Managing Systemic Risks in Organizations

The gross turnover of top 100 multinationals is higher than the gross domestic product of a few countries. As it was obvious from the financial crises, organizations employing a few hundred thousand employees can rock the global financial stability. From then on, a lot of discussion is occurring around systemic risks. However, I wonder about the actual momentum in addressing systemic risks.

As per my understanding, an inaccurate perception has formed that governments have the major responsibility to address systemic risks and not the organizations. The picture below depicts the increasing level of risks for human civilization or society as a whole and the increasing level of risks within an organization. Though we do not see linear relationships, they are interconnected. While an organization is a subset of the civilization, their large sizes have also made it a significant component of creating systemic risks.

 

Systemic risks

 

Another fallacy is that organization’s need to track systemic risks at the global level alone. From the financial crises, it was obvious that the Retail Housing Loan departments of US Banks shook the real estate industry. Various CDOs of banks investment divisions were the cause of collapse of major banks. Hence, something as small as the functioning of a department, process or product can destabilize the industry and economy when incorrect practices are followed in multiple organizations.

Moreover, senior management of organizations that have implemented Enterprise Risk Management (ERM) believe that systemic risks are automatically addressed. None of the ERMs is going beyond strategic risks. The focus is mostly on operational and tactical risk coverage. Unless the risk management department has taken concrete measures to identify systemic risks, in all probability they are unmitigated.

Lastly, for most of the systemic risks, the organization by itself can only partly mitigate the risks. Except for taking insurance, they cannot develop and implement full-fledged solutions to treat the risks. Though the impact of systemic risks is huge, the lack of understanding, information and solutions, make organizations negligent about identifying and addressing these risks. Hence, the question is – what should organizations do to manage systemic risks?

1. Global Systemic Risk Monitoring Group

Within the risk management department there should be dedicated resources tracking systemic risks from process to country level and reporting to the global group. In the interconnected world, the risks in one country impact other countries. For instance, consider the attack on Malaysian airplane by rebels in Ukraine. A geo-political risk of one country has brought an organization of another country down. Hence, now the risks have to be viewed from a global perspective. To do this organizations must incorporate the group within the organization structure, deploy funds and resources, use technology to connect and track risks at a global level.

2.  Connecting With National Risk Boards

The 2014 World Bank Risk Report suggests formation of National Risk Boards (Same name, could they have got inspired by this blog :)). This will be a huge plus, since risk identification and mitigation will be done at a national level. For instance, if a large country like India were connected at district, state, and national level through risk boards, the level of risk management would improve significantly.

Moreover, this will facilitate in addressing inter-state risks and cross border risks. For example, cyber security threats mitigation requires coordination within the country and significant amount of international collaboration. The national risk boards of countries become the focal point for international cooperation and collaboration for risk mitigation. Developing relationships with the board members and participating in the initiatives will help organizations in dealing with systemic risks.

3.  Connecting With Industry Risk Boards

The systemic risk group needs to connect with the industry risk boards and regulators to capture the industry level risks. For instance, Back of England conducts a half-yearly survey to determine systemic risks in UK financial sector and the confidence of the organizations in dealing with it.

If organizations facilitate in formation and management of industry risk boards, they can cooperate with the competitors to mitigate industry level risks. Relationships with international industry boards would be a huge plus in acquiring knowledge and formulating plans.

4.  Assessing Preparation at National Level

The World Bank report states that investment in risk mitigation and prevention is low, and most of the expenditure is done during and after a disaster to recover and continue operations. Therefore, the challenge is that risk identification may not result in developing and implementing risk mitigation plans. For example, various cities in India regularly suffer from floods during monsoons. ALthough the government knows the problem and solutions, it has not done much to resolve the issue. There are ongoing battles between city, state, and national level for risk prioritization.

That is, the same risk may have different impact and loss level due to national level preparation. Organizations need to assess the level of preparation of government and local communities to determine the impact and develop risk mitigation plans accordingly.

5.  Assessing Impact at Social Level

Previously, organizations were insulated from the society to some extent. The social networks have changed the scenario, and any incident can become an explosive issue. Hence, impact has to be calculated at social level rather than at an incident level. For instance, recently a six-year-old girl in Bangalore was gang-raped in school by her teachers. Last weekend, parents in Bangalore organized marches to demonstrate their anger against the schools lackadaisical attitude towards children security. Police has lodged complaints against the school and politicians are talking about closing the school.

Presently, rape, women, and child security are sensitive topics in India. India is fourth unsafe country in the world for women. Hence, a single incident can close down an organization. Therefore, risk managers need to identify sensitive issues related to systemic risks and extrapolate the impact at city, state, country, and global level to determine impact of various risks.

Closing Thoughts

Systemic risks impact is sometimes more than losses of earthquakes, tsunamis and nuclear disasters, hence they cannot be ignored. Higher level of focus is required within organizations, industry, community, and nations to build processes, institutions, and infrastructure to identify and mitigate systemic risks. Timely investment in this area can save billions of dollars. Hence, risk managers need to put their thinking caps on, develop concept notes, and influence senior managers to deploy funds in managing systemic risks.

Humility – The Gandhian Way

gandhi king

Gone are the days of Gandhian simplicity and unpretentiousness. The rush for materialism and economic progress has robbed Indians of their humility. Arrogance and egoism has taken centre stage.

