The most basic principle of 'risk' is its futurity. There is a likelihood that things may not turn out as expected if we leave them to chance. The motivation for managing risks therefore is to avoid future snags.
Then one would say, "How can we see the future?"
We certainly cannot see the future but we can gauge how things would pan out in general. For example, if we keep eating unhealthy food, we will become ill. If we work hard, we will stand a higher chance to succeed than not to work at all. This is some kind of consequentialism philosophy.
Risk management is not very different from quality control. If you don't do things correctly now, you will have higher reject rates later on. Then comes the next question - if we already have quality control, audit and compliance functions, why do we need risk management?
Risk management is built to aid leaders in steering their organizations. Instead of looking inward, risk management encourages you to look beyond organizational boundaries. It spurs you to look at external factors that may have an impact on your organization. For internal processes, you already have engineers, accountants and lawyers to look after them. Then you have auditors to check on them for more assurance. Your operational processes would already be quite thorough naturally.
When you witnessed trade wars and face commodity boycotts by leading economies, you know they have affected you in one way or another. When a new government takes over and policies changed, your businesses are affected. When systemic corruptions were exposed, parties become cautious in dealing with each other. If you had mitigation plans prepared in anticipation of these situations, your losses could be lessened.
There are also less striking impacts like interest rates and commodity price fluctuations. And we find them having a direct or at least an indirect impact on us. We are confronted with a wide range of external factors that we have no manpower nor expertise to manage them.
Hence, having a special or dedicated team equipped with risk management tools can provide you with the information you need. Risk managers identify and monitor how your risk events unfold on daily basis. They advice you on time and method to tackle risks. They deep-dive into areas that require immediate attention to ring-fence your leadership. Otherwise you may incur unnecessary costs or make wasteful decisions. Risk management helps you justify your decisions to the Board.
With risk management function in place, you can measure if your past decisions were correct. As events unfold and manifest, they provide comparison between actual occurrence and guesstimates. Information from current events help calibrate your notion of risks. That way, you can update your probability scores and improve your 'prediction' models.
Every organization is unique. The same external factors may impact different organizations in different ways. The way your organization manages its risks is also unique. If you are successful because of the way you manage risk, then risk management has become part of your business know-how.
Hence, risk management is part of an organization's intellectual assets.