Risk Manager of the Year Heljo Laukkala talks to FERMA about his work and why being a risk manager is such a worthwhile and exciting job.
Heljo Laukkala, Vice-President, Corporate Risk Management for Metso Corporation in Finland, was named first European Risk Manager of the Year award in the first FERMA-Commercial Risk Europe excellence in risk management awards presented on 6 December. Before becoming a risk manager, he was a security and military adviser to international organisations on behalf of the Finnish government and he has vast experience developing risk management in large, international government and corporate entities. Heljo is a board member of the Finnish association FinnRima and has been the chairman of its board.
You have an unusual background for a risk manager. How did you become one?
The Metso Paper division of my company, which is a global supplier of technology and services in the process industries, was looking for a security manager due to 11 September 2001 incident and all the concerns it caused for our travelers and business. I applied for the job and, fortunately, I was selected. Two years later, the Risk Manger position was offered to me, and I did not hesitate to take the opportunity.
Does your background in security affect the way you approach your job as a risk manager?
For me, health, security and safety functions are fundamental parts of managing operational and hazard risks. I still have some areas of security in my portfolio, and occupational health, safety and environment were included in my job description in 2016, but enterprise risk management in compliance with ISO31000 is the key focus area of my work. I believe that as a result of my background I have a pretty realistic understanding of how important comprehensive security management is and what causes direct and indirect impacts on company’s success.
How would you define success for a risk manager?
Risk management is a support function doing its part to systematically help the company achieve its strategic targets. Success for a risk manager is effectively supporting the strategy process and running all the proactive, protective and preventive processes needed for business continuity. We also want to help the company ensure stakeholder confidence with transparent reporting and solid performance of all the risk management processes.
I want to highlight that the key element of success for a risk manager is to have well-functioning networks established internally, externally, nationally and internationally. Without strong networks, no real success can be expected.
How do you explain/demonstrate the value of what you do as a risk manager to your senior management or board?
We have a systematic way to assess risks and the respective risk management levels. We include the evaluation of opportunities in the framework in a similar manner as threats, and we also put price tags on these risk elements. So when introducing the results to our Audit Committee and Executive Board, we can show the financial value of the risks and thus make the risk interpretation more concrete and risk appetite easier to define.
In terms of the actual financial targets, a captive is one of our subsidiaries and thus subject to financial performance follow-up. Likewise, the results of our insurance programmes are evaluated both from a performance and cost-efficiency perspective.
What advice would you give to someone looking at risk management as a career – it could be a new graduate or someone like you making a career change.
My sincere advice is that to be prepared to hard work, but if you feel the passion, take a chance and enjoy the 24/7 window seat in the ever-changing working environment. If you are feeling down one day, don’t worry – there will never be that same kind of day ahead.