Chief Risk Officers (CROs) are firefighters, investigators, counselors and -- critically -- the people trained to ensure companies have the systems, frameworks and culture in place to identify, assess and monitor big challenges ahead. They also help teams take meaningful action and chart a successful path forward. On the launch of the World Economic Forum's Chief Risk Officers Outlook, Bahare Heywood, the first ever CRO at global law firm Clifford Chance, shares her take on the report's highlights as well as the real-world approaches she believes are critical to make risk management effective in any business. She shares strategies she used to create a risk management culture, her personal lessons learned and the one thing all risk management plans must consider right now. Scroll for transcript.
Report: Chief Risk Officers Outlook
Release: Macroeconomic and Geopolitical Conditions Pose Severe Risks to Organizations, say Chief Risk Officers
Podcast transcript
Bahare Heywood, Clifford Chance: We're seeing now more and more how external factors are impacting our risk profile and impacting organisations in lots of different ways.
Linda Lacina, Meet The Leader: Welcome to Meet the Leader - A podcast, where top leaders share how they're tackling the world's toughest challenges. In today's episode, we learn what the world's top risk officers want us to pay attention to right now.
Subscribe to Meet the Leader on Apple, Spotify and wherever you get your favourite podcasts. And please take a moment to rate and review us. I'm Linda Lacina from the World Economic Forum and this is Meet the Leader.
We're seeing now more and more how external factors are impacting our risk profile and impacting organisations in lots of different ways.
”Bahare Heywood, Clifford Chance: As a chief risk officer, you are basically a firefighter. You're a diplomat. You're an investigator. You're an agony aunt. You're all of those things and more. But ultimately, the role of the CRO is basically to ensure that you've got effective systems and processes in place to be able to identify material risks to a business that's internal and external.
Linda Lacina, Meet The Leader: A first ever report launched this July from the forum, one that takes a midyear pulse from chief risk officers and helps bring a little bit of clarity in a very confusing world across things like geopolitics, the economy and society.
The results are collected in the Chief Risk Officers Outlook to help us better understand what experts believe are the threats that could destabilise markets or economies all the next six months.
The report also does something else. It gives a special window into the world of the Chief Risk Officer. This is a group of people who sees knowing how to manage risk as a business enabler, not a business paralyser or that helps leaders around the world chart a path forward.
Bahare Heywood will give her thoughts on the chief risk officer's outlook and help us understand what we should be paying attention to right now.
She will also give more insight on her role, one that she has helped shape at the global law firm Clifford Chance. And she'll give us a better understanding of how risk can help anyone better plan for challenges ahead.
She'll get into all of that. But first, we'll talk about the Chief Risk Officers Outlook and why it's so important.
Bahare Heywood, Clifford Chance: For us CROs It's really important to be continually calibrating our views and perspective, and this was done in a really digestible and concise way. So, I was I was really delighted to read it. It was also quite a helpful sort of half-year checkpoint thing, which I think everybody will agree is even more critical now than it has been in the past, particularly as we're in such a fast-paced and fast-changing environment and ecosystems from a risk perspective.
I think for me it's important to keep track of what's going on in the world outside. It's sometimes very easy when you're dealing with risk to become very insular and to just sort of look into your organisation. But we're seeing now more and more how external factors are impacting our risk profile and impacting organisations in lots of different ways, that, as I say, are increasingly unpredictable. So, this type of report for me is absolutely critical. I have to say if I look across my desk, I've got about seven or eight of them. This was quite unusual in that it did specifically reflect the outlook from the Chief Risk Officer community.
Linda Lacina, Meet The Leader: And is there anything that either surprised you or really stood out to you, especially given your role?
Bahare Heywood, Clifford Chance: I'm pleased to say that it was actually relatively consistent with my own views, which is quite reassuring. I’d get a little bit worried if it wasn't, but clearly there are some consistent themes here that we're all worrying about, we're all grappling with.
AI, without a doubt, is one that is troubled everybody's list. I mean, the level of uncertainty in terms of the direction of AI and certainly the way that it's going to impact our lives, let alone our businesses, is enormous. So, there was some really valuable insights in relation to that.
And of course, the other big topic, which sort of impacts us both from a sort of personal perspective and also from a professional work perspective is around geopolitical instability. Again, we're seeing a lot of that.