Now, household help count is a status symbol while Gandhi preached self-service. He weaved the clothes he wore, and currently wearing high-end fashion brands is a social necessity. Whether in personal life, interviews, or jobs, we present a flawless image as drilled by the personal branding consultants. Admitting to weaknesses is a no-no. Our leaders are picture perfect till their names become media headlines for some scandal. Where are we heading with this behavior?

Mahatama Gandhi’s two autobiographies “The Story of My Experiments with Truth” and “Satyagraha in South Africa” reveal the humility of the great man.

1.  Humility in Personal Life

“The Story of My Experiments with Truth” sounds more of a confession of wrong doings and mistakes from childhood to adult life. Gandhi ji admitted to smoking cigarettes, eating meat, acting like a sex-starved teenager with his wife and visiting brothels a couple of times. He basically did what all youngsters do in the name of adventure, rebellion and growing up. However, very few leaders take the trouble of writing them down to share it with their followers,  to enable the followers to learn from the leaders mistakes.

Nowadays, doing so at the peak of the political career is considered suicidal. Our society needs a reality check. It needs to accept that failures are a part of life, no one is perfect, not even our greatest leader. Alas, others look akin to a clown, a circus joker, a pathetic beggar, a disreputable character, a corrupt greedy man, a ruthless psychopath, a loose woman, a calculating witch, but prey why do we miss seeing all these in self.

2.  Obsession With Titles

A title is the ultimate hallmark of supremacy, be it Lord, King, CEO, President. If you have an exalted designation on your visiting card, all character flaws, deficiencies and short comings are wiped clean. People must bow down in front of you and you get the right to treat them inhumanely with disrespect. Contrast this with Gandhi ji’s attitude towards the title of Mahatma bestowed on him. He mocked and ridiculed it. In the introduction of the book  “The Story of My Experiments with Truth” he wrote -

“My experiments in the political field are now known, not only in India, but to a certain extent to the ‘civilized’ world. For me, they have not much value; and the title of Mahatma that they have won for me has, therefore, even less. Often the title has deeply pained me; and there is not a moment I can recall when it may be said to have tickled me.”

About his second visit to Kashi Vishanath Temple he indulged in some good-natured self-depreciating humor –

“Since then I have twice been to Kashi Vishvanath, but that has been after I had already been afflicted with the title of Mahatma, and experiences such as I have detailed above had become impossible. People eager to have my darshan would not permit me to have a darshan of the temple. The woes of Mahatmas are known to Mahatmas alone. Otherwise the dirt and the noise were the same as before.”

Ask the question “Who am I?” If the response is a designation or a degree, then there is confusion in identity.

3.  Grandiosity of Leaders

Everyone desires to be a leader as it makes them look grand in eyes of others. Aspiring leaders avoid contemplating whether they actually inspire their followers, work on improving the world and add value to the society. The aim is to get the perks and privileges of leaders without the responsibilities. Even the spiritual leaders, swamis and yogis, the embodiment of austerity and simple living, are sitting on golden thrones. During investigations or after death, shocked followers see the display of hoarded cash and jewellery.

The servant-leadership followed by Gandhi ji showed his true leadership mettle. In the book – Satyagraha in South Africa – he described himself as servant of the public. He wrote -

“A public meeting of the Indians was called in Durban. Some friends had warned me beforehand that I would be attacked at this meeting and that I should therefore not attend it at all or at least take steps for defending myself. But neither of the two courses was open to me. If a servant when called by his master fails to respond through fear, he forfeits his title to the name of servant. Nor does he deserve the name if he is afraid of the master’s punishment. Service of the public for service’s sake is like walking on the sword’s edge. If a servant is ready enough for praise he may not flee in the face of blame. I therefore presented myself at the meeting at the appointed time.”

Further on, he expounded servant leadership in the following words -

It has been my constant experience that much can be done if the servant actually serves and does not dictate to the people. If the servant puts in body-labour himself, others will follow in his wake. And such was my experience on the present occasion. My co-workers and I never hesitated to do sweeping, scavenging and similar work, with the result that others also took it up enthusiastically. In the absence of such sensible procedure it is no good issuing orders to others. All would assume leadership and dictate to others and there would be nothing done in the end. But where the leader himself becomes a servant, there are no rival claimants for leadership.”

These are fabulous examples of role,  accountability, and responsibility of leaders. Just a handful of leaders can be so humble and fill these shoes. Autobiographies of great leaders show that leadership is a long hazardous journey requiring great deal of personal sacrifice, hard work, and vision. It is incorrect to assume business titles automatically bestow leadership traits. Queen Marie Antoinette’s immature and inconsiderate statement – “If they don’t have bread, let them eat cake” – didn’t get her dedicated followers, it is Napoleon who is respected for leadership qualities. . Earn the honor of being a leader. Ask yourself – Why should others follow you?

Closing thoughts

Wishing all my readers, a very Happy Gandhi Jayanti.  As it is a holiday in India, let me end this on a humorous note.

A donkey twisted his leg, so the owner put him in a red Ferrari to take him to the vet. On the way, the owner stopped at a car wash. The car cleaners said – “Wow, what a body, such a dazzling color.” The donkey joyously brayed. The cleaners remarked – “Sounds fabulous”. After returning to the  farm, while walking on the mud path, the donkey was extremely disappointed and thought – “Why is no one appreciating me, as the car cleaners did?”

