. 2
( 131 .)


Health and safety management systems 377
Reporting the benefits of management systems to
stakeholders 378
Contents ix

Health and safety risk 378
Categories of health and safety risk 378
A sustainable health and safety risk management system 396

Chapter 17 Health and safety of stakeholders and customers 401
External health risks to customers and the public 402
External safety issues: general public and customers 408
Analysis of historical health and safety liability risks 412
Risk case study “ emerging food health and safety issues
by Raj Patel 418
Bioterrorism “ a real threat to food supplies and public
health by Vijay Sardana 425

Part D Overview of the Environmental Aspects of Business Risk 433
Chapter 18 Environmental risk management 435
Environmental due diligence and risk management 436
The new environmental environment 437
Regulatory approaches 440
Environmental risks and trends 443
Risk management best practice 451
Chapter summary 457

Chapter 19 Aspects of environmental risk 459
Risk analysis 460
An overview of scale of the risk 461
Categories of environmental risks 462
Environmental risk overview by sector 463
General environmental risk management techniques 464
Analysis of environmental risk 464
Chapter summary 512

Part E Case Studies of Business Risks 515
Chapter 20 Climate change “ air pollution risk 517
The issue 518
A review of the main trends 520
The scale of the problem 523
The causes of greenhouse gas air pollution 524
Risks resulting from air pollution 524
Risk management 525
Risk management case studies 527
A business opportunity? 528
Carbon finance 529
The business opportunity from carbon trading 530

Chapter 21 UK corporate governance: reforms in the wake of
corporate failures and the Enron case study 535
Corporate governance and sustainable risk management 537
Risk management and the Turnbull recommendations 538
Internal controls 539
The Enron case study 541
The background and framework 543
The Cadbury Report 544
The Greenbury Report 545
The Hampel Review 545
Modern company law for a competitive economy 545
The Combined Code 549
Listing Rules: comply or explain 550
Corporate governance in practice 551
The Company Law Reform Bill 552
Chapter summary 555

Chapter 22 Legal risk management in the US “ the United States™
response to the Enron collapse 557
Sarbanes-Oxley Act (SOX) 558
The positive effects of post-Enron reforms 564
Overview of the reforms in the US 568
Chapter summary 571

Chapter 23 Corporate responsibility, corporate governance and
emerging jurisdictions 573
Differing approaches to CSR 574
Relevance of UK developments and the OFR for CSR
and governance 577
Corporations, economic drivers and directors™ duties 578
Global application of CSR 579
CSR and sustainable development 580
How to implement the CSR and SD 582
The business case for CSR 582
Corporate governance and emerging jurisdictions 589
Chapter summary 609

Chapter 24 Conclusions and future trends 611
Introduction 612
Identifying trends, themes and risks 613
Building the business case for action 619
Implementing the business case 625
Monitoring and controlling 628
Chapter summary 635
Contents xi

Bibliography, references and websites 637
Glossary of terms 653
A. About SERM 667
B. SERM rating model definitions 669
C. SERM risk analysis methodology in brief 675
D. SERM sample report methodology 685
E. Sectors ranked by risk 691
F. Institute of Risk Management “ Business Continuity and
Crisis Management syllabus 693
G. CBC framework for corporate governance for SMEs 701
H. OECD policy framework for investment 705
I. Transaction due diligence documentation 709
Index 715
This page intentionally left blank

Never has risk been so much at the very heart of the management of both busi-
ness and not-for-profit organisations. This is not only because of high profile
damage and disasters we have been experiencing at the hands of terrorism,
technology failures, crime, storms, earthquakes, tsunamis and hurricanes.
There are other forces at play that are even more influential drivers towards this
evolution in risk management. These forces are at play in the very business
models that are now used.
In spite of the huge wealth, scale and internationalism of many a modern
organisation, it is in fact much more exposed to organisation-wide, potentially
destructive, damage from single incidents than were earlier business models.
These new business models have brought us multinational empires that consist
of only a very few, but nonetheless individually crucial, foundation stones.
Many modern day organisations comprise only a range of outsourcing contracts
for both supply and delivery, the support of powerful stakeholders, a brand,
legality, tight financial margins, compliance, intellectual assets of many differ-
ent types, and the continuance of the overarching entrepreneurial, control and
communication mechanisms. Some of these ˜assets™ may even be rented and
not owned, and some overseas. These include not least urgent supply chains
and the brand value dependencies. These business models make promises to
deliver products and information at high speed; often simultaneously through
websites; and have financial models that have such tight margins that viability
can be measured in just a very small range of percentage points.
You can add to this cocktail the increased demands of regulators; increased
sophistication of, and information available to, customers and other stakehold-
ers; and the ease by which these stakeholders can switch to other organisations
once trust is beginning to fail. You are left with a modern day organisation that
is so much more vulnerable to one risk incident that in the past they could have
absorbed. Now that same incident or failure can cause very real damage and
can even destroy.
While the outsourcing revolution allows the organisation itself to be flexible,
the outsourcing model also enables competitors to upscale astonishingly quickly.
No longer do competitors need to build new factories or production lines to
upscale. A few additional outsourcing contracts can be all that is needed. No
longer can chief officers simply delegate their risk problems to insurers and con-
tract lawyers to handle. If only management was still that simple.
I am delighted therefore to see this book emerge. It covers vitally important
areas that are ever increasing concerns for boards, regulators, auditors,

investors, customers, supply chain managers, compliance and risk managers
and others. They are all facing greater challenges than ever before; and this
book will provide much needed guidance right at the very heart of the organ-
isation™s strategic thinking.
David Kaye

