Airmic sent top-level Brexit guidance to members based in the EU within hours of the referendum result being known, commenting that the decision “must now surely feature on the list of principal risks for most organizations."
Airmic believes that the organizational challenges that Brexit brings can be handled within a conventional risk management framework: it is an opportunity for risk managers “to step up to the plate and demonstrate their relevance and the scope of their skills.”
Airmic’s guidance recommends five steps for risk managers to initiate. These are:
1. Identify areas of the business that may be impacted;
2. Establish ownership using cross functional groups;
3. Prepare a clear plan for short term market risk;
4. Consider the unknown using a range of scenarios;
5. Brief the Board on what they need to know and where decisions are required.
A priority for organizations is the creation or refinement of internal and external Brexit communications plans and the clear allocation of responsibilities for managing these.
As with any risk that might affect the whole organization, Brexit is an enterprise risk and the potential impact should be broken down by considering different areas of the business and the relevant risks including people, sales, regulation, law, finance, information, technology and insurance.