Political Strategy For Risk Management

A recent report published on Harvard Law School blog stated that in 81.2% of manufacturing and 73.6% of the non-financial sector companies have not appointed Chief Risk Officers (CRO). Interestingly, 83.3% of the financial services organizations have appointed a CRO with direct reporting to the CEO. This indicates, that unless mandatory, the risk managers do not have high visibility. Though their role is important in all sectors, they are unable to leverage themselves among the senior management. This issue is not new, and most complain at not getting a seat at the table.

 1.     Develop Political Skills

We need to look this issue from another lens. We need to develop a political strategy for the risk management department. Reason being, technical expertise on a subject takes one up only to the senior middle-management level. At senior management level organization politics dominates decision-making. Hence, risk managers need to develop political skills and astuteness to survive and thrive at that level.

However, the challenge is that though risk management job requires high political skills, very few work at developing them. According to an organizational study, ~ 65-80% employees avoid politics, ~15-25% indulge in negative politics and ~5-10% participate in positive politics.  Risk managers need to develop skills in positive politics to influence senior management.

The positive politics players have win-win, ethical, organization focus, enlightened self-interest, collaborative and best interests of the business mindset. Indulging in negative politics will be harmful as the group has  win-lose, non-ethical, upward focus, self-interest, competitive and personal gain mind-set. Viewing politics as dirty and avoiding it, isn’t an option. Politics prevails in organization DNA and one has to choose how to play it.

 2.     Implement a Political Strategy

Another aspect to look into is that risk managers have to influence the organization to build a risk culture. The concerns of the junior managers differ from those of middle managers and senior managers. Moreover, different business units have clashing interests and priorities. Stumbling from one person to the other and trying to influence them on a random basis will not benefit the organization or the department. Therefore, to influence each sub-group positively, risk management departments need a political strategy.

After developing the political strategy, risk managers need to implement and run with it consistently over time to reap success. It will involve getting supporters, appointing campaign managers, forming coalitions and doing some secret handshakes. Risk managers of course have to walk a fine line of maintaining independence and objectivity while implementing the political strategy.

 Closing Thoughts

Success in organizations depends on how well a person manages their own expectations by understanding the political game. Corporate world is a jungle. One cannot expect that people will make rational and logical decisions in the best interest of the organization. Risk managers will remain on the side lines unless they learn to trapeze the political web. The good news is one can learn political skills.

References:

  1. Risks in the Boardroom – Harvard Law School
  2. Investigations in Organizational Politics

iGate’s Failures in Risk Management

phaneeshiGate fired its CEO Phaneesh Murthy for sexual misconduct after Araceli Roiz; an American employee accused him of sexual harassment. As per media reports she has claimed that the relationship started soon after she joined the organization in 2010 and is pregnant with his child.

Mr Phaneesh Murthy has the dubious honor of facing two similar charges while working as a senior manager in Infosys in 2002. Reka Maximovitch and Jennifer Griffith had both received huge out of court settlements previously. Now he faces the similar charges from Araceli Roiz. Mr Murthy has acknowledged that he had sexual relationships with Ms Roiz. However, it was with her consent. He has alleged he is being defamed and this is an attempt at extortion.

With the limited information available in the media, one cannot comment on the details of the personal relationship.

However, this disaster teaches a few lessons. iGate could have prevented this reputation damage and legal risks if it would have taken a few timely steps.  iGate board and senior managers failed to take due care of the following risks.

1.     Pre-employment Background Screening

Mr Murthy has an excellent academic and professional achievement record. He was credited for taking Infosys turnover from $ 2 million to $ 700 million. However, when he was hired by iGate in 2003 he was in the news for all the wrong reasons. The sexual harassment cases were all over the media.

iGate needed a CEO who could deliver results. My guess is the board looked the other way or considered Mr Murthy’s infidelities small or insignificant. However, if a junior or middle manager had the same reputation, his career would have been over. No organization would have hired him.

Hence, when generally senior managers background screening is more stringent  than junior or middle managers, iGate board took the opposite stance.  It appears that the same yardstick isn’t being applied for background screening or it is being given lip service.

2.     Failure to Monitor & Control CEO Behavioural Risks

iGate board and senior managers chose to ignore the CEO behavior  As per media reports, the relationship was known to the staff. However, it appears no action was taken to guide or coach Mr Murthy.

Read these statements of Mr Murthy from prior interviews at the time of Patni takeover.

The National – “Everyone says that M&As are about ego. I’ve been a salesperson for 10 years. For every 100 doors that you knock on, 98 get shut in your face. That has knocked away most of my ego. I have two teenage boys who whip my butt in every game. They have gone from wanting to be on my team to not wanting to be on the loser’s team. Because of that, I have no ego left.”

Livemint – “Not at all. I am basically a conservative, middle-class south Indian Brahmin. As it is, we don’t like debt, and I am very uncomfortable with a $700 million (around Rs 3,180 crore) debt.”

Ms Araceli Roiz is 31 years old and Mr Phaneesh Murthy is 53 years old. In conservative South-Indian Brahmin families “divorce” is taboo. With two teen aged boys at home, he started an affair, if Mr Roiz version is true, when she was in her late twenties.

