Auditors Criticise Without Value Addition

This is my 251 post and it feels good to have written so many. So I thought of dealing with a difficult and sensitive topic for auditors. The corporate world views auditors with jaundiced eyes and auditorville has a bad reputation. Scott Adams in his book “Thriving on Stupidity in the 21st Century” humorously described auditors in the following paragraph:

“Auditors get more respect and more bribes than accountants. That is because auditors are relatively more dangerous. Auditors are generally plucked from the ranks of accountants who had very bad childhood experiences. The accountants who don’t go on to become serial killers have a good chance of becoming successful auditors.”

The reputation comes from doing post mortems, writing long reports on deficiencies and criticizing the work of business teams. No one likes a critic and especially not those who do not do any value addition. So where are we going wrong?

1.  Criticizing Makes an Auditor Successful

The common perception is that more faults an auditor finds in an audit, the better is the quality of the audit. This is driven by the fact that some audit departments have a key performance indicator on number of observations. If there are no observations or weaknesses, the audit quality was not good. Let me mention an old story here.

A couple was riding a donkey to reach their village.

Two passer-by’s saw them and said – “Poor donkey, has to take the load of two humans.”

The husband heard the comment and got of the donkey. Further, two passer-bys saw them and said-“See, the wife is sitting comfortably on the donkey and the poor husband is walking on the road.” The wife got off the donkey and made her husband sit on it.

After a few kilometers  two spectators said – “See what the world is coming to, no chivalry. Man is riding the donkey and the poor woman is walking.” Now both husband and wife started walking along with the donkey.

Then another set of bystanders said – “See the idiots, both are walking and no one is riding the donkey”

The purpose of audit is to provide assurance on the process, not find faults with it. For instance, last year you conducted an audit of purchasing process and made ten observations. Will the audit of the same process be successful if you made 11 observations or nil observations? If auditee implemented previous year recommendations, then they should not re-appear. If without a change in process, you found new weaknesses, then it means the previous year audit was not done properly. Hence, criticism doesn’t make an audit a success or a failure. The quality of observations holds meaning.

2. My Way or Highway

The other presumption is that audit can be done without much of business knowledge. Just high-level understanding is required. This is really an incorrect view. I recall in my training period I was assigned an internal audit client that flew helicopters. When I was doing bank vouching, I had said to my colleague doing cash vouching  -“Wish we were auditing a car maker, at least I know the cost of a car tyre.” I was checking the appropriateness of expenses including repair and maintenance of helicopters when I hadn’t seen a helicopter from a five feet distance, let alone sit in one. Your guess is as good as mine on the quality of observations and value addition provided.

The big problem comes, when after doing an audit without business knowledge we refuse to listen to the business teams that the observations are irrelevant or incorrect. We don’t appreciate the different perspective of business teams and high-handedly push down our recommendations. Times of India mentioned a nice joke on this last Sunday.

Why did the chicken cross the road?

Plato: For the greater good.

Aristotle: To actualize its potential.

Darwin: It was the next logical step after coming down from the tree.

Neitzsche: Because if you gaze too long across the road, the road gazes back at you.

Buddha: If you ask this question, you deny your own chicken-nature.

Closing Thoughts

In the 21st century, auditors can’t hold a stick to beat the business teams all the time. The role has changed. With it the skill set and approach needs to be changed. If auditors are not able to give a better solution or process change, they should consider whether their criticism makes sense or not. Maybe, business needs to live with the control weaknesses, take the risks because the costs of plugging them are very high. The observation and recommendation should provide value addition, either in the form of assurance or improvement. Else, a lot of expenses are made to cater to auditors’ egoistical viewpoints rather than seeing business viability.

All criticism and feedback on the blog is welcome. Please share your views. A big thank you to my readers for reading my 250 posts.

Re-branding Risk Management and Audit Functions

There is an old joke on power of branding. When a man goes to a woman and says – “I am great in bed, how about it?”, it is sales. When an attractive woman goes over to a guy at a party and says – “Hi, I hear you’re great in bed, how about it?”, it is branding.  Seriously speaking, how many times have the business teams come over to the risk management or audit department and said – “You are great at this, we need your help and advice”. If the business teams aren’t approaching, then we have poor brand image. Our customers are in two minds whether they should involve us or not. Quite often the business teams think they are better off without us. So shouldn’t we be delving deeper to find out that why in the competition between various departments in an organization, we generally are at the bottom on the popularity chart?

1.     Auditors are Watchdogs

Seriously, why do we use this term? It negates the very premise of being of service to others. Think of it for a second. We say, men are dogs, women are bitches, and auditors are watchdogs. Does it connect to negative or positive emotions?

With it we wish to sell the image of trusted partners, advisers and mentors. When we use the word watchdog, do we think –as trustworthy as a dog?

Have you ever felt the urge to pet a strange German Shepard or a Doberman? We see a couple of them coming towards us, and the bravest of us feel a tinge of fear and anxiety. Why do we expect any person interacting with an auditor to feel any different then?  Doesn’t the term watchdog, makes auditing sound like a blood sport? Why get stuck with an age old expression?

2.     The Coolness Quotient

We associate with brands because of their coolness quotient. It feels good to be part of the tribe, now whether it is Facebook site, Intel machines, Apple iPhone or Harvard degree. We desire it because it makes us feel or look good. When does audit or risk management makes the customer feel or look good?