Of course, finally, economic instability as well. That's always something that we are keeping a very close eye on.
Linda Lacina, Meet The Leader: And people who are reading this, who may not be in your exact profession, what do you recommend that they think about or what filter should they take as they as they read this? Do you have any sort of thoughts for maybe a lens that they should have as they go through it?
Bahare Heywood, Clifford Chance: I think read it in a way alongside perhaps some other materials. I found reading this alongside the annual risk outlook was quite helpful. I think it's helpful to get a sense of directionally how things are changing. And, as I said, this is a bit of a pulse point for us mid-year. Reading it alongside the much more detailed global risk outlook, I think is always a really, really good way to get really good sense of what is going on around you, but also how things are then evolving.
Linda Lacina, Meet The Leader: And also -- just to build on what you'd mentioned about AI and sort of the geopolitical instability -- if someone's reading this, what should they be really paying attention to given those particular risks? Is there anything in particular they should be they should be doing?
Bahare Heywood, Clifford Chance: Absolutely. I mean, there are two quite different, distinct risks.
I think the first thing with anything like this, particularly where it's fast moving, where it's new, it's to take a step back and really understand how it impacts your business. So, AI for example, will have a number of different impacts on your organisation. For us, I'll give you an example. Obviously, AI is something that we could use within our own organisation. It's something that you can use within sort of all different types of processes to help perhaps make them more efficient and so on. But also, there is then the possibility to use AI in the context of providing legal advice. We've seen things like ChatGPT and the power of that. But of course, that comes with its own quite serious and significant risks. So really understanding the impact it has on your business and all the different facets of your business is really, really important and that will vary from organisation to organisation. So, really taking the time to understand that.
From a geopolitical perspective. I mean this is an interesting one because obviously it has strategic implications for organisations, but also it has operational implications and I think sometimes that operational piece is forgotten.
A good example of that is that increasingly we're seeing more sort of protectionist data laws as data is increasingly commoditized and seen as a very, very valuable asset. These protectionist data laws have very sort of significant operational implications on our business. How do you start to create an IT infrastructure that is able to comply with these requirements? That stuff, particularly for an organisation the size of mine, which is 26 or more countries, is a very complex exercise and it's something that you really need to be thinking about years in advance. It's not something that you're going to be able to find a solution to overnight. I think the same goes for AI. The same goes actually for all of this kind of very, very, very large global risks that we've outlined in this report. These are things that are going to have both short-term and long-term implications. I'm really understanding that in great detail about your own business is so important.
Linda Lacina, Meet The Leader: I want to talk a little bit about your role, too. We've been talking about Chief Risk Officers and maybe folks listening to this, maybe they're learning about this particular position, important position for the first time. You are the first chief risk officer for Clifford Chance, and we are going to get into that in a second. But can you tell us a little bit -- just a lay that lay the groundwork for us -- What is a chief risk officer and why is that role so important?
Bahare Heywood, Clifford Chance: Oh, well, okay. As a chief risk officer, you are basically a firefighter, you're a diplomat, you're an investigator, you're an agony aunt. You are all sorts of things. You're all of those things and more.
But ultimately, the role of the CRO is basically to ensure that you've got effective systems and processes in place to be able to identify material risks to your business. That's internal and external.
And for me, the role of the CRO, as you mentioned, is fundamentally to be a business enabler. I really see my role as providing information and solutions to my leadership to allow them to sort of achieve their business imperatives and to do that in a way which is within the firm's risk appetite and in a way which is sustainable. I think that for me is absolutely key.
Besides being an agony aunt.
For me, the role of the CRO, as you mentioned, is fundamentally to be a business enabler.
”Linda Lacina, Meet The Leader: When you say agony aunt, how so? How does somebody that's sort of like absorbing, absorbing some of these the regular pains of businesses, is that what you mean? Or tell me about that. I love that.
Bahare Heywood, Clifford Chance: That’s it. Every single day. You tend to be the go-to person when there's a problem. And the problem can be, you know, a strategic one or it could be something very small. It could be conflicts internally between individuals that could be at that kind of human level, or it could be something super strategic, you know, to do sort of perhaps one of the risks that we just talked about. But you have to be prepared to hear people out and listen and really ultimately give them some kind of solution or direction.
Linda Lacina, Meet The Leader: And to give people a little bit of a sense of the block and tackle of what that looks like when you're creating these solutions, how does that express itself in your day to day?