From a psychological perspective, it is a classic case of a talented man unable to deal with his own fallibility and mortality. Mr Murthy is a competitive man and the yearly success in his career may have made him feel invincible and powerful.  He is raised on Indian middle class values that look down on promiscuous behavior  He competes with his own children in games. He was heading an Indian IT organization where the average age of employees is 25-26 years. Does it look like he was suffering from mid-life crises?

The board members and other senior managers could have identified the emotional baggage he was carrying around and addressed the issue. The question arises, when the board knew about his weakness and character problem, was he provided any coaching or mentoring? Or did the board take the view, that as long as he is delivering the numbers, everything will be tolerated.

3.     Lack of attention to work culture

The board and management knew that Mr Murthy had a marked reputation in respect to female employees. Secondly, it appears that is relationship with Ms Roiz was an open secret. From his own words, it doesn’t seem that he took sexual harassment or company policies seriously. In the interview, he stated:

“It was a personal relationship. The company policy states that any two employees having a relationship have to inform the superiors. It is a small note in an employee handbook. I did inform the company about the relationship. Though it was a question of timing from my side as I disclosed this only a few weeks ago, only after the relationship was over.”

According to him, “it is a small note” in the company handbook.  He didn’t believe in walking the talk in personal ethics or corporate code of conduct. Hence, the question arises, what attention iGate paid to maintain the corporate culture.

With previous cases of sexual harassment against the CEO and an on-going affair, did iGate management ensure that the sexual harassment policies were implemented in spirit? If a woman, as per Roiz’s claim, was forced into a sexual relationship by the CEO, what effect did it have on other female employees and work culture? Did it not set the stage for the hostile work culture where women would feel insecure to report cases of sexual harassment? Let us say, another female employee was harassed by a male senior manager, what options does she have when she knows that the CEO is doing something similar? How seriously was sexually offensive behavior taken by the management?

 The organizations pay a heavy price in respect to sexually harassing culture. The direct costs are of course legal penalties and cases, however, the indirect costs are absenteeism, disengagement, high turnover and lower productivity. The iGate management appears to have ignored these aspects while hiring Mr Murthy and during his tenure.

4.     Ineffective Crises Management

iGate public relations team issued the statement – “The investigation, which is on-going, has reached the finding that Murthy’s failure to report this relationship violated iGATE’s policy, as well as Murthy’s employment contract. The investigation has not uncovered any violation of iGATE’s harassment policy.”

It gave information on the interim CEO and search for the new CEO, to rest fears of the investors.

This appears more of an attempt to limit legal risks. According to US laws the company is responsible for sexual misconduct by its employees. Subsequent to the above news, the company has not made any statement or explanation on what it did to prevent such incidents.

According to media reports, the Indian employees received an explanation from the senior managers on the incident and were instructed not to talk to people outside and within the organization. An instruction not to communicate with the media or put comments in social media is sound. However, not to communicate with fellow employees sounds like an attempt to silence. Can management stop the discussion outside office hours between the employees?

In such instances, various stakeholder expectations need to be addressed. It is a sensitive issue that gets the attention of public, bloggers, activists, women lobbies etc. Even the employees psychological stress levels increase and they need to be managed. However, from the information available in the media, there isn’t much effort being done to manage the crises.

Closing Thoughts

Sexual harassment cases cause huge reputation damage and legal risks. I am not sure whether after Mr Murthy’s previous cases, iGate got proper insurance coverage for directors and senior manager liabilities. Implementing sexual harassment policies and holding everyone to high standards of conduct is something organizations need to concentrate on. The issue was taken lightly previously, but now women workforce is increasing and so are the cases of harassment. Unless companies wish to have their name tarnished, they need to take the right steps.

References:

  1. Read more: http://www.thenational.ae/business/technology/rise-and-fall-and-rise-again-of-it-star-phaneesh-murthy#ixzz2UBKIGikk
  2. http://www.financialexpress.com/news/phaneesh-murthy-i-will-fight-sexual-harassment-charges-vigorously/1118857/1
  3. http://timesofindia.indiatimes.com/tech/careers/job-trends/Murthy-scandal-iGate-staff-gets-social-media-code/articleshow/20222185.cms

Risk Managers – Tone Down That Report!

This week three renowned figures – Angelina Jolie, Larry Page and Christine Quinn – disclosed their medical problems to the world. They discussed battle with breast cancer, paralysis of vocal cords, and struggles with bulimia and alcoholism. Jolie, a woman famous for her beauty bared her mastectomy details. They talked about fear of death and handicap, and frailty of human character. They risked high-profile careers by being candid. One word describes their actions – Courage.

However, the corporate world wants to hide behind lies and window dress their weaknesses. The corporate leaders sometimes threaten risk managers and auditors to tone down their reports. The messengers of bad news get shot. Risk managers face bullying, retaliation and threat to their jobs for showing courage to speak the truth. If they refuse to bow down to pressure, the business teams label them as politically dumb or difficult to deal with. Question is – should risk managers tone down their reports to please the business teams?

I want to discuss a couple of scenarios here and you decide the course of action.

Scenario 1- Don’t report correct facts to avoid giving bad news

Let us say, you are a CXO of an organization. You have a heart problem and visit a doctor who is a good friend of yours.

