Image: Shutterstock

Risk and strategy are not sufficiently linked in the boardroom discussions of a significant proportion of UK audit committee members, according to new research.

A survey by KPMG examining the reaction to revisions to the UK Corporate Governance Code found that only 51% of respondents could say that risk and strategy were considered together when raised in boardrooms.

Tim Copnell, chairman of KPMG Audit Committee Institute, said: “The complexity and global volatility that we’re seeing—swings in commodity prices and currencies, a decelerating China, uncertainty in geopolitical hotspots, technology innovation, and disruptive business models—are clearly impacting the board’s involvement in strategy and risk.

Tim Copnell, chairman, Audit Committee Institute, KPMG

“But there is a danger that many boards are seeing risk management as a ‘bolt-on’ exercise which potentially leaves them exposed to the strategic risks that could affect the company as well as its long-term viability.”

Last year the UK Corporate Governance Code was revised with fresh guidance for boards to make a robust assessment of the principal risk to their company’s business model and its ability to deliver its strategy.

A hefty 67% of those polled said their audit committee had increased its involvement in strategy formulation, while 62% said their involvement in monitoring strategy execution had risen.

Despite cyber-security becoming increasingly problematic for companies, 39% said their full boards should be devoting more time to the issue.

Copnell added: “Unfortunately, there remains a dearth of cyber and wider technology expertise on boards. Fifty percent of UK respondents recognise this need very well, but the risk and opportunities are so large, someone on the board has to know the right questions to ask and be in a position to understand the answers.”

KPMG’s full report can be found here.