Bahare Heywood, Clifford Chance: You know, it's interesting because I think every CRO will tell you that your day -- every day is completely varied. There is no day like another and it's all totally unpredictable. So, you've got to be somebody who adores that. You've got to wake up thinking, I have no idea what's going to happen today, but whatever it is, we’ll fix it.
So, you need to be really solutions oriented. And I would say probably about 50% of my day is structured, planned-for events. So obviously I have my standard, standing calls. ERM, enterprise risk management, tends to be quite structured as you're working through the risks that you've identified and so on. That's pretty structured.
But the rest of the time, it really is about solving problems. It really is about sort of interacting with people, hearing problems. And also just getting involved in conversations and understanding what's going on in your business, right.
Because without knowing what's going on, I can't really advise my business. I don't really understand the issues. So, I spend a lot of my time in meetings with all of the different functions. I'll get lots of meetings with HR to understand what they're doing. IT -- I'm very close with. I would say I probably Interact with our CIO six or seven times a day in terms of messaging, we're messaging constantly, and that will be the same for most CROs.
So, you're really getting into the belly of the business. You have to understand in all of its glory and literally in every element of it. Understanding what our lawyers do, understanding what the business professionals do and so on. So that's really a large proportion of my day. And then of course, when you least need it, you have a curveball or crisis and that then requires you to drop everything, and things start to get a little bit more serious.
Linda Lacina, Meet The Leader: There's also an element where you're helping people think about things in maybe a have a way of thinking about things with certain frameworks. Right. Tell us a little bit about that, about how your work is working as a business enabler and not a paralyzer.
Bahare Heywood, Clifford Chance: You need to understand your risk landscape. You need to understand what your issues are. You need to understand what you care about and what you don't care about.
And in order to be able to do that properly, you need a framework. And this is something that I introduced some time ago. It's pretty much standard practice within the risk world. But a framework doesn't really have to be fancy. What you do need is to really create something which allows you to be able to understand where the risks are in your business and actually what the impact is of those risks on your business, what the likelihood is on your business, and then to create a plan around actually addressing them.
So that's kind of the standard, you know, at a very simplistic level, what risk management is. What are the potential risks to me? What is the potential impact? What is a potential likelihood?
We also look at it in terms of velocity as well. And that's particularly important because risks are now crystallising so much faster than they used to. So, we look at it and when you've considered all of those, it's about meeting with the right body within your organisation to take a view on your risk appetite and really agreeing between you, what am I going to do about it?
So, risk management is really basically an action plan. It should be, you know, if we're doing it effectively, a bit of a shopping list of things that you really need to get done to address your issues.
Risk management is really basically an action plan, if you're doing it effectively.
”And then in terms of how we become an enabler, if you build the right kind of relationships within your organisation, you can very quickly start to add value.
And I'll give you an example recently which actually made me laugh. I was dealing with a very, very senior colleague of mine who's also within the firm’s leadership, and he called me about an issue. We were talking about a bit of a strategy around how to deal with it, and I said to him that when you decide to go ahead with this, can you just let me know? And he said, “Of course I will. I don't do anything without calling you first. You're like the Ghostbusters.” Which I thought was absolutely brilliant. And it sort of made me realise, "okay, so we are at a point where people are starting to really, really focus on the importance of risk."
Linda Lacina, Meet The Leader: I love it, I love it. Ghostbuster, agony aunt, firefighter. Those are all things I wish I could put in my LinkedIn. But when we are looking at this too, I think it was one of the things that was really interesting, as you say, it's an action plan. And I think that's so important to stress because I think so many people, when there is a threat, especially one that they haven't dealt with, and we're going to be facing more and more threats that we haven't maybe predicted necessarily, that people can kind of shut down. I just wanted to double click on that, as they say, because it's so important for people to realise that there's more options if they have an action plan in place to solve a problem. What is what is your take on that as far as like people sort of being freed to have that full range of creativity and moving something forward.
Bahare Heywood, Clifford Chance: Certainly some creativity in risk management. You have to be a bit creative to come up with solutions. But in terms of the actual doing, it is really best to have it structured. And that's sort of where you've there's the balance between having free rein to be a bit more creative and have the space to think things, think out of the box. But also, a framework allows you to have a bit of structure around the methodology, if you will, around how you do this.