The doctor realizes your heart condition is bad. You require a heart surgery for four bypasses. The doctor doesn’t want to deliver the bad news to you, because he doesn’t wish to hurt your feelings.

The doctor tells you  – “You just have too much stress. You need a vacation to relax and have some fun.” He prescribes you some vitamins and discharges you.

You follow your doctor’s advice, take a vacation. You swim and jog for a couple of days and have a heart attack. You arrive at the hospital with a survival chance of 5%.

Did the doctor do the right thing by not telling you the truth?

Scenario 2 : Don’t report correctly to protect a friend

A civil engineer responsible for doing quality and inspection checks of a bridge notices that sub-standard quality of material is used. There is a high risk of bridge collapsing. However, he issues a clean report to his seniors because the engineer-in-charge of the bridge is a friend of his.

An organisation’s senior managers drive daily across the bridge to reach their office. One day all of them are on the bridge and it collapses. All die.

Would the families of the senior managers be happy with the quality control engineer’s for not disclosing the risks?

My guess is most of the corporate readers would have answered no. You would have preferred the truth when it is a question of your own life being at risk.

Corporate Scenario

So why don’t corporate citizens hesitate when they put other people’s life at risk. See the Bangladesh factory fire, Japan’s nuclear disaster or US banks home foreclosure and mortgage mess. Employees, customers and public lives or life savings were put at risk.

Wouldn’t a few honest risk management reports helped in fixing the problem in time to prevent the disasters?

The corporate world maintains double standards on reporting risks. They want full disclosure of the risks to them but not to others. Before setting these expectations, corporate citizens should answer these questions:

1) Isn’t it a risk manager’s job to identify the health problems of the organization, prescribe a cure, suggest amputation where required and nurse the organization back to health?

2) Is it right to compromise professional ethics and code of conduct to keep a few people happy?

3) Aren’t risk managers responsible for calculating the direct and indirect cost to others for non-disclosure of risks?

4) Shouldn’t risk managers hold their ground and stick to their independent advise as you will benefit from it in the long-run?

Closing Thoughts

Moral courage is one of the most difficult qualities to acquire. Larry Page, as CEO of Google fulfilled his responsibility to the investors by publicly disclosing his medical problems. Now the investors can make an informed decision. One has to admire Page for taking such a difficult call. It takes guts. Disclosing personal weakness makes one feel vulnerable, exposed and fallible. He has shown the path for corporate leaders to follow.

Justin Bieber’s Lesson For Risk Managers

Surfing through Twitter one gets deep insight of human behavior. I am sharing a couple of tweets that got me thinking on our (risk managers) approach. The hat tip goes to Justin Bieber and Mark Robinson for the post.

 1. Get a tribe

 Justin Bieber tweeted the message below and it got 119,562 retweets and 62,959 favorites at the last count.

“Live life full”

— Justin Bieber (@justinbieber) May 10, 2013

Now you might say, what is so original in this message. Nothing remarkable, except that Bieber has 39,087,920 followers.

The message for risk managers is that if we want business team to listen to us, then we need to get a tribe of followers. Sitting in a corner or a cabin, writing reports isn’t going to help us. We need to be on the floor  interacting with the business teams daily.

2. Connect with a popular leader

Then Mark Robinson tweeted this message:

“Justin Bieber got 100,000 retweets for tweeting “Live life full”. That’s just 3 random words. I’m going to try now.

Nipple squirrel ham”

— Mark Robinson (@robboma3) May 11, 2013

The message was retweeted 26,972 times and favorited 4379 times. Mark has 23,694 followers. While Bieber’s message was tweeted by just 0.3% of his followers, Mark’s message was tweeted more than the number of his followers. Isn’t that fascinating.

This is a trick which risk managers need to learn. Even the most mundane message of a popular leader will be followed more ardently than their sanest advise. People don’t follow bosses, they follow leaders whom they like. Hence, risk managers need to identify the popular figures in office, ask them to give their message or link up their own version to the popular person’s message. Risk management advise is going to spread faster then, rather than with all the technical stuff.

I am dedicating Justin’s song to all of you. We need to believe it too – “I got that power”.

Leadership of Dead Bodies, Stones and Flowers

leadership imprint1

In April, two Air India pilots handed over the controls in auto-pilot mode to two female cabin attendants to take a short nap. They decided that their sleep was more important at 33,000 feet while flying the 160-passenger flight from Bangkok to Delhi. They returned to the cockpit after 40 minutes when one of the cabin attendants accidently knocked off the auto-pilot mode.

The angry Twitterate asked for pilot’s license suspension, removal from job and legal charges for culpable homicide. Everyone questioned their work ethics and shock at their irresponsible behavior. Air India investigated the incident, suspended the pilots and sated that passengers’ safety was never compromised. Unbelievable, how can passengers be safe without any pilots at the helm?

1.     Double Standards in Evaluating Corporate Leaders

 The pilots were crucified for risking the lives of passengers. However, surprisingly the pilots of the corporate world do not suffer the same fate. The wizards and titans of the banking industry crash landed the world economy, but they didn’t lose their CXO seats.