I came across David Brier (@davidbrier), a branding expert on Twitter. In his short book titled “The Lucky Brand Book”, I was stunned by the last point. It said – give a reason to celebrate the brand.

I questioned him – how does one celebrate risk management? He gave me two answers –

a)     “Choreographed spontaneity” – all the fun and with a safety net

b)     All the gain without the pain

Both these answers send out positive messages. It definitely shatters the mind-set that risk management applies to negative aspects of business. Why not give it a try?

3.     The Independence Clause

We profess to maintain independence, and to do so we state quite a few things are management responsibility. At one point we express a desire to sit on the board table; at another we disassociate ourselves from management. I understand the technicalities of requirement to maintain independence. The question is – are we using it to escape responsibility?

As part of an internal audit role we undertake to issue an audit report. In risk management we either assist or conduct a risk assessment. As risk managers we provide the second line of defense and as auditors the third line of defense.

Though we desire a more active role, we don’t wish to match the responsibility with it. For instance, we submit a report with recommendations, and leave the business teams to implement the solutions, as it not part of our job. Doesn’t that appear like sailing a person in  middle of a deep-sea and leaving them there, on their own? As giving a return ride back to the shore isn’t part of the deal.  Is it going to generate trust and respect to build healthy relationships? Next time round, are the business teams going to welcome us back?

Closing Thoughts

I definitely don’t have the answers to this one. Though it is clear, we need to re-brand. Maintaining the status quo isn’t helping us. At the logical level we are doing our job. At the sub-conscious level the business teams receive numerous negative messages, which dissuade them from emotionally connecting with the functions and its members. Risk managers and auditors need to figure out how to brand themselves externally and internally.

While you do so, listen to one of the everlasting brands – Elvis singing Suspicious Mind


The Lucky Brand Book by David Brier

Building Trust Between Auditors And Business Teams

As we know, management is about formal authority, whereas leadership comes from moral authority. Leaders derive moral authority when followers trust them. Hence, the crux of people management is building a relationship of trust.

Auditors and risk managers face some serious challenges in building trusting relationships with business teams. Frequently, when the business teams hear an internal auditor is coming to meet them, the reaction is – “Why is he coming? When will he go?” Auditors are unwelcome, as business teams view them suspiciously. The relationship is as healthy as that of a divorced couple sharing parenting responsibilities. Aha, we base marriages on trust and it reminds me of this one.

A man took this beautiful finance to his attorney to sign the pre-nuptial agreement. The attorney looked her over, smiled and asked the man – “Do you trust her?” The man replied – “With my life, but why bet my money on it”.

As is obvious, the trust levels are deteriorating in most relationships. However, auditors and risk managers cannot use that as an excuse.  Internal auditors enjoy very low confidence level with business teams. A recent PWC State of Internal Audit survey stated that just 45% of the respondents were comfortable with internal audit’s management of critical risks, though 74% had enterprise risk management in place. Another point to note was less than 50% believed that their internal audit function was well coordinated with risk management functions. The scenario is dismal; there are communication gaps with business teams and risk managers. The focus has to be on building better relationships.

Auditors must look at David Maister’s trust equation. According to him:

Trust = Credibility + Reliability+ Intimacy


Let us see how the four elements affect auditors’ relationships with business teams. More important is to determine a way to build trust-based relationships instead of transactional relationships.

1.  Credibility

 Establishing credibility is about meeting technical and emotional aspects. The technical knowledge of auditors and risk managers qualify them guide the business teams. If they lack relevant qualifications, experience and knowledge, the relationship of partner, mentor and advisor is doomed. However, all the knowledge and experience will fail if the business teams believe that auditors and risk managers do not walk the talk.  An auditor cannot pile on the free launches offered by business teams, and in the same breath talk about ethics. Here, to build trusting relationships, each auditor and risk manager in the team has to establish personal and professional credibility.

 2.   Reliability

People need to know where a person stands on various issues to develop a comfort level. They need to perceive the person as predictable, just, fair and ethical in his/her dealings. The business teams fear auditors and risk managers; a politically motivated report can build up a storm. The principle of issuing accurate, apolitical and balanced reports goes a long way in building a reliable reputation.  Without it, there is going to be a fight, us against them mentality with prevail between business teams and auditors. The win-lose situation created will result in  business teams viewing auditors and risk managers as the bad boss archetype.

3.   Intimacy

 This is about sharing confidences and deepest darkest secrets about the professional life.  This is not about personal life. An auditor and risk manager delve into the negative side of business – identify shortcomings and high-risk scenarios. Depending on the organization culture, these findings have an indirect impact on career development, promotions, compensation and hiring and firing of business teams.

Hence, business teams will stay silent and it is not enough for auditors to say – “I have an open door policy”. Ethan Burris in his research found that – “employees who speak up and challenge the status quo are viewed as less competent, less dedicated to the organization and more threatening compared to those who support the way things are. They are also rated as worse performers, and their ideas get less support.” No one is going to open up and identify the real risks and concerns, unless some level of intimacy is established. Hence, auditors and risk managers need to show emotional honesty to break down the barriers of communication.

 4.  Self-Orientation

 When people view a leader entering into relationships primarily to serve his/her own self-interest, then this denominator will wipe out the positives of the three elements in the numerator. The use and discard policy of transactional relationships causes engagement and commitment to plummet. In this case, as Burris says – “It can be scary to open up the lines of communication, because you don’t know what’s going to come out of it.” Thrusting relationships will not form when business teams perceive risk managers as serving their own agendas at their cost to win brownie points and laurels. They need to be transparent, altruistic and balanced in their approach.

