The tumbril collecting wrongdoers for transport to the guillotine looks like being very busy as the Royal Commission into banking rolls on in Australia. So far we’ve heard about deceiving regulators, charging fees to dead customers, interfering with “independent reports”, covering up bad conduct by financial advisers and so on.
The shock is how high up the corporate tree these unethical and dangerously risky behaviours go, especially when the importance of ensuring a positive risk culture is impressed constantly on senior leaders and boards by regulators, rating agencies, corporate governance requirements and standards e.g. ISO 31000.
But it’s not just Australian banks having their poor risk cultures exposed. Here are just a few of the many other organisations whose risk culture has been shown to have been a danger to the organisation and its stakeholders – BP Deepwater Horizon, Wells Fargo, Volkswagen, Kobe Steel. The problem crosses industries and countries.
Because it’s intangible culture is hard to grasp. A practical way to build a positive risk culture is to
- identify and reinforce behaviours that support the risk management framework and
- communicate and enforce consequences for behaviours that undermine the risk management framework
Leaders from the board down must be seen to live the required behaviours in everything they do, not just talk about how staff should behave.
A simple starting point for leaders to think about when they are making a decision is the Code of Conduct which the Vodafone Group in the UK requires everyone to follow. Boiled down to essentials, it says “If you are ever unsure about what to do you should ask yourself:
- Is it legal?
- Does it feel right? Am I being fair and honest?
- Will my action stand the test of time?
- How will I feel about it afterwards?
- How would it look on the front page of the newspaper?
- Could I justify it to my family?”
Clearly this short test isn’t all that a positive Risk Culture consists of but it’s a good starting point when thinking about behaviours.
Had the boards and leaders of the banks and other organisations mentioned above applied this simple test they would have avoided a great deal of pain for themselves, their stakeholders and customers.
Please take a few seconds to share this because sharing ideas helps all of us to improve performance.
Take our FREE test to see how your organisation scores on Risk Culture, click here.
About the Authors
John P Dawson & Carmel McDonald are the co-owners of Dawson McDonald Consulting. They’ve been running Risk Culture Assessments since 2008 to help clients protect their organisations and build resilience. They can be reached at firstname.lastname@example.org
Check out their book with their insights into how to achieve high performance –
BUILD Your Business. Risk Managers will also find this helpful in communicating their message effectively