What does a Risk and Internal controls manager do? Is it a good career option? How does one get into it? What are the traits of a good risk manager?
Venkatesh S heads the Head of the Risk Management and Internal Control department of a leading MNC.
He shares his journey from being a commerce graduate to leading the crucial function in one of the biggest companies in India.
Risk and Internal Control? Are you crazy? Are you even aware of what it entails? Why have you been selected for this role?
These were some of the comments by several colleagues when they realized that I was selected to be the first employee in the newly formed Risk and Internal Control Department of my company – and that I had accepted it!
If I look back, very little in my career till then (of about 20 years) had suggested that I would be approached for such a role (frankly such a role never existed!). I graduated in commerce way back in 1989 (ancient by today’s standards!). I simultaneously completed my Graduation from the Institute of Cost and Works Accountants of India (ICWA) and the course was so intense that I decided that I no longer wanted to study on a full time basis.
So at a ripe old age of 20 I decided to go for a job. I had the good fortune of working in several companies and functions mainly management consulting, management accounting, financial accounting, business development, information technology and even heading a start-up for a few years before I actually landed up with this role.
My approach when I was asked for taking up this role was very simple – if my company believes I can contribute well to a role then, it must be true; this is the philosophy based on which I had lead my entire career and if you ask me, I have absolutely no regrets in saying “Yes” to almost everything that has come my way back till then.
It was a roller coaster ride in the initial years, very tough to manage the change within the company (you can imagine how it must be!) but it was very interesting as well. Contrary to what many believe, Internal Control as a topic (which is most associated with documentation, slowing down processes etc.) can actually be a very enriching and can be used as an important tool to highlight internal risks within an organization which was hitherto hidden from management at all levels.
I had several experiences of “why”, opposition, escalations etc. but I stuck to it. There were times when very senior managers were against me, but I was lucky to get the support of some other senior managers. I made several friends and had interaction with every business and corporate function of the company.
3 years later, I was made the Head of the department which also included other areas like Enterprise Risk Management and Governance and today I must say it has been an extremely rewarding experience.
How does a typical day of a Risk and Internal Control Manager look like? No day is the same as the previous day – every day there is something new waiting for you. On a given day,
There are a few interesting aspects about the role:
What do I like about this role:
Let me list out some attributes of a person who would like to take up Risk and Internal Control as a career:
The breadth of knowledge and interaction skills that you learn from this role can make you ready for a Business Strategy Manager and even a Chief Executive Officer/Chief Financial Officer.
Salary can be rewarding and depends on the employee but I can say it will be on an average higher than what is paid for an Accounting, Taxation or Finance Manager since demand is high (especially in the context of the Companies Act 2013) and supply is low (since not too many people know about this line!).
A few closing thoughts: Looking back, the most important learning is the Power of saying “YES”; you have read several books about how to say “NO” etc. but I haven’t come across any book which makes you say “YES”. “YES” is such a positive word that it can make the most boring topics in life, interesting and enriching. It was easy to say “NO” to a role about which there was no clarity at that time across the organization but I chose to say “YES” and its been great since then.
The second important thing – this may sound clichéd but you must understand the purpose for why the role exists and you must be able to effectively communicate this. Why do we need the role of risk management? Why should we have an Internal Control System? What value do we bring to the table? What happens if we (as a role) do not exist? Get into the root of this and then see it blossoming into a interesting and purposeful experience.