 Closing Thoughts

 An auditor went to do a stock take of a weapons factory. The inventory manager hated the auditor. In the previous report, auditor had made many disparaging comments about the manager’s work. This time, the inventory manager in a pleasant voice said to the auditor –“Please don’t touch this, it is dynamite. The manager held the next bin and the manager said – “Oh that is just anthrax”.

Rather than face a similar situation, it is much better to follow Blaine Lee Pardoe’s advice – “When people honour each other, there is a trust established that leads to synergy, interdependence, and deep respect. Both parties make decisions and choices based on what is right, what is best, what is valued most highly.”


  1.  PWC- State of Internal Audit Survey
  2.  David Maister – Trust Equation
  3. HBR – What is really silencing the employees – Ethan Burris

Culture and Communication Risks

The two things bringing a cultural revolution globally are – recession and social media. Both nations and organizations are struggling to adapt to the changes required in mindset and behavior. Recession has ensured that the fittest corporate citizens are those who can operate globally, work where the demand is, and compete at a global level with the cheapest resources. Social media has connected everybody and everyone is accessible on the same platform. A CEO  is just a tweet away from Gen Y fresh graduate. The layers of authority and distance are diminishing. The organizations and employees that adapt to the cultural change quickly will thrive in the next few years.

Therefore, the need of the hour is to become a global employee with a capability to understand cultures of at least a few of the countries with high Gross Domestic Product – US, France, UK, Japan, Germany from the developed countries and Brazil, China, India, Mexico, South Africa and Russia from the emerging markets. Multinationals are trading with these countries and/or have offices in these countries.This cannot be taken lightly. The graph below from the Economist Intelligence report “Competing Across Borders” will help you understand the impact of cross-cultural communication.

About one-third of the respondents stated that profits, revenue and market share improved significantly with better communication. To counter the cross border communication challenges, organizations are focusing on providing cultural, linguistic and conflict resolution training. However, there is no simple solution. Though training might help, it gives a current scenario. Psychologists Dov Cohen and Richard Nisbett, conducted experiments to assess the probability of entering into disputes depending on the cultural background. They realized that current behavior of a person is influenced by history of couple of centuries. Where the person is coming from matters. Typically, a warrior class, such as Sikhs and Gorkhas in India, are going to be more aggressive in organizations. As leaders and employees both bring their personal values while at work, the corporate culture changes on the basis on the position and number of people  of a community.

Though this experiment raises questions on whether any individual can truly become a global citizen, it is a critical requirement. Disputes are caused due to cultural and linguistic differences as shown in the adjoining graph. Insufficient clarity in communication can cause major disasters, especially when bounded by cultural protocol. Malcolm Gladwell in his book “Outliers – The Story of Success” gave example of Korean Air. The airiline, Korean Air, during 1988 to 1998, had a loss rate of 4.79 per million departures. In comparison, American carrier United Airlines, for the same period had a loss rate of o.27 per million departures. That is, Korean Air was having 17 times higher loss rate than the American airline. It had 8 airplane crashes in the period.

The reason attributed for most of plane crashes was “unclear communication” and not plane defects or pilot inexperience. The Korean culture has high power distance index and the flight officers were unable to plainly tell their captains that they were flying on the wrong route, were out of fuel or weather was bad. Can you believe it, due to the respect and deference flight officers showed to their captains and officers in air traffic control rooms, over a thousand passengers lost their lives? Instead of taking control of the plane they chose to show reverence!

Another amazing fact mentioned in the book is that more planes crash when the captain is the pilot, rather than when flight officers are flying. Simply because when flight officers are doing something wrong, the captains due to their position of authority, do not hesitate to call out the mistake. On the other hand, flight officers chose diplomatic responses which have a higher probability of misinterpretation as severity of the situation is not conveyed clearly. Korean Air recovered and became a safe airline, after they trained all captains and flight officers on speaking clearly and plainly in English while flying, among themselves and the air traffic control rooms.

Looking from another lens, employees are less likely to highlight risks to seniors in countries and organizations with authoritarian cultures. Juniors may hesitate to paint the full picture explicitly for senior managers to understand high risk situations, and crises would occur without proper risk mitigation. Risk managers and crises managers need to be taught the art of clearly communicating concerns and issues.

Closing thoughts

English has become a global language, but without taking the cultural context it doesn’t make sense to a reader from another country. For instance, take a look at the blogs of  Americans, British, Australians and Indians, all are writing English but very differently. Just by reading the blog post, one can identify the country of the blogger. Hence, with increasing complexity in business, the nuances of communication become more important. Communication failure can cause disastrous consequences. When I am flying, I would prefer that the flight officer says to the captain – “Buddy, we are flying on the wrong course.”


  1. Competing Across Borders – Economist Intelligence Unit
  2. Outliers – The Story of Success – Malcolm Gladwell

Celebration Time -100K Views in 2 Years

On the day of Venus transit, this blog crossed 100,000 page views, a couple of weeks before the second anniversary. For a subject as dry as risk management, that is an achievement. My sincere thanks to all the subscribers and readers whose smallest click on the post motivates me to write more. I didn’t start of as a writer, but the slow and steady growth in readership has made me one. With an average of 8000 page views per month, it is time to celebrate.