Look from another lens. Did any senior in Supplier Company or the multinationals lose their job in the Bangladesh factory fire? In Foxconn, the Apple contractor, 11 employees committed suicide, four died in an accident and one collapsed after continuously working for 36 hours. However, Steve Jobs was rated as the second most popular leader by the CEOs in a survey conducted by Price Waterhouse Coopers. The first and third were Winston Churchill and Mahatma Gandhi respectively.

Now this is going to rattle my readers but let me say it. Steve Jobs was a great inventor, designer, strategist and marketer. However, when it came to people, his employees considered him rude and manipulative, and his competitors found him uncivil. Though Apple achieved great heights, he paid low salaries to the employees in the Apple stores, paid no dividends to the shareholders, pushed down suppliers to manufacture at lowest possible rate and didn’t believe in charity or corporate social responsibility. His behavior and actions weren’t people centric or humanity oriented. So my question is – do we consider him a great leader because he managed to put Apple on top? That makes him a great CEO, not necessarily a great leader.

2.     Misconceptions of Leadership

 The problem arises due to the definition of leadership. Read the dictionary meaning:

Leadership is “organizing a group of people to achieve a common goal”.

- We don’t focus on how the group of people were gathered; by inspiring them or arm-twisting them.

-  We don’t focus on the nobility of the goal; was it to exploit others or liberate them.

-  We don’t focus on the method adopted to achieve the goal; was it by breaking the rules or a journey of virtue.

In the present world we see leaders leaving dead bodies in their path, walking over people as if they were stones and sucking the life out of them. Great leaders create leaders not followers, they make others blossom like flowers.

Be it a corporate leader or political leader, we don’t wish to question the leadership methods. Our thinking is, how it matters to us, we have nothing to lose. We have everything to lose, and Martin-Niemöller-Foundation words at Hitler’s time still resonate:  

“First they came for the communists,
and I didn’t speak out because I wasn’t a communist.

Then they came for the socialists,
and I didn’t speak out because I wasn’t a socialist.

Then they came for the trade unionists,
and I didn’t speak out because I wasn’t a trade unionist.

Then they came for me,
and there was no one left to speak for me.”

Our own silence will kill us and the society we live in. When humanity is at stake, can we close our eyes and say nothing is at stake.

3.     Leadership Training

The Institute of Strategic Change reported that – “the stock price of ‘well-led‘ companies grew by over 900% over 10 years, compared with 74% for poorly led companies”. Warren Bennis in 1998 said – “The Truth is that no one factor makes a company admirable. But if you were forced to pick the one that makes the most difference, you’d pick leadership.” However, how many companies train on leadership or do a performance evaluation on leadership qualities?

Quite a few would be saying we do it. So let me clarify. In organizations bosses tell the juniors what to do and how to do it. They give rave reviews to the employee who completes the task as they had stated. They promote that employee and now he becomes a boss. At best, he will be a good manager, not a leader.

Corporate world determines success rate by title and salary.  Neither guarantees leadership skills. Employees aim to become a boss, not a leader. The terms are not synonyms.

According to Malcolm Gladwell,  all outliers practiced their talent for over 10,000 hours to achieve greatness.  In the corporate world, how many hours are dedicated by each employee to learn leadership? Learning leadership is a by-product of the main job, till CEO level. Then isn’t it surprising that we do not have many great leaders in the corporate world.

 Closing Thoughts

Maximum damage in the world was caused by people who got powerful positions without good leadership qualities, be it Hitler, Jeff Skilling, Bernie Madoff or Lance Armstrong. The biggest risks in the corporate world are leadership risks. It is the leaders who make the decisions, so unless we have a system of putting the right people in leadership positions we will continue to have these disasters. Hence, our job is to develop good leaders, select good leaders and continuously monitor the leaders.

 Wishing my readers a Happy Mother’s Day. Being parents is the toughest job in the world,. They are responsible for raising the next generation of leaders.

References:

  1. Air India Pilots Story  
  2. Deaths in Foxconn
  3. Price Waterhouse Coopers report on best leaders

 

Risk Management Version 3.0

RM tiger

The business world is changing so rapidly that companies are either not willing to publish growth predictions or they are getting it wrong. In this new world trends can’t be analysed from historical data. The best business analytic teams fail because the new business models have totally different risks. Moreover, now the risks are interconnected and can’t be addressed separately. An operations risk may have a huge impact on financial risks.  The old compasses are useless and most are walking on uncharted territory.

This is the ideal time for risk managers to shed their old avatars and  become new super heroes of business. First they have to get out of their comfort zone of addressing internal risks that are preventable. The compliance and control based approach leaves over 60% of the risks un-addressed. If we consider that Risk Management version 1.0, we need to rapidly move to Risk Management version 3.0.

So what does version 3.0 look like?

1. Focus on Strategic Risk Management

I consider Enterprise Risk Management frameworks approach as Risk Management version 2.0. Though they covered strategic risks the focus was on finance, processes and technology. Hence, in reality it has become a bottom-up approach though the initial purpose was to make it top down. Risk managers are still not involved at strategic level and it is the Chief Strategy Officers who are analyzing strategic risks.

My guess estimate is that we depute less than 10% of resources to strategic risk management. We need to put in processes and resources where approximately 25% of efforts are focused on strategic risk management. Strategy failure probability has increased in present business environment.  For managing strategic risks reduce  probability of occurrence of assumed risks and effectively manage them if they occur.