And I think what's really key in an organisation -- and this is why ERM is called Enterprise Risk Management -- is whatever methodology suits you, whatever it is you're doing, that is an effective way to identify, assess, manage and monitor your risks. You want to do that across your organisation, and you want to do that consistently, right? Because that then starts to give you your risk landscape and you can start to look across all of your risks. And because you've got that consistency, you can actually start to see interdependencies, you can start to see, “Well, I've got an issue over here, and actually if that materialises, that's going to impact this issue over here that I'm worried about.” And much like the sort of global risk ecosystem, your internal business risk ecosystem will be very interconnected. And so having a methodology around how you do that and doing that consistently will allow you to have really great visibility. And that's the kind of information that you need within your leadership teams to make good decisions. So, I think in some ways I'm not sure if that answered your question or not, but I think it's a combination.
Linda Lacina, Meet The Leader: And what is the risk of not having a chief risk officer? This is sort of still a relatively new role. Not every organisation has one of these in place in this sort of way. Why is it so important to have this capability?
Bahare Heywood, Clifford Chance: You're absolutely right. Not all organisations will have a CRO. But so, you know, we shouldn't panic. We don't we don't all have CROs and we're not all going to run out tomorrow and call ourselves CROs. You know, it really depends on sort of the governance model of your organisation. But what every organisation I think needs is someone who understands your business, someone who understands your strategic imperatives and someone who's then able to independently and proactively -- And that's key -- There are two keys, I think, words that independently and proactively look across your organisation and advise your leadership on the things that they need to be worried about. And that's very much the role of the CRO - and that independent point. The independence point is critical. And they need to be then reading that back to leadership to say, “Look, these are things you should be worried about. These are things that are coming down the line and you should think about these when you're making your decisions.” That's how you start to integrate risk management with your strategic priorities. And that's how risk management really helps you make better decisions. You're sort of armed with the right information.
So, if you don't have someone with a formal title or if you're a risk person out there without that formal title, I think it doesn't matter. But the other key thing is that I think to really run a risk function, to do risk management effectively, you do need to actually have some level of seniority. And again, I think that's where some organisations get it wrong. This is not a back of house type of role whatsoever. You need somebody that you trust, and you respect and somebody that, if not formally, at least informally, has a seat at the table because otherwise there is a complete disconnect between all of the work that's going on around identifying the risks within your business. And then when you're making a decision over here, if you don't understand what those risks are, then you're not actually managing your risks effectively. So, I think that independence, proactivity, but seniority and a seat at the table, I guess those are the fundamental pillars of doing this well.
Linda Lacina, Meet The Leader: A you are the first Chief Risk Officer at Clifford Chance, and I'm sure that they saw that the all the things you've talked about, the accelerating change, accelerating risk. And hey, we need to think about this in a structured way. But tell us a little bit about your unique experience coming on board with this and helping to build this.
Bahare Heywood, Clifford Chance: It's going back a long time now, almost a decade, and I think it's something that many of my peers will be familiar with. It's very much a journey.
And I remember back then when I sort of first joined the team, we obviously every organisation manages its risks. We're doing this on a day-to-day basis. We're doing it on a personal level every time we cross the road. You're doing a risk assessment right when you're looking left and right and taking a decision to cross. So, you're managing risk. And I think that was happening fine. Certainly, in my sector, in the legal sector, I think historically the tendency was for risk to form part of the general counsel function, and it was very much internally focussed. So legal and regulatory risk claims, maybe a sprinkling of cyber at the time, and so on. But really that was pretty much it. And as I say, that was very, very consistent across the sector when I took on the role.
What I really wanted to do was to add some formality and some structure around, as we discussed. I'm someone who likes things really, really ordered and I sort of raised this with our GC at the time. And he said to me, "Well, you know, give me your proposal." And I went and I did a professional postgraduate diploma in GRC, and I've said, this is really important. Risk management is a technical discipline and in many organisations, in many sectors and many areas, you do need to have those qualifications to be able to do it effectively. It's really something that I think would benefit anybody who wants to go into risk to have the technical qualifications, because I think that really helps you understand actually what we were trying to do and how to do it. It really gives you the tools to do it.