Since I started this blog with the aim to build awareness and  change perceptions about risk management, specially in India, the song “Winds of Change” is dedicated to all my readers. For the next generation, we definitely need to bring changes in practices of business ethics, corporate governance and risk management.

In the last two years, I learnt a few personal lessons from blogging. These lessons are not about how to blog better, but life in general. So here goes.

1. Don’t give up your hobbies

Sounds simple, but with age we generally give up our hobbies due to various constraints. However, the hobbies of our childhood in some ways define us and one never knows how the dots connect in future.

My mother encouraged me to write from childhood. In my teens I wrote poems and essays. Most were deeply tragic, outrageously wicked or completely radical thoughts. My father got perturbed on reading them, since he believed I was going to implement my creative ideas. I was that mischievous! Over time, as the focus on career increased, I stopped writing. I picked up writing again with this blog after a 20 years break. It was an absolute challenge. My writing is still not as decent as I wrote during my teens. It is an art one forgets with time without practice.

Now blogging is the in-thing and being able to communicate well is the key to success. No one told us that during our school days, the focus was on qualifications. In the present environment technical skills have become secondary. Times change. The best way forward is to integrate hobbies with career aspirations.

2. In adversity, persevere

Blogging is a humbling experience. There is a lot of sales talk about how good and easy it is, but it takes a lot of persistence.

I think most bloggers start for two reasons – either they love writing and sharing ideas or they wish to build a name for themselves in their chosen field. The initial idea is we have got it made and can crack it easily. Nobody tells a new blogger that they will be publicly making a fool of themselves,  consistently, till they get the hang of it. Moreover, with all the competition, most readers will ignore you. In real life, we target a deal with at least 60:40 odds in our favor. In blogging world, less than 1% read the post, let alone appreciate it.

It taught me one big lesson. In adversity, I must not count what I don’t have. I must focus on the goals I wish to pursue and doggedly work on it. Every time I failed, I attempted to understand the reasons for failure and restarted. Hard work makes one luckier.

3. Be authentic

Blogging is about personal branding, hence be authentic. What I write is what I am. There is a lot of advise given on building a personal brand and developing a social persona to get an audience. The problem with that approach is that my personal brand is not different from another’s image. Hence, how will the readers differentiate and respect me?

For instance, my thoughts are uniquely mine, if I try to mimic someone’s writing style or thoughts, then it isn’t me. If I like to be someone else, who is going to be like me? It takes courage, because putting radical thoughts in open forums is sometimes equal to begging to be killed.

However, my authenticity determines my credibility. For example, if I value honesty as a trait, then not only my friends but my worst enemies should vouch me as honest. The measure of my success on personal branding is when I stand for certain values and traits, my competitors and enemies acknowledge those traits. A well packaged public persona goes only so far as most readers see through the game plan sooner or later.

Closing thoughts

I started writing this blog on my parents marriage anniversary. As I have lost them, this was my way of thanking them. I wanted to share some of the ethical values they inculcated in me. It gives me a sense of satisfaction that there are still some takers for it. I hope in the years to come, I can learn something more from blogging, career and life, and be able to share it with you.

Thank you once again for your continued support and faith.

Best wishes,


Diversity Management Risks in Global Organizations

Barack Obama in his autobiography “Dreams of My Father” reflects  “where do I belong?”. Being a child of parents of different races and religions, he spent a childhood searching his identity. Bill Clinton in his autobiography “My Life” discusses a white child’s perspective on segregation of schools in America in 1950s. Both men grew up without their real fathers presence; Obama’s lived in Kenya and Clinton’s lost his real father before birth in a car accident. Their step-fathers didn’t play an important role in building their characters, both attribute their mothers for raising and guiding them.  The personalities reflected in the books are different. Obama comes across as an intellectual and philosophical man, Clinton appears to be a people person and detail oriented. However, Americans and worldwide public had remarkably different viewpoints just because of the color of the skin.

Moreover, their religious faith did swing some votes in their favor. Barack Obama’s credibility is still questioned by opponents by stating that his grandfather was a Muslim, hence Obama cannot be following Christianity. Even in the world super power politics, race and religion play an important role. The more recent case is of Nicky Haley stating she has converted from Sikhism to Christianity. She is an Indian born in US, with the name Nimrata Rhandawa married to Michael Haley. That she felt the need to convert, and was questioned by a Time magazine reporter as to whether she will give a bigger tip to Sikh cab drivers, depicts the hypocrisy of choosing candidates based on performance, ideologies and meritocracy.

Closer home in India, religion still plays a major role in politics. Dynastic politics prevails and even the first family of Indian politics projects belief in Hinduism. It is ironical that the family is secular in religious belief, however, has to present themselves as Hindus for public consumption. As per historical records Indira Gandhi a Kashmiri Brahmin (Hindu) married Feroze Ghandi, a Zoroastrian. To prevail politically, the surname spelling was changed to Gandhi, making it sound similar to Mahatma Gandhi, though there was no family connection. Rumors prevail that Feroze Ghandi by birth was a Muslim. Their first son Rajiv Gandhi, married Antonia Edvige Albina Maino (Sonia Gandhi), an Italian Christian and the second son Sanjay Gandhi married Maneka Anand,a Sikh.  However, the next generation of Gandhi’s – Rahul, Priyanka and Varun – publicly follow Hinduism.