2. Focus on Human Behavioral Risks

Industrial age focused on mechanization and streamlining of processes. Products were produced on the assumption that human behavior can be straight jacketed. In the age of technology and social media, this assumption has proved false.  Social media and data analysis allows behavioral analysis of each individual.

Secondly, the bigger challenge the world is facing is of changing demographics. In the last few decades, the average age has changed from 60 years to 75-80 years. The older generation lives longer and works longer. The Gen Y is entering the workforce with different expectations. Women have not only broken ground in the corporate world, but have become main decision makers for household purchases. Emerging market customers and employees have different behavior patterns.  The leadership skill sets have changed drastically. Participative and consultative cultures are more successful now.

Therefore, whether an organization wishes to fight  war of talent or entice customers, understanding human behavior has become crucial. Each segment of employee, customer and other stakeholders present different risks which an organization needs to manage successfully. Without addressing these risks at strategic and operational level, an organization is unlikely to succeed.  Risk managers traditionally haven’t focused on people, leadership or culture risks. In this century they need to.

3. Integrate Risk Management Knowledge & Resources

The traditional approach of having different experts of financial, operational and other risks in separate departments and addressing each risk in a linear manner is redundant. Moreover, now businesses are significantly exposed to external risks, which was not the case before. The Vodafone and Nokia tax cases are prime examples of risks occurring due to change in government stance.

Risk Management version 3.0 requires integrated risk management where risk managers with diverse skills can assess inter-related risks – internal and external. Secondly, risk managers have to be available within the business and as a separate department. The risk managers operating as part of the business unit need to identify the business risks and update the risk management department. The department needs to devise holistic solutions.

The risk management tools, technology, processes and resources all need to restructured to operate in an integrated manner at all levels.

Closing Thoughts

I suspect, group think is prevailing among risk managers. No one wishes to be a bull in a china shop and say – “hey this isn’t working.” It is ironic that risk managers are not doing adequate risk management of their own role and function. Old habits die hard and getting out of the comfort zone is scary, but I think we need to do it. Else, business failures are going to increase at a high rate. In the current economic environment, we can’t afford those losses. Think about it and share your views.

Wishing all my readers a very Happy Holi.

Barclays War on Culture Change

Barclays is again in the limelight due to a damaging report on the deviant culture existing in the Investment division. After LIBOR rate fixing scandal and quick departures of senior managers, trouble is again brewing in Barclays. The COO of Investment banking division, Andrew Tinney quit when it was discovered that he shredded the only copy of a report that clearly stated the bullying culture of the organization. Then the new CEO, Anthony Jenkins discovered when an internal whistle blower mentioned it to him. He sent out a message to staff on culture change. Here are some insights into the story.

1. The Damaging Report on Dysfunctional Culture

Daily Mail story states that the report prepared by Genesis Ventures - “paints a devastating picture of incompetence and arrogance at the bank, showing that executives:

  • Pursued a ‘revenue at all costs’ strategy.
  • Fostered a culture of fear and intimidation.
  • Were ‘actively hostile’ to the idea of compliance with banking rules.
  • Presided over a ‘broken culture’ where problems were ignored or buried.
  • Allowed the business to spin ‘out of control.”

The senior management intentionally understaffed support functions, was hostile to compliance and attacked those who spoke contrary to senior management views. A senior manager threw the risk management report publically saying – “this is a piece of s***” showing utter contempt and disregard for the same.

The summarization of the report states – ‘The senior team portray themselves as all-powerful and all-knowing… and people chose to disagree with them at their own peril. It is a mentality of superiority which, when combined with other deficiencies, stops the team from tackling their blind spots. When those deficiencies are in compliance, this results in serious issues that no one else has the power to address.

The bank’s culture has become completely deviant, and it will be a long road ahead for significant change to occur. The problem is that this issue is prevailing in other banks also. They depict the same culture and attitude. Unless we understand why it is occurring and senior managers take sincere steps, nothing positive will happen.

 2. The Psychological Explanation

Western banks are known for their arrogant and aggressive culture. Some view arrogance as a positive trait and humility as a negative trait, while the opposite is true. Stanley Silverman developed Workplace Arrogance Scale to measure arrogance level in the organizations. He stated the arrogant people demean others to prove superiority and competence. However, as per his results arrogant people showed lower intelligence and self-esteem in comparison to their peers. He identified four red flags to identify arrogant behaviour:

  • Does your boss put his/her personal agenda ahead of the organization’s agenda?
  • Does the boss discredit others’ ideas during meetings and often make them look bad?
  • Does your boss reject constructive feedback?
  • Does the boss exaggerate his/her superiority and make others feel inferior?

If you link back to the damaging report, the senior management at Barclays showed these traits in abundance. Even during the financial crises, the bankers didn’t feel apologetic and showed no humility. Now, being in such senior positions one cannot say they lack intelligence, however, questioning their self-esteem is definitely a valid path.

In another psychological study conducted by Angela Y. Lee, a professor of marketing at the Kellogg School of Management, it was determined that people with low self-esteem defend the brands more when their favourite brands are attacked. This explains why bankers refused to change and continued their behaviour when under attack during the financial crises.

