2. Copyright and disclaimer This slide deck was presented at the IRM Forum at Warwick University on 22 and 23 September 2009. The slides include material drawn from a report prepared for the OECD, a copy of which can be found on the OECD website, and also at http://randerson-assocs.co.uk/oecd.aspx. Except where references show otherwise, other material is proprietary to Richard Anderson & Associates and should not be used without prior written consent. Nobody should take any action on the basis of these slides without taking appropriate advice beforehand. No liability will be accepted in the event that anyone takes action without such advice from Richard Anderson & Associates. These slides are copyright protected and nobody is authorised to reproduce these slides without first seeking written approval from Richard Anderson & Associates.
5. One year on from Lehman Obama urges banks to accept new sense of responsibility Gordon Brown 'apalled' [sic] at continued City bonus culture Source: Telegraph.co.uk, 15 September2009 A year after Lehman Brothers collapsed, a think tank has warned the lessons of the crisis have not been learned. The Institute for Public Policy Research (IPPR) says the rapid return to the City's bonus culture shows that real reform has been "very limited". Source: Guardian.co.uk 14 September 2009 Archbishop condemns bank excesses Source: BBC.co.uk 14 September 2009 The Archbishop of Canterbury has told the BBC he fears financiers feel no "repentance" for the excesses which led to the economic collapse. Source: BBC.co.uk 14 September 2009
12. The supposed benefits of CG “Good corporate governance should contribute to better company performance... If it is ignored, the consequence may well be vulnerability or poor performance. Good governance ... Can deliver shareholder value over the long term.” Source: FRC Combined Code, June 2008 “The presence of an effective corporate governance system ... Helps to provide for the proper functioning of a market economy. As a result, the cost of capital is lower and firms are encouraged to use resources more efficiently, thereby underpinning growth.” Source: OECD Principles of Corporate Governance, 2004 “Had a code such as ours been in existence in the past, we believe that a number of the recent examples of unexpected company failures and cases of fraud would have received attention earlier.” Source: The Committee on the Financial Aspects of Corporate Governance, known as The Cadbury Report, 1992
13. My reading... Corporate Governance has been sorely tested – and found wanting: Almost voluntary Fierce investor pressures to do things not in best interests of organisation NXD oversight stretched External audit all but bust Internal audit struggling Regulators, financial analysts and rating agencies poor source of assurance Which leaves reliance on internal RM, the Co Sec and internal management
14. Part 3 – How do we fix it? “But what I want to emphasize is this: normalcy cannot lead to complacency.” Source: President Barack Obama in a speech to Wall Street, 15 September 2009
15. Five themes Balanced riskmanagement Ethics programmes Maturing risk management Risk management and assurance framework Organisation
16.
17. And doing the right amount of each High Zone 2 Performance Zone Zone 3 Dead Zone Zone 1 Dead Zone Long Term Performance Low Low High (i) Managed Risk Taking or (ii) Avoiding Pitfalls or (iii) Performance Culture or(iv) Corporate Ethics and Behaviours Attribute:
18. Balanced risk Performance Culture Dead Zones Performance Zone More Managed Risk Avoiding Pitfalls Corporate Ethics
19. Enron? Or the Big Banks? Performance Culture Dead Zones Performance Zone More Managed Risk Avoiding Pitfalls Corporate Ethics
20. UK plc? Performance Culture Dead Zones Performance Zone More Managed Risk Avoiding Pitfalls Corporate Ethics
21. The objective Performance Culture Dead Zones Performance Zone More Managed Risk Avoiding Pitfalls Corporate Ethics
22. The evidence from ethics surveys 5% of employees use hotlines in any given year. Of those, 1% are reporting a problem and 4% are seeking guidance. Two surveys show some conflicting evidence: 74% of employees witnessed wrongdoing at work in previous twelve months. 56% of employees personally observed conduct that violated company ethics standards, policy, or the law. The reasons given by employees for not reporting misconduct they witnessed at work were Futility of reporting—nothing would change – 54%; and Fear of retaliation – 36%. Source: KPMG’s Integrity Survey 2008-09 Source: Ethics Resource Center’s National Business Ethics Survey (2007) Source: ERC, National Business Ethics Survey p.6, 2007
23. The evidence from ethics surveys But they didn’t put forward recommendations for improvements either. For the same reasons. How can you re-engage your staff? The “DANGEROUS SILENCE”
25. Failure to mature in the direction indicated will result in: Operational freedom will be circumscribed, and major costs will be imposed High exposures to major regulatory risks that will be a permanent feature of such organisations From 3 to 1 From 4 to 2 Living at the whim of the regulatory network, with no control over your own destiny. Easy to lose your reputation (move to box 3) 1 – Masters of their own destinies Excellent compliance reputation 2 – Living on the edge From 2 to 1 There is little sympathy for repeat offenders in the regulatory network. Don’t expect any leniency for a second offence 4 – Living on borrowed time 3 – Has to follow others’ rules Poor or indifferent compliance reputation From 4 to 3 Little Attention from Management and the Board Major Focus from Management and the Board The power of ethical behaviours
26. Five dimensions of maturity Attitudinal Process Disaster prone Corporate ethics and behaviours Behaviours under pressure
27. What you might look at Individuals: Fast Clockspeed Risk Management Risk Management Maturity Ethics and compliance Process Maturity
28. What you might look at Corporately: Heuristics, Churn, Complexity, Automaticity Training, tone from the top etc Linkages to objectives and clarity of purpose Tools at fingertips
29. Disaster-prone companies Blame Culture Bad Comms Tight Coupling Top Indicators of a Disaster-Prone Organisation Internally focussed Involuntary Automaticity Poor Information Time Poorly Defined Goals Over Confidence Complexity
30. The risk intelligent organisation Risk management is about bringing a perspective to the management of complicated issues in complex organisations. It is about the management (and not the avoidance) of risk. It helps to prioritise your work and that of others in a fast moving context with an approach that is better than simple intuition and which facilitates communication between people. It is a style of thought, and is definitely not a paperchase.
31. An assurance framework Balanced risk Ethics Risk management maturity Foundations for a Risk Management and Assurance Framework
32. And what does a RMAF need? A senior board level leader (leadership) CEO and NXD sponsorship (business context) Enterprise-wide buy-in (culture) Decent processes (process) Appropriate informational support (technology) Constant consciousness of Risk Management and Assurance performance (awareness) A Walker-style risk committee is of itself insufficient...
33. Conclusion Will this happen? Not without: Massive campaigns by subject matter experts; Enormous awareness campaigns; The development of a truly influential professional body Global buy-in
34. And a last word Risk management – a motto: The disruptive intelligence that pierces “perfect-place” arrogance
35. Corporate governance - stretched to breaking point? Richard Anderson 22 September 2009 W: http://randerson-assocs.co.uk E: rc.anderson@tiscali.co.uk M: 07703 503196