And so, I did that and set about designing my framework and do what it was a little bit like baking a cake. You think, was she talking about? It was a little bit like I had all the ingredients, right? So, we did it have all the right ingredients. So, we were good eggs, generally. What I didn't have was the recipe, and that's what my framework was. So that's my risk cake. So I had all the ingredients and what I needed was a recipe, and that essentially was my framework.
And we then set about designing something which worked for us. And there is no blueprint. I don't think we should listen to anybody who says, you know, this is what good looks like, because I think this is all very, very particular and unique to your own organisation. You need to understand your own risk landscape, but you need to understand your firms’ risk maturity and so on. So, there are lots of different factors which really feed into what a good framework looks like for an organisation And started off.
And I say this one, one thing that I would absolutely say about designing a framework from scratch is that start simple. I went down this rabbit hole originally of wanting to do all the bells and whistles. I was quite excited having come off doing my diploma and I thought, you know, I want it all. And I think when I sat down with a cold towel over my head one day, I thought, okay, that's definitely not going to work. And I realised very, very quickly that I was starting from a relatively low baseline in terms of the formalities of risk management.
And I don’t want you to think that we were not managing risk before then, by the way. We absolutely were. But the technical stuff, the jargon, and so on. And so, it was very much starting from a very, very simple model. And now over the last eight years, we've really evolved to a level of maturity and sophistication that I'm quite proud of.
Linda Lacina, Meet The Leader: And as you were building this, especially in the early days, what surprised you about building this? You were talking about, “Hey, start simple with the frameworks,” But is there anything else that really surprised you about what's needed and what can really help such a thing be successful in an organisation?
Bahare Heywood, Clifford Chance: I want to say I thought it was just about the framework. I thought this is going to be really easy and this is the folly of youth, isn’t it? I thought, this is going to be easy. I know what a good framework looks like. No problem. You know, I've got my paper, it's fine.
And very quickly I realised a framework is just the start and I realised very, very quickly that you can have all the wonderful frameworks and processes that you have and that's all great. But in reality risk management is about changing culture and evolving a risk culture and developing a compliance culture. And that was a bit of a surprise to me. And I have to say I was pretty shocked at the amount of time it would take for me to really take my organisation on that journey.
So, I think you have to be prepared for that. You have to sort of be prepared to really go on a journey with your organisation. You've got to take them by the hand. I don't want to say drag them kicking and screaming. But certainly coax them with you and really get people to understand what you're doing and why you're doing it and why it's important, because without that you're not going to get by. And so that kind of “what's in it for me?” question was really fundamental. So, it became apparent to me that my framework was fine, but actually there was a lot of work and really I think it took me about three years to properly embed it.
Risk management is about changing culture and evolving a risk culture and developing a compliance culture.
”Linda Lacina, Meet The Leader: What has been really helpful in kind of nudging that culture change along, helping with that evolution. Are there certain either tactics or strategies as you've built things with the teams, co-created things that you've gone, “Gosh, this has been really helpful to get everybody having a contribution to these conversations and really feeling part of it.” What worked for you?
Bahare Heywood, Clifford Chance: First of all, I think one of the most critical factors is you do need to have the support and the buy in from your key stakeholder. So, in my case, it was our global managing partner and that is absolutely critical if you have the sort of the support and the buy in from the top, you are much more likely to succeed. And without that, it's actually a bit of a struggle. So, I think once you have that, it's a question of then starting to bring everybody else in the tent. And I was really fortunate because our managing partner at the time totally bought into it. He wanted to do this. He really empowered me to do this. He turned up to all the meetings. He supported me and I knew that if I didn't include him in a meeting that some of my other key stakeholders -- and remember, this is the early days. People haven't really drunk the Kool-Aid quite yet -- I knew they wouldn't turn up. So, there were times where I would just say, you know, please do you mind just coming to this meeting because otherwise I'm not sure I'll get them in the room. And he was delighted to do that. So I was really fortunate to have a key sponsor that fully supported this, and I think that's the first thing.
The next thing is really finding ways within your organisation to make sort of key stakeholders accountable and responsible. And that for me again was quite a critical moment. And the way that I started off doing it -- and by the way, this isn't this isn't necessarily going to be textbook, but you know, sometimes you have to be, as you say, creative to get things moving and get things go in the right direction. And really, I decided the only way I was going to actually get the people around this table (it was called the Executive Leadership Group, but it would be sort of the board in other organisations) to really pay attention, was to make them each accountable and responsible for one of the global risks. And at the time they were called the global strategic risks.
