Why risk management matters more than ever for public entities

DAR ES SALAAM: AS global economies face increasing volatility driven by financial shocks, climate change, and accelerating digital disruption, risk management is shifting from a technical compliance requirement into a core function of governance and institutional survival.

For public institutions, the stakes are particularly high. Weak risk systems do not only expose balance sheets, they directly affect service delivery, public trust and national economic stability.

In Tanzania, this reality is especially pronounced. The Office of the Treasury Registrar (OTR), under Treasury Registrar Nehemiah Mchechu, manages 308 public entities and government minority investments valued at 92.3tri/-.

This makes it one of the most significant public investment oversight portfolios in the region.

Against this backdrop, risk management is no longer optional, it is strategic infrastructure.

Mr Mchechu said recently that OTR has begun rolling out structured frameworks to identify, assess and monitor financial, operational and strategic risks, supported by early-warning systems designed to improve institutional responsiveness and decision-making.

“OTR has introduced initial frameworks to identify and monitor financial, operational and strategic risks, and has developed early-warning mechanisms to support better decisionmaking,” he revealed.

However, significant challenges remain. The capacity to assess and mitigate complex investment risks is still limited, risk management practices are inconsistently applied across public sector corporations and predictive tools for anticipating emerging threats are not yet fully developed.

These gaps highlight a transition phase in which risk management systems are in place but not yet fully mature or uniformly embedded.

Within this context, several reform opportunities are emerging.

These include institutionalising enterprise-wide risk management systems, developing predictive analytics and scenario planning capabilities and strengthening staff capacity in advanced risk identification and mitigation techniques.

At the core of these reforms is the need to embed a proactive risk culture that integrates risk thinking into planning and investment decisions rather than treating it as a compliance requirement.

Global perspective

This evolution mirrors a broader international shift in public sector governance.

Internationally, Enterprise Risk Management (ERM) is increasingly being adopted as a strategic governance tool to enhance organisational performance, operational efficiency, and institutional resilience, particularly in government-owned enterprises and large public institutions.

Rather than functioning as a compliance mechanism, ERM is now viewed as an integrated system that links risk identification, decision-making and performance management to improve overall institutional effectiveness.

Studies and policy guidance from global institutions, including the World Bank, International Monetary Fund (IMF) and the Organisation for Economic Co-operation and Development (OECD), highlight that effective ERM supports early risk detection, better resource allocation and stronger accountability in complex public systems such as Government-Owned Enterprises and Government Linked Companies.

This approach reflects a broader shift from fragmented risk management practices toward integrated enterprise-wide systems that combine risk assessment, performance monitoring and operational control into a unified framework.

In this model, risk management is directly connected to institutional efficiency and service delivery outcomes rather than being treated as a standalone administrative function.

In this global shift, governments are moving away from siloed, department-based risk handling toward unified governance systems that link policy direction, investment decisions and operational continuity.

The approach being implemented by OTR aligns with this broader evolution, particularly in its focus on institutional coordination, predictive capacity and business continuity planning across public entities.

As part of this direction, OTR’s Risk Management Unit has intensified capacity building for public institutions.

The institution has launched specialised training on risk management and Business Continuity Planning, alongside the implementation of the GEMIS system for reporting risk management information across government entities.

The two-week programme held in Morogoro Region brought together 252 public institutions, including risk coordinators, risk champions and business continuity specialists.

The objective is to strengthen their capacity to design and implement strategies that ensure continuity of operations in the face of disruptions.

Ms Linah Igogo, Director of Investment at OTR, who is also responsible for the risk management docket, explained that structured training has been designed to ensure effective implementation across all participating institutions.

“Effective implementation of risk management requires structured training programmes that align institutions under a common framework of coordination, monitoring and accountability,” she stressed.

She further noted that the institutions have been divided into four groups to ensure focused delivery of training over threeday cycles.

“This approach ensures that each group receives targeted training that reflects its operational realities while strengthening consistency in risk management practices across the public sector,” emphasised Ms Igogo.

She added that the modern operating environment is increasingly characterised by a wide range of risks that can disrupt institutional operations and broader economic stability.

“Public institutions are operating in an environment where risks are increasingly interconnected, requiring stronger preparedness and coordinated response mechanisms,” explained Ms Igogo.

These risks include global conflicts, fire outbreaks, floods, and internet connectivity disruptions, all of which can interrupt the delivery of essential public services.

ALSO READ: OTR reviews public institutions’ plans to align with Vision 2050

She emphasised the importance of proactive preparedness to ensure continuity of service delivery even during disruptions.

Risk management expert and lecturer from the Institute of Accountancy Arusha (IAA), Ayubu Mswahili, said the training is particularly important at a time when institutions continue to face multiple shocks, including pandemics and emerging systemic risks.

He warned that institutions that fail to prepare in advance risk being unable to continue delivering services during crises.

“Effective business continuity planning enables institutions to maintain essential services during disruptions while gradually restoring normal operations.”

This approach, he noted, not only ensures service continuity but also strengthens public trust and enhances institutional reputation across operating environments.

From the perspective of practitioners, a Tanzania Commercial Bank (TCB) officer from the Cybersecurity and Business Continuity Management Unit, Maua Kibwana, said: “Strengthening continuity planning is essential for maintaining reliable financial services, especially during floods and other disasters that affect daily operations.”

Ultimately, the evolving risk landscape is forcing public institutions to rethink how they operate, plan and invest.

The direction being taken by OTR signals a broader institutional shift from reactive responses to proactive risk governance and from fragmented practices to integrated, enterprise-wide systems designed to safeguard public value in an increasingly uncertain world.