By Sean Pyott, Managing Director of thryve
I’m looking forward to reading IRMSA’s new risk report, due later this month. For several years, the IRMSA report has been the primary benchmark for summarising South Africa’s risk – developed because global risk reports don’t provide the nuance we need for a local context.
That is reason enough to want the new report. But 2020 was a watershed year in many different ways. It created more visibility for risk management. The year also underlined the need for longer-term and more holistic risk management. The excuses that “it won’t happen to us” or “it’s unlikely to happen” don’t stand up as well as they used to. There is a much greater emphasis on what we at thryve call ‘sense & respond’ risk management.
But while we wait for IRMSA’s latest views, I want to whet our appetites by revisiting the 2020 report. That edition brought changes of its own, focusing more on high-level, interconnected risks and what to do about them. For the sake of perspective, let’s see how matters might have evolved since February last year.
Leadership, governance and corruption topped last year’s concerns. In all three areas, there is reason for hope. The pandemic response has explicitly motivated the need for proactive leadership and exposed our institutions’ shortcomings. Simultaneously, numerous corporate scandals also highlighted problems in the private sector and provoked responses to handle these. It’s too soon to know where efforts to correct these will go, but the current momentum didn’t exist a few years ago.
Policy areas are still vague and lack implementation, but there are tangible improvements again compared to recent years. Land reform conversations are moving along, and those policies are currently seeking public comment. We are still a distance away from resolving long-standing land issues. But considering how those problems have been stagnating dangerously, the latest developments are a welcome sign of progress. They can also have a long-term positive impact on one of the lower-level risks from last year’s report, namely economic development policies.
Arguably much more concerning is the situation of employment, education and retaining skills. I expect these topics will sit higher on IRMSA’s 2021 risk meditations – and they were already top concerns. The pandemic’s impact on the economy has left many more people unemployed and prompted a surge in emigration. South Africa can no longer pay lip service to these issues, particularly the dismal state of public education and the general reluctance of the private sector to invest more in education opportunities. Specifically, I hope the State and private companies’ perpetual standoff will find more constructive collaboration.
Another enormous concern is climate change. Whether human-made or a natural phenomenon, its origins are growing more and more academic as the repercussions of a changing climate become undeniable. Even philosophically, the pandemic shows how a global catastrophe can impact all of us. In real terms, shifts in climate behaviour are serious, and this risk will likely keep climbing up rankings. That we could see incredible reversals of environmental damage during the different lockdowns should sufficiently demonstrate that we are part of the problem, and thus must create the solution.
There is an enormous silver lining to South Africa’s risk: energy. Eskom is not out of its debt morass yet, but the country’s energy picture has already changed substantially to what it was just a few years ago. Here we can find reasons to believe the other risks can also be addressed: energy has encouraged clearer policy, closer public-private collaboration, job creation, infrastructure development, greener technologies, and skills development. Energy also shows that when the going gets tough, South Africa can bootstrap and make things happen.
Finally, there is the risk posed by cybercrime. The upcoming report will likely significantly elevate this risk category. As much as responses to the pandemic pushed digital adoption forward by years, changes such as remote working have also created more opportunities for digital criminals. Add in that this year the Protection of Personal Information Act (POPIA) goes into enforcement, and cybercrime should rank as a huge priority. The good news is that cybercrime solutions have also evolved to be better, smarter and easier to implement. Executives and board members are also more acutely aware of cybercrime, and enterprises now treat it as a mainstream risk, not a can kicked to the IT department.
As I’ve written before, quoting Winston Churchill, never let a good crisis go to waste. Looking back at IRMSA’s 2020 report, I can find several signs that South Africa isn’t taking a back seat towards its risks. There’s a lot to do still, but there is also a spirit of proactivity that we hadn’t seen in a long time. Let’s see if the 2021 report agrees.