In this insightful article, originally penned by our resident Risk and Compliance specialist, John Bassett, we delve into a crucial aspect of risk management: “Horizon Bias.” As we explore the concept of Horizon Bias in Risk Management, we’ll uncover its impact on businesses and the broader risk landscape.
Defining Horizon Bias in Risk Management
Risk [noun]: The possibility of something bad happening – Cambridge English Dictionary
This week, I was in the privileged position of being able to talk about risk to an audience of mainly international learners. In all of the jargon within Risk and Compliance, there is probably already a term for what I am going to call horizon bias, however, I am going to use the term horizon bias because it best describes what I have experienced within the past week. So what do I mean by horizon bias? Its natural and probably sensible for human beings and consequently businesses to bracket their anticipation of risk, based on what is on their horizon and to then prioritize that risk by what is closest to them. This includes any (albeit pointless) attempts to foresee or calculate black swan events. What this then does is limits our risk awareness and anticipation to those horizons however broad or narrow they may be. All those data points that exist outside of them, never reach us or are subconsciously filtered out as being of little relevance.
Differing Perceptions of Risk Across Borders
Talking to the unique group of risk colleagues I had the pleasure of conversing with this week, I took the time to understand and reflect on what their consideration of risk was, expecting some divergence in specifics but generally similar themes, after all, risk is risk right? What I discovered was that risks I would consider small in my environment were, and are in fact far closer, far more dangerous and far more apparent than I would ever have considered. Also in conversation, I was asked by a professional from another country what a risk register was. The risk process that they followed and the risk policy that his company had in place was not written down, it was far more intuitive, in their words ‘we know what risks are, why would we need to write them down’. I thought about this at length, why do we document our risks? Why don’t we just… “know them”.
Contrasting Risk Scenarios: Developed vs. Developing Nations
We are
fortunate to live in a developed nation with a sophisticated infrastructure, a
well established government, and a well-developed system of checks and
balances. What this means, and this is meant in no way critically, is that the
proximity of us as individuals to the consequences of poor risk management is low
compared to what some of our risk colleagues face. A data leak, whilst damaging,
can be identified, fixed, systems restored, victims compensated and an
adequately insured company can weather it. Perpetrators may be tracked and if
apprehended, brought to justice. While the consequences are not positive they
are rarely life ending and have little long term impact other than in some
cases reputational impact and business discomfort.
UK Risk Management and Its Unique Challenges
A data leak in some of the nations that my risk colleagues had dialed in from would have far worse outcomes. Companies and individuals my not even know that this has happened to them. Business can be ruined by something that they cannot see and don’t know how to combat putting hundreds out of work with second and third order effects that we dare not even think about. Other risks that we consider now within own risk registers like climate risk as an example are very real, yet within the UK we will rarely have to consider closing a power plant that distributes electricity to tens of thousands because it has been a heavy period of rain or because there has been no rain at all. The immediacy of effect to some of those on the call this week was a true reality check to this risk manager.
Expanding Risk Planning Beyond the Horizon
Many of my
colleagues around the UK face the same issue in that risk is only a priority
after the event. Much of this could stem from the school of thought that ‘it
will never happen to us’. How do we push our view over the horizon and as risk
professionals, do we need to? I believe that as risk professionals in the UK,
we have some of the best checks, balances, assurance routines and resilience
there is order to enable us to mitigate risks that our business face on a daily
basis, but this shouldn’t stop us looking over that horizon bias to see how we
can incorporate the bigger picture into our own risk planning, risk management
and risk processes.
Embracing a Broader Perspective in Risk Management
In conclusion, understanding horizon bias in risk management is essential for mitigating risks effectively. By acknowledging the limitations of our immediate horizons and embracing a broader perspective, we can better prepare ourselves and our organizations to navigate the complex landscape of risk. Horizon bias may be natural, but overcoming it is the hallmark of a forward-thinking risk manager.