to the next (translation risk).
Currency movements can, however, also drive strategic risk: an
exporter can lose foreign market share if their local currency
strengthens against foreign currencies so that their products or
services become too expensive for their foreign customers
(economic risk).
Interest rate This is the effect that adverse movements in interest rates can have
risk on the amount of interest that is owed on interest-bearing
borrowings and on interest that is received on interest-bearing
investments.
Inflation Also called purchasing power risk, is the chance that the cash flows from
an investment won't be worth as much in the future because of changes
in purchasing power due to inflation.
Operational (Business) Risks
Products Breadth of product range: An entity that sells a narrow range of
products is very dependent on the performance of a small number
of products to generate profits and value. If one of these products
fails in the market, then the entity's profit and sustainability can
suffer.
Quality of the products sold: An entity's reputation can be tainted if
the quality of a product declines. Companies that have to recall
products (as was the case with many motor manufacturers) because
of defects are affected by increased costs (cost of reworking or
replacement) and reduced revenue streams, which ultimately leads
to reduced profits and value.
Geographic diversification: Entities whose geographic footprint is
limited to a single area or region may do less business than entities
who diversify the areas in which they do business. The entities that
diversify are exposed to less concentration risk. Remember,
however, that as entities diversify, so they become exposed to other
risks, such as currency and political risk.
Product Entities that do not invest in research and development (R&D) are
generation exposed to significant strategic risk. These entities will be unable to
keep up with the product developments of their competitors and
may therefore start to lose market share, revenues, profits and
ultimately value. New products need to be researched and
developed on an ongoing basis to (among other things) replace
aging products.
Product An entity's pricing policy largely determines the kind of market
pricing share the entity is able to achieve. An incorrect pricing strategy
could result in the entity pricing itself out of the market and
ultimately place the entity's sustainability at risk.
Supply chain An entity relies on the uninterrupted supply of goods in order for
risk production of goods or the delivery of services to take place. Any
disruption to this supply may mean that the entity is unable to
produce sufficient output to satisfy demand or deliver the required
service, and in so doing may lose customers and profit.
Marketing and The market share a product or service may achieve can be limited
branding by ineffective branding and marketing campaigns. This can also result
in competitors increasing their market share.
Trading risks An entity selling goods locally and/or internationally is exposed to
trading risk, which is comprised of the following three risks:
• physical loss of the goods while in transit
• the risk that the customer will not accept the goods on delivery
(referred to as trade risk)
• liquidity risk in that the entity may not have access to sufficient
funding or liquid resources to enable it to provide credit facilities
to its customers
Stakeholder Best practice dictates that an entity follows a more inclusive
engagement approach when dealing with its stakeholders. Management needs
to conduct stakeholder assessments to identify stakeholders and
their needs. Not engaging stakeholders and failing to consider their
needs during the decision-making process can have a disastrous
effect on a business.
Environmental Environmental risks that may affect a business include:
• extreme temperatures and climate change
• floods, fires and natural disasters
 • increases in costs, particularly around energy and water usage, and
waste management
• water restrictions.
Infringing on This risk has an operational and strategic element. An enterprise
intellectual needs to protect its intangible value by as far as possible legally
property protecting its intellectual property (IP) through registering patents
rights and copyrights in its name. It is this IP that the entity uses to create
value on a daily basis and to sustain value more strategically in the
longer term.
Labour unrest An entity is at risk if it is unable to recruit the kind of people with the
and other roles required skills it needs or is unable to retain the skills base that it
relating to has. An entity exposed to labour unrest is also at risk.
employees These situations negatively affect the entity's operational
continuity, which in turn can jeopardise the sustainability of the
entity in the long term.

Financial risk (internal)

Cash flow risk An entity is at risk when it does not have sufficient liquid resources
(liquidity risk) to finance its operating cycle, namely extending credit to customers
and paying commitments as they fall due.
In South Africa, the Companies Act views this risk in a serious light
and requires directors to provide an opinion on the company's
liquidity 12 months into the future when making key decisions.
Capital Financial risk is driven by the mix of funding that an entity uses. As
structure more debt is introduced into the entity's capital structure, the risk
that the entity will not be able to service debt repayments increases.
In the terminology used by the Companies Act, this risk ultimately
becomes a solvency risk and needs to be monitored carefully.
Credit risk This is the risk that the entity's customers with credit facilities will
default on future payments, resulting in cash flow problems for the
entity.
Corporate This is the risk that the entity will cease to exist in future. This risk
failure or going can arise as a result of a number of other risks that are discussed in
concern risk this appendix.
Dealer risk Non-performance on the part of the foreign currency dealer from
whom the entity purchases foreign currency or to whom the entity
sells foreign currency.
Counterparty This risk relates specifically to hedging arrangements. It entails
risk non-performance by the counterparty in relation to the hedging
arrangement, in which results in the hedging arrangement
becoming ineffective.
Market risk This is the risk of financial loss resulting from changes in the market
prices of the commodities that an entity buys or sells (specifically
referred to as commodity price risk), or resulting from changes in
the market price of property or financial instruments that were
issued or purchased by the entity.
For example, the investors who bought Facebook shares during the
initial public offering were exposed to market risk as they bought their
shares at a higher price than the price at which the stock traded after
its initial listing.
Ethics risk
Fraud risk Fraud risk results from failures in the internal controls of the business
producing financial losses for the entity. The bigger these losses are,
the greater the likelihood of corporate failure is.
Cultural risk This is the risk of entering a foreign market where the language,
beliefs and customs differ from those to which the entity is
accustomed to locally. The entity will need to understand these
differences, and in particular how these differences affect the
product manufactured and marketed in the new overseas market.
The entity must also know how to customise the product for this
foreign market to appeal to the local community.

Compliance risk
Legal risk In essence, this relates to the risk of an entity failing to comply with
relevant laws. This risk can result in fines or penalties being levied
on the entity or the entity's licenses being revoked.
Standards/ In essence, this relates to the risk of an entity failing to comply with
regulations relevant formal standards or regulations. This risk can result in fines
or penalties being levied on the entity or the entity's social image
being damaged.
Social The triple bottom line principle requires entities to perform in a way
performance that does not damage the environment, make a profit (a
risk contribution to the economy) and make meaningful contributions to
the people (community and employees). One key aspect is health
and safety in the workplace. Incidents where employees are injured
while working or mortalities occur can negatively affect the
business in terms of cost and disruption to production or service
delivery.
Health and safety issues can therefore pose an operational risk to the
business as well as a strategic risk because work incidents can
negatively affect the entity's reputation (reputational risk).

Information risk
IT risk Authorisation and access control - unauthorised access to sensitive
data/master data.
Backups.
Connectivity to internet.
Technology Technology outdated/not fit for this business.
Breakdown of system / downtime.

Note - It is possible for a specific business activity/risk to be classified under more than one heading.
To illustrate the point, importing fashion clothing from Europe make very well result in both Market
Risk (Fashion risk), Political Risk (Foreign Exchange Controls, Import duty changes) as well as
Financial Risk (Currency Risk).

 Again, students need to make these risk relevant and applicable to the given
scenario!
 General remark – keep your answer neutral, without any bias (in respect of issues
such as politics, gender, race, etc.). Do not make assumptions that is not supported
by the information in the scenario (i.e. that truck drivers are only men, etc.).