So, I really assigned each of them a risk with the help of my managing partner. And then I thought, “Well, how am I going to walk into the room and not have them switch off and look at their emails?” I thought, Right. Not only do they own the risks, but they have to present the risks. And at this point, I have to tell you, they started to pay attention. At this point. I was getting phone calls saying “Should we meet up and talk about that risk?” And say, “Yeah, of course, let's do that.”
And I thought, well, how do I actually really get them to pay attention? And then I thought, right, now I need to get them to challenge each other on the risks. And so, it created a virtuous cycle of them actually being interested, because not only were they responsible, but they were actually presenting the risks themselves. They kind of needed to know what they were talking about. But then their colleagues were challenging them on what they were saying. So, they wanted to make absolutely sure that A. we have made progress, but B, that they knew what they were talking about.
Linda Lacina, Meet The Leader: And are there other tells that it’s working right, that you have embedded this into the culture and that this is now sort of part of people's DNA, that it's part of how they're thinking and how they're approaching problem solving? What are the tells?
Bahare Heywood, Clifford Chance: Absolutely. That sort of that use of common language is so important. And it really was, for me, a real moment when my sort of leadership team, but also my peers and the heads of functions and the heads of departments, were starting to use the language. I really was actually, for me, quite a spectacular moment.
But there are definitely other ways to get a sense that your organisation is moving in the right direction, particularly in terms of culture. And as I said, this all ultimately comes down to culture and that's really combined with giving people your space, giving your people the space to have a speak up culture.
So, when people start to raise problems to you and they come to you directly, I think that's a pretty good indicator that you're doing something right. And I think if you're a partner to the business, if you demonstrate to the business that you add value, that you're going to help them find solutions, you'll find that that is quite a good and effective way of getting that to happen.
Obviously, I do a lot of talking, I do a lot of reviews, we have audits and so on. But really the key to me sort of getting insight into the organisation is the information that comes to me and it's usually unsolicited. So, I think when you start to see people coming to you to help with solutions, you can know that you're on the right track.
Linda Lacina, Meet The Leader: It's been eight years, so much has changed, so much is in place. If you were going to go and talk to Bahare at the beginning of all that and you could save her some time to help her be a better agony aunt, what would you what would you tell her? What would be really helpful for her to know?
Bahare Heywood, Clifford Chance: This is a really good question because there is actually something that I was told. It was a great bit of advice I was given and that I wish I had listened more. But what I would say is that not everything is as bad as it seems. And I would say I was giving this bit of advice from my former general counsel. He was a very seasoned, real professional, a class act, And he said to me, things are very rarely as bad as they seem. Don't sweat it. And his mantra is, go away. Think about it for 5 minutes and come back and tell me if you feel the same way. And of course, at the time I was eager, and I thought, God, this guy doesn't understand how urgent this is. This is a catastrophe. He has no idea. This is going to be a car crash. And I often would go and sulk for 5 minutes and come back. And actually, I now realise he was absolutely right. Giving yourself some time to reflect and really sort of analyzing the situation is important.
Linda Lacina, Meet The Leader: If you were going to give advice to other folks that are looking to create this capability in their own companies, whether it is an actual chief risk officer or whether it is more of maybe a department that's looking at this in a more structured, a more formal way, what are the top questions they should be asking themselves, or what are the things they would be fools not to be putting into place or considering? What's your advice for them?
Bahare Heywood, Clifford Chance: Well, I think there are a couple of key questions that we all need to ask ourselves. I continue to ask myself the question periodically. And the first is, do you have the right expertise, team and tool to be able to do your job well?
Now, if you've got a framework, this will form part of that and your leadership will be required to make sure that you have the right tools, the right skills, the right team to be able to do your job. But I do think that this is an area that gets neglected and you find risk professionals scrambling, trying to do things themselves without the support system, the mechanism they need around them. So that's the first thing that I would say is make sure you've got the right set up around you to allow you to do your job well. And if you don't, then you should be going and talking to your leadership team. You should be talking to some of your key stakeholders about that. So, I think that's fundamental.
