Risk assessment isn’t sexy, but it’s necessary for your art business
Let’s face it: Risk assessment isn’t sexy. This especially rings true in the art world, where galleries often cut corners and make special accommodations for high-net-worth collectors. This is one of the reasons why the art market is particularly vulnerable to money laundering.
But we’ve entered a new era of art dealing and collecting — one in which transparency, rather than secrecy, is becoming the norm. New Regulations in the Anti-Money Laundering Act of 2020 (enacted by the U.S. Congress in January 2021) are now forcing art and antiquity dealers to follow “Know Your Customer” (KYC) policies and buy and sell art in the light of day. No more back-door deals, no more shady white-glove service.
To stay on the up and up requires not only adhering to the new anti-money laundering regulations, but it also means art institutions need to up their risk assessment game. Does your art organization need to improve its risk assessment process? Read the steps toward creating one below to see if you’ve checked off all of the boxes.
5 Steps to Create a Risk Assessment Process
Managing risk isn’t just something that’s important in today’s regulatory landscape — it’s also a sign of good internal governance. Letting shady dealings slip through the cracks means that someone at the top turned a blind eye to glaring pitfalls. Conducting a risk assessment allows managers to get a holistic view of their entire operations so that any big issues can be properly identified and mitigated. Every business will create its own risk assessment process, but the following steps are a good place to start:
- Step 1 — Identify Your Art Organization’s Biggest Risks: It’s impossible to create a risk assessment process if each stakeholder in the organization has a different way of defining risk. Therefore, it’s essential to pull the team together to consider what sorts of things can negatively impact your organization from meeting your business goals. Some risks to consider might be operational risks, data breaches, or insurance risk.
- Step 2 — Figure Out Who Manages Specific Risks: While it would be great to have some great omnipotent leader who could do everything, it’s just not going to happen. Therefore, your team needs to figure out who should be responsible for monitoring and managing various risks. For example, you may have your chief technology officer handle data recovery and certain aspects of business interruption due to disasters.
- Step 3 — Identify the Ways to Reduce and Control Risks: In our line of business, reducing and controlling many risks will involve ArtTech and digital solutions such as a customer relationship management (CRM) platform. Someone will need to launch the platform, but once it’s set up, a CRM can automate complicated regulatory and financial procedures, decreasing human error.
- Step 4 — Assess the Impact of Runaway Risk: Not all risk is bad. And not all risks can be tackled at once. Again, circling back to the first step in this list, a business needs to identify their biggest risks, and then work on one at a time. How big a problem would it be if one of the risks were actually to happen? How much money would your art organization lose? Would your employees feel the impact? What about your client-collectors?
- Step 5 — Make Space to Discuss this Regularly: An annual doctor’s appointment isn’t to find problems, it’s to solve them before they occur. In the same vein, your business should set regular meetings to assess whether there have been big changes that warrant an updating of your risk assessment process. Sometimes, these risks can be obvious. COVID-19, for example, side-swiped the entire art industry, forcing businesses to quickly digitize their operations if they were to stay afloat.
Has your organization worked through all five steps? If not, it’s OK to take a step back and start the entire process over again. You can’t be too careful, and mitigating risk now means less of a headache later.
The Technology to Rule them All
A risk assessment process is no small thing. Even though various members of your team will take ownership of identifying and mitigating certain risks, you can make everybody’s job easier by letting ArtTech tools manage and automate the most tedious tasks. Why send invoices to collectors if you don’t have to? And why wade through dense regulatory paperwork if a platform can help you follow “Know Your Customer” policies? Technology can do these things, and more, depending on the risks your organization has identified.