David Kaye is the Institute of Risk Management™s lead examiner on business continuity, author
of the Chartered Insurance Institute™s textbook on Operational Risk Management and in 2006 has
co-authored the book A Risk Management Approach to Business Continuity, published by
David is an author and lecturer on risk management and continuity subjects and guides a wide
range of companies and public sector organisations around the world.
David has spent much of his working life resident and with bottom-line responsibility for finan-
cial services businesses in the United Kingdom, the Netherlands, the Caribbean, Singapore and
Malaysia. David later became a divisional director within a multi-billion pound multinational with
responsibility worldwide for operational risk and continuity planning.
David is a Fellow of the Chartered Insurance Institute, a fellow of the Royal Society of Arts, a
Fellow of the Business Continuity Institute, and a Fellow of the Institute of Risk Management.
About SERM and EFR

The SERM model was part of a project begun in 1993 with support from the
London insurance industry the United Nations (UNEP), European Community
(ESF funding) and representatives of industry and the big consultancies.
In 1994, Jonathan Barber, founded the Safety & Environmental Risk
Management (SERM) Rating Agency. It set out for the first time to place a finan-
cial benchmark on environmental risk in terms of direct and indirect (reputation)
residual risk. The methodology was developed in collaboration with industry
and SERM™s Advisory Panel, on which Adam Rose served as co-ordinator,
chaired by John Rimington CB, former Head of the UK™s Health & Safety
Executive (HSE). SERM™s ratings of UK FTSE companies and their international
peer groups, and testing of the model by the Copenhagen Business School,
enabled back-testing of the SERM model and the construction of a SERM Index
which clearly demonstrated the improved financial performance of highly
rated companies. From 2002 Dr Linda Spedding became an advisor to SERM
with a view to prioritising aspects of corporate governance and to develop the
approach bearing in mind international regulatory developments.
To operate effectively in emerging markets including India, the SERM
model was adapted to analyse risk from a holistic stakeholder perspective in
terms of Extra-Financial Risk (EFR). Since 2005 EFR has focused its research on
the Indian Life Science Sector where, for the first time, complex interactive
stakeholder issues can be assessed and company performance analysed to cre-
ate a dynamic portfolio of sustainable Indian Life Science companies. Through
the methodology that SERM has evolved EFR has developed the application of
this model at a time when global risk management must take account of the
emerging markets having regard to the need for sustainable best practice.
Consultancy work utilising the risk management framework is conducted
under licence by: EFR; Sustainable and Economic Risk Management Ltd; and
Sustainable Risk Management Ltd. Apply to the address in Appendix A for
more details.
Jonathan Barber is Chairman of SERM and Managing Director of EFR.
This page intentionally left blank
About the authors

Dr Linda Spedding
Dr Spedding holds an LL.B. (Hons), LL.M., Ph.D. She is a Solicitor (England &
Wales), and Advocate (India) and an Attorney (USA). Having worked with inter-
national law firms, she set up her own practice and remains a consultant to law
firms and institutions. International environmental lawyer, lecturer and writer,
Dr Spedding has authored many articles for professional journals and several
books law guides the professional and business audience. Dr Spedding provides
the ideal mix of experience as a practitioner and editor who also has a substantial
reputation as an author and lecturer (www.lindaspedding.co.uk). She has been
an international advisor to many commercial and professional bodies both in the
private and public sector. Throughout her career she has assisted an international
multi “ cultural charity as part of her life work balance. She serves on several
committees, including the SCI Business Strategy Committee and the India
Steering Group. Dr Spedding is International Sustainability Advisor to the
CII and Sustainability and Governance Advisor to TERI in India and she has
recently worked as an International Consultant and Advisor on economic crime,
source countries and cultural issues with the Metropolitan Police Service, New
Scotland Yard.
Over the last 18 years Dr Spedding™s work has been published extensively
in the areas of environmental law, due diligence and corporate governance: she
has spoken regularly at conferences and training sessions. She is a specialist
in International Environmental Law and Energy projects. Dr Spedding was
awarded the Alexander Maxwell Law Scholarship Trust Award in the 1995“1996
awards for her contribution in this area. Her work experience covers commercial
law, corporate advice, contracts , consultancy agreements, project finance, due
diligence, joint ventures and technology transfer. She has thorough and exten-
sive knowledge of comparative regulatory regimes within the EU and outside
including Central Europe, India and the USA. She is Director of Women in Law
(see www.womeninlaw.com). In her capacity as international environmental
lawyer and advisor to SERM and EFR Ltd she has developed corporate gover-
nance and corporate responsibility as specialist areas of advise to business and
non profit organisations.

Adam Rose
Adam Rose read economic geography at the London School of Economics and
Political Science (LSE) and has postgraduate qualifications in Marketing and
Management. He has specialised in Risk Management and Socially Responsible
About the authors

Investment research techniques for over 10 years and has built up several
research teams (including SERM™s) and currently acts as a freelance consultant
and research advisor for the SERM Rating Agency. He has contributed papers to


. 2
( 131 .)