The other thing that I would say is do think about creating a framework. Do think about creating a mechanism, a methodology, a structure to help you most effectively identify, assess and manage your risks. It's not just about firefighting. I mean, the firefighting is something that we do for a proportion of the time, sometimes more than I'd like. But you do need to have structure when it comes to this.
And increasingly, you need to be thinking about emerging risks. And we talked a little bit about the complex nature of the risk landscape. I now find myself spending much more time thinking about emerging risks than I have ever in the past, and that's because things are just moving so quickly to have a cadence, a rhythm for sort of our sort of horizon scanning. Now, that's on sort of turbo speed in terms of the emerging risks. And I've got a much more extensive emerging risks log than I have ever had. And the number of things that I'm just keeping an eye on because that bubbling in the background has grown dramatically. So, making sure that you understand the fast-paced nature of the change that's happening around you and that you have a mechanism for being able to keep up with that is is really critical as well.
And then lastly, I think the key here is about building relationships. I really wouldn't be able to do my job if I didn't have excellent relationships with all of my colleagues and my peers, and I cannot stress how important that is. I mean, you can still get your job done if you do have good relationships, but the reality is it's going to be so much harder. So building the relationships to let you have candid conversations to allow you to build the respect. And that's particularly important to be able to sort of be seen as a senior advisor. All of that needs you to have really good relationships. And as I say, I rely on the rest of my firm to tell me about things that I wouldn't otherwise know about. I don't know everything. No Chief Risk Officer knows everything. We're really very dependent on the people around us feeding us the information and so that we can really help them make good decisions. So that, I think, would be the third element that I would always say is fundamental.
Linda Lacina, Meet The Leader: Is there a protocol or are there certain places that you go, even outside your organisation, things you read, things you watch for that you're looking for so that you can keep up to date on emerging risks? What do you read? What are you looking at to keep up to date on this?
Bahare Heywood, Clifford Chance: I mean, there are lots of great publications out there, too many to name. I think the key is to find something which is also what -- you want two different sorts of lens really. You want a general global type of thing. I'd like the Chief Risk officer outlook, but also you need things that are specific to your sector or business. You know, I'm in the legal sector. We're heavily regulated. The issues that I will face will be very different to another type of organisation. So, making sure that you're staying ahead of the global stuff, but also staying ahead of things that are relevant to your industrial sector is really, really important.
Linda Lacina, Meet The Leader: You had other roles before this one. What helped prepare you for this? Was there an experience or maybe even a particular job where you were able to develop the relationship skills or even the structure skills that have helped you with this? Is there something that really kind of prepared you for this role right now?
Bahare Heywood, Clifford Chance: What you continue to evolve, and grow don't you? It doesn't matter how long you've been doing something and how much experience you had. I think plenty more to learn yet.
But I have to say that the key thing that I have learned over the years in doing risk was resilience. You have to be very resilient. And that just came with experience. As I said, learning that it's not the end of the world. Not every problem is going to be catastrophic.
Learning to deal with a lot of stress. I think, you know, don't underestimate the amount of stress that you, your chief risk officers are under and the amount of stress that they deal with on a daily basis. At the end of the day, we are the people that pretty much deal with things going wrong. There's very little upside, although I do think that increasingly, as you mature along your journey, you start to realise that risks are not all bad. And actually, there is a fundamental element of positivity that comes with risk, all sort of opportunities that come with risk that you need to be thinking about. But that comes a little bit further down the road on a day to day. It's actually quite a highly stressful job and so being resilient is important and I think sort of doing this now for ten years or so has taught me that I'm actually a pretty resilient person.
Realise that risks are not all bad. And actually, there is a fundamental element of positivity that comes with risk.
”Linda Lacina, Meet The Leader: You also studied Russian literature and I wanted to talk a little bit about that. How does that help shape how you think, how you learn, how you take in different different situations and even in your current role. How does that sort of shape you?
Bahare Heywood, Clifford Chance: I think I think the one thing I would say about reading literature at university was that it does require you to be quite analytical and to look at things in a lot of detail, particularly when you're reading literature or studying literature, which is from a different language. So, you know, things are not automatically as straightforward as you might think. And I found that actually has been incredibly helpful in terms of sort of setting me up for my current role. Really understanding that you need to be quite analytical, quite thoughtful in the way that you're analysing things and quite balanced in your perspective has been quite helpful. That's very much what sort of reading literature is all about. Trying to understand the meaning beneath the word and the essence behind the sentence.
