Ghanaian businesses must embed enterprise risk management (ERM) into their operations rather than treating it as a compliance exercise, Dr. Adu Anane Antwi, Board Chair of the Securities and Exchange Commission (SEC), told stakeholders at a symposium in Accra on Tuesday.
The event, organized by the Office of the Registrar of Companies (ORC) under the theme “Resetting the Business Environment: The Role of Enterprise Risk Management,” brought together regulators, private sector leaders, professional associations, and civil society to discuss embedding risk management into Ghana’s business environment.
Dr. Antwi’s message reflected frustration with how Ghanaian companies approach risk—checking boxes for regulators while leaving fundamental vulnerabilities unaddressed. “Enterprise risk management goes beyond traditional siloed risk management as we know it,” he explained. “It can serve as a powerful framework for achieving business sustainability by holistically identifying, assessing and managing risks and opportunities.”
The distinction matters. Traditional risk management treats different threats separately—financial risks handled by finance, operational risks by operations, reputational risks by public relations. Enterprise risk management integrates these perspectives, allowing companies to see how different threats interconnect and compound. A cybersecurity breach becomes not just an IT problem but a financial, operational, and reputational crisis simultaneously.
Dr. Antwi cited Ghana’s business environment as “plagued by weak governance structures and sustainability issues, which had led to substandard service delivery, limited accountability, inadequate transparency and ineffective oversight”. If left unchecked, he warned, these challenges cause financial mismanagement, loss of investor trust, and reputational damage.
It’s an assessment that won’t surprise anyone who’s watched high-profile Ghanaian business failures unfold. Companies that looked solid collapse suddenly because risks weren’t identified, assessed, or managed systematically. Boards that rubber-stamped decisions without understanding underlying vulnerabilities. Management teams that treated risk departments as regulatory overhead rather than strategic partners.
Referencing the Allianz Risk Barometer 2025 survey, Dr. Antwi noted that cyber incidents and business interruptions remain among the top global risks confronting organizations. For Ghanaian firms, those threats compound with economic downturns, natural disasters, and global competition that can devastate unprepared companies.
He urged businesses to strengthen ERM frameworks by cultivating risk-aware cultures, moving up the risk maturity ladder, and leveraging technology like artificial intelligence. The call to use AI in risk management reflects recognition that traditional approaches can’t process the volume and complexity of data needed to identify emerging threats quickly enough.
But technology alone won’t fix what’s fundamentally a cultural problem. Many Ghanaian companies still view risk management as something done to satisfy regulators rather than protect stakeholders. Until boards and executives internalize that ERM drives strategic advantage—enabling calculated risk-taking, optimizing resource allocation, and strengthening business continuity—it remains peripheral rather than central to decision-making.
David Kudoadzi, lawyer and Chair of the ORC Governing Board, emphasized that ERM should not be viewed as the preserve of compliance departments but as a shared responsibility across businesses, regulators, and society.
“The question is no longer whether risks will arise, but how prepared we are to manage them when they do,” Kudoadzi said. He noted that while Ghana has made progress in registration reforms, corporate governance, and insolvency laws, those gains remain vulnerable to global economic shocks, technological disruptions, pandemics, climate-related risks, and governance challenges.
“ERM is about more than minimizing losses; it is about building resilience, trust, and confidence in Ghana’s economy,” he added. It’s framing that positions risk management as infrastructure for economic development rather than just corporate housekeeping.
The symposium’s timing suggests urgency. Ghana is emerging from economic crisis with improving macroeconomic indicators but fragile business confidence. Companies that survived recent volatility often did so through luck rather than robust risk management. The next crisis—whether currency shock, commodity price collapse, or geopolitical disruption—will test whether businesses learned from recent experience or remain vulnerable.
Dr. Antwi’s call to stop treating risk management as “box-ticking” and instead embed it into strategic decision-making essentially demands that Ghanaian companies mature from reactive crisis management to proactive resilience building. Whether boards and executives respond will determine not just individual company survival but Ghana’s ability to attract the patient capital and long-term investment the economy needs.
The symposium produced no concrete mandates or regulatory changes, just exhortations for businesses to do better. Whether that’s sufficient to change deeply embedded behaviors, or whether regulators will eventually need enforcement mechanisms to drive compliance, remains unclear. What’s certain is that Ghana’s business failures continue demonstrating the cost of treating risk management as afterthought rather than foundation.