Can’t blame them, because in India religion and region bias are huge. South Indians will view North Indians suspiciously and vis-a-versa. Among South Indians, the Telugu and Tamils will fight, whereas in North India the Punjabis and Jats will battle for superiority. Worse, grouping also  occurs on bases of caste and sub-castes. In such a scenario, with globalization, can organizations really ensure unbiased behavior and decisions on race and religion? Is it possible to wade out prejudices, suspicions and intolerance for a few hours at work, and come home to indulge in the same?

The challenges for organizations are mind-boggling due to technological advancement. As in this wordpress blog where readers from 50 countries visit daily to read posts, in global organizations faith, philosophies, ideologies, race and religion of employees are quite different. Homogeneous behavior cannot be brought about by a code of conduct or compliance team. Meritocracy can win only when it is built into the culture of the organization, else the spirit of the organization will be in tatters due to the dichotomies in employees faiths and beliefs. Hence, let us take a look at diversity management risks in multinational organizations.

1. Regulations of various countries.

Labor laws relating to age, race, religion and gender differ among countries depending on the legal, political and cultural environments. Additionally, in large countries, for instance US or India, they differ state wise and some vary according to industry. Therefore, multinational organizations have to devise policies and procedures on diversity management according to the laws of the country in which head quarters is located, and international operations.  Compliance to various laws and regulations can be a challenging task and head office may not have the full picture.

2. Variance in local cultures

Local cultures impact diversity management initiatives of multinationals. For instance, in Saudi Arabia, women sit separately in a room and do not mix with the men in office. In India, the number of local languages tend to group people of a state together. Hence, the status of embedding diversity management initiatives in head office and regional offices may differ significantly. Cultural integration may become difficult due to behavioral attitudes. For instance, Americans are more outspoken and aggressive in nature, whereas Indians are diffident and respectful. Due to these aspects, global communication and integration plans have to be adopted to local environment.

3. Anti-discrimination protection

The effectiveness of anti-discrimination protection is dependent on enforcing laws and the judicial environment in the country. For example, in US a number of discrimination cases are filed by employees and huge penalties are levied on the organizations. However, in India, though similar laws exist, there is hardly an instance where a case is filed by an employee on the basis of discrimination, as there is minimal possibility of employee winning the case against a large organization. To ensure same level of adherence is maintained at head office and regional offices, diversity management officers need to play a critical role.

 4. Increase in workplace violence

Globally and in India, workplace violence is increasing. Employees report increasing number of cases of bullying, harassment, sexual harassment and physical threats in various surveys. Here again, a group or individual  belonging to a specific race or religion may get mobbed by the majority, depending on the political climate in the country. Hence, the challenge for multinationals again is that similar laws may not exist in other countries. For example, India still doesn’t have an act passed on sexual harassment in workplace, though the bill has been pending in the parliament for sometime. Therefore, awareness levels of these issues differs in various countries. Multinationals, to bring uniformity need to have extensive training in regional offices and subsidiaries.

5. Mergers and Acquisitions

With the ongoing trend of multinationals acquiring companies in different countries, addressing diversity issues becomes critical. Mergers fail, due to failure in culture alignment and not because of failure in merging financial numbers. Post merger, for cultural integration one of the first things to do is devise a strategy for diversity management and implement the same.

Closing Thoughts

An extremely complex subject that impacts organizations especially those with international operations, at three levels – customers, productivity and staffing. However, it is often ignored by the management and definitely by risk managers and auditors. Very few risk managers do a human resource risk assessment, hence these problems continue to brew within the organization, till the culture becomes toxic or legal cases are filed. Hence, it is a good move to develop global and local diversity management strategies and implement the same. Indian organizations can take a leaf out of US organizations, and start appointing diversity management officers.


Workforce diversity initiatives by US Multinationals in Europe – Mary Lou Egan.. Marc Bendick, Jr.

Rational Versus Rationalized Risk Taking

Devdutt Pattanaik in his Economic Times article “Malady of Interpretation” narrated an interesting story from Mahabharata. Bhisma, leading the battle in Kurekshetra on behalf of Kauravas had the boon of death by wish. As he couldn’t be killed, Pandavas couldn’t win the battle. Then Krishna devised a ploy to trick Bhisma into lowering his bow. Pandavas knew Bhisma would not fight a woman, hence asked Shikandi, a transgender, to participate in the war. Shikandi was born a woman, hence Bhisma interpreted that he cannot shoot at a  woman, whereas Pandavas considered him a man. If Bhisma had rationalized that Shikandi was a man, Pandavas may not have won the battle.

Rational or Rationalized Risk Taking?

This is thought provoking; do we do rational risk taking or rationalize risk taking? Risk analysis is significantly subjective, and a whole lot depends on the judgment of the decision maker. The financial crises occurred as most financial institutions rationalized the risks of selling the CDOs as minimal. With hindsight, most question the decisions and fail to comprehend the rational for taking these risks.  Therefore, let us look at the situations that prompt us to rationalize risk taking.

1. Boss’s view

If the boss says so, most juniors will agree, even if the business decisions tantamount to jumping in a well. Depending on the organization culture and boss’s authoritative tendencies, juniors will rationalize risk taking decisions. Juniors show higher tendency to rationalize when they believe that their voice is not going to be heard, will be penalized for giving contradictory viewpoint or  rewarded for blindly agreeing to boss’s ideas.

2. Group think

When group think sets in, then tendency for rationalization increases tremendously. Group members agree for getting along and not rocking the boat. The attribute of looking at one’s own plans objectively and skeptically is completely missing among the group members. A voice shouting at the top of his/her lungs is also not going to be heard. On the other hand, anyone who gives a rational view may get attacked by the group members.