Linda Lacina, Meet The Leader: And I would imagine also a sense of voice as you're looking at different authors is helpful as you are talking to different individuals in the organisation and understanding they've got a unique perspective and a unique motivation. Does that also sort of have a really big, big tie?
Bahare Heywood, Clifford Chance: Absolutely. And actually, I was fortunate enough to work outside of London for a number of years, and so I think that also gave me really, really great perspective. As part of my studies, I travelled a fair bit. So, as you say, understanding different perspectives, understanding different cultures, understanding that you cannot have a one-size-fits-all model at all is really fundamental.
Linda Lacina, Meet The Leader: Is there a book that you recommend?
Bahare Heywood, Clifford Chance: Well, now this is a really hard question, and I know you would agree because you've done literature yourself. So this is a very difficult one. I think the book that I would recommend (and only because it appeals to sort of my inquisitive nature): The Master and Margarita by Bulgakov. I find it is a fascinating book and obviously it's a great piece of literature in its own right. But as I say, if you are sort of like minded and have an inquisitive nature, it is absolutely the right book. And as as you will discover, nothing is at all as it seems.
Linda Lacina, Meet The Leader: And how would it change someone after they read it?
Bahare Heywood, Clifford Chance: Well, I think when you question things a lot, which is what I do best, is what I do for a living.
Linda Lacina, Meet The Leader: I love it. I love it. Is there a piece of advice you talk a little bit about advice that helps you in this particular role, but just in life, in your career, is there a piece of advice that you've really been grateful for?
Bahare Heywood, Clifford Chance: I think just this point about building relationships, there is one thing that I have learnt, and this is through not so much advice, but some coaching that I have had.
I've learnt that as a leader you really need to sometimes think about the best way to get to your goal and to achieve your goal, and that's not always necessarily going to be following your instincts. I can give you a very recent example of a time where I thought you can't always go with your natural human reaction to things.
We were recently, my team was recently due to deliver something. We had about 48 hours to deliver it. It was an exercise. We have 48 hours and when I checked in, we weren't quite where we wanted to be. And so, at that point I sort of paused and I thought, I could get very cross because we're now in goal 24 hours. And that would have been my natural reaction, my natural sort of instinct to get a little bit annoyed. But after a fair bit of coaching, I realised that it is actually more important to achieve my objective and to sort of achieve our goal than to express how I felt.
And so, the only way I was really going to be able to achieve my objective was really to lead. To be a bit more supportive and helpful than perhaps I felt inclined to be and to really make sure that we delivered.
And I think that is, for me, the sign of a true leader. It's somebody who can really put their own feelings aside for the good of the team. And actually, you know, I do really see my own job very much as being there to make my team look good. And that's certainly something that has changed for me over the years.
That is, for me, the sign of a true leader. It's somebody who can really put their own feelings aside for the good of the team.
”Linda Lacina, Meet The Leader: Is there anything else that you would like to leave people with that they should be thinking about after they close up this podcast?
Bahare Heywood, Clifford Chance: We mustn't forget. I mean, there's a lot of conversation around AI and obviously AI has been pretty transformative and pretty impactful, but we mustn't forget the importance of keeping up to date with technology. And if there's a bit of advice that I was going to give to risk professionals, it would be making sure that you're staying up to speed with the pace of change in technology in its own right, and that's really, really important.
I spent a lot of time recently making sure that I'm able to keep up with the changes because they are happening very, very, very quickly. I really feel strongly that as a risk professional, you cannot properly have an insight into the risks of your business if you don't understand technology, because increasingly everything that we do is going to be totally consumed by technology, is going to be totally led by technology. So, I think that's probably the one bit of advice that I would leave people with, which is go away and talk to your CIO, talk to your IT colleagues, and really make sure you understand how technology works, how it impacts your business. Just some of the nitty gritty.
Linda Lacina, Meet The Leader: That was Bahare Heywood, thanks so much to her and thanks so much to you for listening.
A transcript of this episode and my colleague's podcast Radio Davos is available at Wef.ch/Podcasts. This episode of Meet the Leader was presented and produced by me with Gareth Nolan driving studio production. That's it for now.
I'm Linda Lacina with the World Economic Forum, and this is Meet the Leader.
,
Ida Jeng Christensen and Raju Narisetti
October 29, 2024