3. The CEO Message for Culture Change

Deal Book reported that Anthony Jenkins, the CEO of Barclays sent a mail out to the staff with a clear message – “change or leave”. He categorically stated the values – Respect, Integrity, Service, Excellence and Stewardship – to be adopted by Barclays employees. He further added that those who do not change their behavior are free to leave. His words were – “My message to those people is simple: Barclays is not the place for you. The rules have changed. You won’t feel comfortable at Barclays and, to be frank, we won’t feel comfortable with you as colleagues.

He highlighted that in the last two decades financial institutions pursued profits and compromised integrity and reputation of the organization. He said there is no choice between values and profits. Employees must pursue profits while maintaining values. Evaluation of ethical behaviour will be incorporated in performance appraisal process.

That is a very strong message from the CEO of the organization to transform the culture of the organization. Two questions in everyone’s minds are – will they succeed and how long will it take.

Closing thoughts

Bill Gates had famously said – “The world won’t care about your self-esteem. The world will expect you to accomplish something BEFORE you feel good about yourself.” Maybe organizations should care about the self-esteem of their employees and their senior management team. Studies have shown that people with higher self-esteem show more ethical behaviour and are less likely to get involved in wrongful acts. The present trend of pursuing material gains at the expense of personal values destroys self-esteem in the long run. Bankers have shown extreme tendencies to flaunt expensive toys to feel good and build a superior image. In all probability, they are caught in a catch-22 situation at a psychological level. It might not be possible to change the culture without addressing the core issues faced by the staff.

References:

  1. Exposed: The regime of fear inside Barclays – and how the boss lied and shredded the evidence
  2. Identifying the arrogant boss
  3. Leave My Brand Alone – Kellogg School of Management
  4. New Barclays Chief Tells Staff to Accept Changes or Leave

 

 

Risk Management Lessons Learnt in 2012

For risk managers 2012 was an eventful year. The frequency of ethical breaches, regulatory failures, operational disasters and natural calamities ensured that risk managers have their hands full and are not going to run out of work in 2013. In effect, risk management function is at a strategic inflection point and is facing disruption risks. Globalization, rapidly changing technology, economic recession in Europe, political turmoil in Middle East, growth of emerging markets and global warming has changed the risk landscape. Throw out of the window the old stance of managing risks by implementing controls and focusing just on financial processes and operational risks. The 21st century demands risk managers to focus on strategic, cultural, leadership and human resource risks. This is a bold statement to make, so here are my reasons for making the same. Do you think I am on the right track?

1.      Banking Sector Culture Needs Overhauling

Though I have not done a tally of regulatory fines paid by banks during the year, the numbers are awesome. It the status quo remains the same, paying billion dollar fines will soon become fashionable. The way bankers are behaving, if culture does not change, they will start a competition on who pays the biggest fine and gets away with it. It is clear that bankers gave a lot of lip service of changing to the public after the financial crises. Nothing much changed and they remained complacent with their ability to escape any personal loss due to reckless behaviour. Even with fines, it is investor loss with hardly any personal responsibility. 2013 will determine whether bankers can do the right thing for the right reasons in the right way.

2.      No One is Too Big to Go to Jail

2012 showed that breaking the law isn’t an option for top guns. Big names, for instance, Rajat Gupta and Rebecca Brooks realized the arms of law are long enough to reach them. The psychology that it only is a crime if one gets caught needs to change. A connection even with the Prime Minister doesn’t insulate a person from being held legally accountable.

The downside of capitalism is that business ethics are put on a back burner in pursuit of profitability. 2013 will see the trend of businesses focusing on building ethical cultures.

3.  Senior Management Fails At A Higher Rate

Throughout the year, one heard senior managers being fired for poor performance, regulatory breaches, criminal acts or inability to keep their pants zipped. Tragic but true, that senior managers are failing to walk the talk and assume leadership is about playing power games. They ignore everything in pursuit of a bigger pay packet. It isn’t that leaders didn’t fail previously, but now they make headlines at global level.

Additionally, social media and increasing percentage of women in the workforce has made old management and leadership styles redundant. Flatter organization structures are replacinghierarchical styles. Collaboration is in focus rather than competition. Boomers are leading most organizations, and their style of leadership is passé. Hence, in 2013 we are going to witness higher leadership failures unless organizations start managing leadership risks.

 4. Regulators Take A Tougher Stance

Worldwide regulators have changed their stance. Be it Comptroller and Auditor General of India, Department of Justice of USA or Financial Services Authority of UK, regulators are beating the drums for better compliance. From asking the biggest names in banking to give explanations to holding government accountable for incorrect decisions, they are leaving nothing out of the ambit. They are leading the path for risk managers to follow. In 2013, we are going to see a spate of disclosures from regulators.

Closing Thoughts

Whether we see the banking failure reports, or other aspects of business, risk managers knew and understood the risks. However, they decided to play it safe and not bell the cat. Challenging and confronting business leaders at the expense of ruining ones career can be a tough decision. One avoids the decision, especially when, the lines of accountability state that final responsibility of managing risks lies with the business leaders. However, in the times ahead risk managers won’t have this luxury. They will have to stick their neck out to ensure organization stays legally compliant and manages risks optimally.  I don’t know whether this makes risk managers happy. In my view, in 2013 we should take it up as a challenge and change the dynamics of the risk management function.

Wish you and your loved ones a very Happy New Year.