3. Self-interest

When we fall in love, we fail to see the negative attributes of our object of adoration. Our overwhelming pride in our ideas can make us believe our own hyperbole. There are many mountaineers who attempt to climb Mount Everest without adequate preparation and training, as they consider themselves unbeatable.  While passion and commitment is good, if a person is not open to debating their ideas, then it can become their waterloo.

Taking into account the extent to which social context, individual psychology and organization culture play a role in business decisions, it isn’t surprising that organizations are failing to manage risks. The devil is in the detail and management ideally should form decisions backed by data. But, quite often management takes decisions based arrogance, optimism and gut feel. Hence, rational thinking is compromised for rationalized thinking.

Therefore, other obstacle for rational risk taking is that it requires a whole lot of information. Usually, decisions are based on inadequate information and research. As Sun Pin says that to win a  war, the general should know strengths and weaknesses of his own army, the opponent’s army and the terrain. A general should draw the battle plan after taking all risks into account and get into battle only when victory is assured. However, in business this wisdom is ignored and business managers tend to rationalize while preparing corporate strategies.

Closing thoughts

The human psychology works on the premise that when we say “Mirror, mirror on the wall, who is the most beautiful of all?”, the mirror responds “You”. Dissenting and uncomplimentary views are hard to accept. The first reaction many a times is a desire to stuff something down the other person’s throat to stop their criticism and negative feedback. However, for rational risk taking the dissenting thoughts and critical feedback are worth gold. These prompt executives and risk managers to view strategies, business decisions and implementation plans dispassionately and objectively. Rather than deny the possibility of risks occurring by saying “this is not going to happen”, executives must ask – “how is this going to work?”.

One question for the readers – Can rational and rationalized risk taking co-exist?


Devdutt Pattanaik in his Economic Times article – Malady of Interpretation

Risk Management Failures in Kingfisher Airlines

Mr.Mallya with KFA Air hostesses

The king of good times is facing hard times. Launched in 2006, with much fanfare by its Chairman, Mr. Vijay Mallya, Kingfisher Airlines (KFA) is presently in dire financial straits. After the euphoria abated, KFA’s strategy, performance and financial health has been questioned from mid-2008. Now the company is facing major financial and operational problems. The press statement from KFA, on 12 March 2012, highlights the challenges:

“The flight loads have reduced because of our limited distribution ability caused by IATA suspension. We are therefore combining some of our flights. Also, some of the flights are being cancelled as a result of employee agitation on account of delayed salaries. This situation has arisen as a consequence of our bank accounts having been frozen by the tax authorities. We are making all possible efforts to remedy this temporary situation.” 

KFA is a good case to understand the impact of failure in risk management. The management ignored the warning signs of stormy weather and failed to navigate the company into safety.With hindsight, some of the important decisions made by the airline appear incorrect. Let us analyse the  top 5 risks.

1. Strategic Risk – Market Analysis 

 KFA was launched as a premium business class airline. That was the first mistake, a lack of understanding of customer requirements and basing a decision that luxury sells in airlines. Organizations focus on reducing costs and  usually just CXOs are allowed business class travel. Rest of the staff mostly travels by economy class. Moreover, buying most expensive business class tickets doesn’t go down well when seniors aim to project the image of walking the talk.

Even consultants, whose travel tickets are paid for by clients, hesitate to book KFA tickets. It appears that they are abusing privileges. Hence, the market size for business class tickets is small in India.

Secondly, internationally Southwest Airlines operating model has proven successful. It is a low-cost airlines, provides minimum frills to customers at reasonable rates. Mr. Mallya, highly successful in liquor business, didn’t comprehend the differences in customer preferences within the two industries. Customers may buy expensive alcohol, but not airline tickets, since the total cash outflow  is higher.  It is a price sensitive market. Therefore, KFA adopted an incorrect strategy from the start as it failed to understand the market dynamics.

2. Strategic Risk – Merger with Air Deccan 

KFA acquired Air Deccan, a low-cost airline in 2007. Five years of operations is a key criteria for an airline to fly internationally. Hence, KFA acquired Air Deccan’s international flying rights and simultaneously entered the cheaper market segment.  It made the following announcement in September 2008 financial results commentary:

The merger of the two operating airlines into one corporate entity has also enabled savings on operating costs such as Engineering and Ground Handling, Insurance and Catering. Employee costs have also been addressed through an integrated organization which enabled the Company to terminate the contracts of most expatriate staff and impose a hiring freeze on new appointments.

After the merger, first signs of trouble cropped up. As per a Business Today article, it became the largest Indian airline with 27.5% market share, and domestic travel increased by 30%, however it didn’t make profits. Despite the fact the its main rival – Jet Airways – continuously showed profitable quarters.

KFA showed growth in numbers while having lost the strategy. With the merger, it lost its brand image of a premium business class airline. It expanded with the speed of a jet without building a base and resolving the post merger challenges. This set the course for a bumpy ride.

3. Strategic Risk – Investment in Planes 

According to 31 March 2011 ending annual report, KFA flew 366 domestic flights and 28 international flights. It owned 67 aircraft.

“Aircraft Engine/Lease Rentals: Aircraft/engine lease rentals stood at Rs. 984 crore (USD 197 million) during the twelve month period from April 2010 to March 2011. Your Company operated 67 aircraft (scheduled and non scheduled) in the year under review, 13 of which are owned through finance leases and 54 are held under operating leases.”

Business Today article mentions that presently the airline owns 63 planes and a few have been returned to the lessors. However, the plane financing problem isn’t new. In September 2008, after the merger with Air Deccan,in financial results commentary KFA stated the following:

“Two aircraft have already been returned to Lessors with no additional cost, and the Company is in discussion for the return of a further eight aircraft. The impact of this capacity contraction will be visible during the second half of the Financial Year.”

After the merger, according to the Business Today article, the airline refused to take delivery of 5 Airbus A340-500. It had over 90 aircraft in Airbus books and no delivery was taken after 2008. This is a case of investment plans made under a cloud of unknowing.

4. Financial Risk – Excessive Debt  

In the December 2011 quarter unaudited financial results, signed by the Chairman Mr. Mallya, the following note is given:

The Company has incurred substantial losses and its net worth has been eroded. However, having regard to capital raising plans, group support, the request made by the Company to its bankers for further credit facilities, planned reconfiguration of aircrafts and other factors, these interim financial statements have been prepared on the basis that the Company is a going concern and that no adjustments are required to the carrying value of assets and liabilities.

KFA posted a loss of Rs 1027.39 crore (USD 205.95 million) in December 2011 quarter. As of 31 March 2011, its net worth was negative at Rs 3633.08 crore (USD 728.29 million). It was last positive in March 2008, and now the picture is dismal. Presently, KFA has a total debt of Rs 7057.08 crore (USD 1414 million) and total accumulated losses of Rs 6000 crore (USD 1202 million). The banks refuse to extend further  credit as the non-performing assets (NPA) will jeopardize the profitability and liquidity of the banks.

Here it is a clear case of excessive debt and poor cash flow management systems. The situation has gradually worsened from March 2008 and in three years the capital is completely eroded. A better financial risk management may have helped mitigate the problem. It appears no one in the company was monitoring the risk dashboard. Maybe they were flying high on optimism.

5. Operational Risk – Fuel Costs

It’s a well know fact in aviation industry that most airlines nosedive due to high fuel costs. The rise in fuel costs are an uncontrollable risks as the price of petrol is set internationally. Additionally, in India, states charge heavy sales tax on petrol. Hence, the fuel costs are much higher in India. KFA annual report of 31 March 2011 acknowledges this issue:

Aircraft fuel expenses: Expenditure on fuel stood at Rs. 2274 crore (USD 456 million) during the twelve month period from April 2010 to March 2011 accounting to 28% of the total costs. While the average fuel prices have come down from a high of Rs. 74 per litre in August 2008, prices have steadily risen through the year and ended 34% higher than prices at beginning of the year. 

As given in the commentary on the results for the half-year ended 30th September 2008, KFA was aware of the problem.:

The Aviation Industry is going through a challenging phase globally, driven primarily by spiraling fuel costs, which hit an un-precedent USD 147 per barrel in July 2008. The Indian industry was hit more adversely due to the cumulative impact of Customs Duty and Sales Tax on account of this sharp increase in international fuel prices. The average price of ATF in the six month period from April to September 2008 increased by about 60%. The impact on Kingfisher Airlines alone was to the tune of Rs.640 Crores (USD 128 million).

Most airlines to recover fuel costs increase the number of seats in the aircraft by better use of space. KFA couldn’t do it, as it projected itself as luxury class. Despite enjoying an occupancy rate of 75-85%, the company failed to break-even. Although the management was aware of the truculent factors in aviation industry it failed to take preemptive measures timely.

Closing Thoughts

A look at the 31 March 2011 year-end annual report reveals that KFA had 7-8 directors, with just one executive director. The audit committee had 3-4 directors and didn’t seem active, since there were just 4 meetings during the year. Since inception of the company, three CEOs have come and gone. Mr. Vijay Mallya, the Chairman, controls the company. The board of directors have not actively participated in charting the route of the company. Hence, pilot of the company is responsible for the downward spiral of KFA.  As the banks and government refuse to give a life jacket to KFA, the probability of safe landing is low.


  1. Kingfisher Airlines – Media statement 12 March 2012
  2. Kingfisher Airlines – 31 March 2011 Annual Report
  3. Kingfisher Airlines – 31 December 2011 Unaudited results
  4. Kingfisher Airlines – Commentary on results for half year ending 30 September 2008
  5. Losing Color – Business Today article.

Program Change Management Risks

Organizations invest huge amounts in running numerous programs to improve operations, culture and profitability of the company. For instance, programs cover technology implementation, building social networks, improving employee engagement and corporate social responsibility initiatives. Some programs give good return on investment while others dwindle without much success.  The success and failure of a program appreciably depends on effective change management.

Even for information technology programs, various survey reports show success-failure ratio as 50-50 percentage. Failure results in cost overruns and delay in project schedule besides low employee morale. A few reports indicate just around 20% of the programs are successful in the first effort in all respects. The differentiating factor, with technology and implementation capability being the same, is change management skills. Lack of focus on change management risks results in program failure.

Before discussing some key aspects of program change management risks, let us understand the reason for the same. Change causes insecurities to surface, hence sows the seeds of conflict and discord. On start of a program, people do not understand the reason for change. They are unable to assess what is at stake and what success looks like. Moreover, people respond differently to change. Idea of change gets supporting, skeptical and scornful reactions. If not handled carefully, different groups within the organization prepare battle plans to sabotage the program.

Hence, change management strategy is an essential component of program implementation. Given below are some of the risks on the same.

1.   Senior Management Involvement

For approval of the program, the program manager shakes hands with all the senior managers to get their buy-in.  Managers assume that the senior management commitment will continue after approval. However, this is rarely the case. With time, commitment will wane if senior managers do not understand the direction of the program and/ or start giving priority to other programs. Hence, program managers need to monthly/ fortnightly update the senior managers through review meetings and reports on the status and plans of the program.

Additionally, users and employees need to see senior managers demonstrate commitment to the program i.e. walk the talk. Program managers need to leverage opportunities to show senior management support for the program. Develop a leadership plan to ensure senior managers become champions of the program.

2.   User/ Employee Adoption

The program managers gear most of the programs activities towards adoption by the users. For example, in building a risk culture, adoption of risk assessment template is a milestone. The point is change agents view program activities in isolation for pre-go-live stage without considering the overall impact on the organization. Programs influence strategy, process, technology, and people. Without synchronizing the four aspects, even with user acceptance, the program will be unsuccessful in the long run.

Second aspect to consider is the handholding and support after the go live stage. After implementation of a program, the users may still face some challenges or new problems and risks may arise. For continued success of the program a team is required to support it, else it will fizzle out.

3.    Multiple Communication Channels

A program requires a good communication plan and failure in communication jeopardizes the program. Communication messages must be clear, straightforward and from the heart. The corporate jargon and meaningless mantras does not get buy in from senior management or users. For example, do not have a mission statement for an ethics program that sounds like this:

The company’s mission is to be the most ethical organization in the world by adopting best practices, making it a great place to work and rewarding meritocracy

Employees will roll their eyes on the above statement and consider it as management hyperbole. There is nothing actionable or measurable in the statement. Neither are the steps linked to ethics.

Another risk is failure of communication from senior management. Program managers assume that employees understand senior management commitment from strategy and other generic documents. However, adopters need to hear from senior management, their views and aspirations regularly.

Moreover, when programs run into problems, the initial reaction is to hide the bad news from the adopters. Clear concise communication on challenges being faced by program managers and support required, gets the program back on track. Communicate more often when program is running into trouble.

More importantly, change agents sometimes fail to listen to the adopters. Adopters’ feedback is critical for the success of the program. Understand their angry reactions, criticism and challenges. Develop plans to address them and not ignore them.

 4.    Training Plans

 Standard training material is the bane of most programs. Change agents believe that once the training is imparted, their job is done. Some pieces are overlooked in training plans and I have mentioned these before in a post. These are:

  • People have different learning patterns.
  • People are at different stages of learning – beginner, learner, manager, and expert.
  • People do not remember the training for long unless they start using the information in practical work.
  • Old habits are hard to break; hence, people revert to old patterns of working if not monitored.

Last but the not least, is the content of the training. For example, fraud awareness training is a double-edged sword. The users, who didn’t know a word about fraud, now have some idea on how frauds are conducted. The information can be misused. Moreover, an overload of information may create panic reactions in users. Hence, when to deliver training and what information to give are critical decisions for successful program implementation.

 5.     Reward & Recognition System

For a program to be successful, set up a clear system about reward and accountability for the adopters. Failure to establish a system will result in rewarding mediocrity rather than meritocracy. Further, without implementing a penalty criterion, there is no downside for wrongdoing. Hence, maintain a balance between reward and punishment.

For instance, in an ethics program, build a system of bonus points at time of appraisal for meeting business objectives in an ethical way. If a manager had the option of choosing an unethical means to achieve an objective faster but selected an ethical way though had to work harder, award him/her bonus points. On the other hand, award penalty points to a manager who chose unethical means.

6.    Dealing with Failure

Sometimes, despite best efforts the program team stares at the face of failure. People adopt inflexible approach and refuse to acknowledge the logical benefits of the program. They foresee their personal and political agendas negatively impacted, hence refuse to contribute to the shared purpose of the organization. The situation reminds me of an old joke.

A man bought a parrot as a pet. To his dismay, the parrot had a bad attitude and spoke foul language. The man tried to teach the parrot to behave but the parrot refused to change. One day in a fit of anger the man put the parrot in the freezer. He heard the parrot screaming and abusing for a couple of minutes, then there was silence. The man opened the door of the freezer, the parrot trotted out and said – “I beg your forgiveness for speaking rudely. I promise to behave properly.” The man was amazed at the transformation. Then the parrot said – “May I ask, what did the chicken do?”

To avert sudden failure periodically conduct organization surveys to understand the acceptability of the program and organization readiness for the next stage. Measure the behavior and sentiment change due to the program. Do not rush to the next stage without ensuring that adopters connect with the program in the existing stage.

 7.    Awareness of Retaliation

Situations can get out of hand when people start retaliating against the program manager and his/her team. Some programs are launched for appearances sake. For example, senior management may approve a program for business ethics, diversity or employee participation. However, when the change agents sincerely attempt to run the program to bring about a cultural change in the organization, they get mobbed by the employees. In this case, the junior employees start complaining that the change agents are pressurizing, bullying and forcing them to change. This impacts the heart of the program and the change agents spend most of the time defending their actions. The senior management doesn’t really want change, hence looks the other way or gives tacit approval to derail the program and mob the change agents.

In such cases, the change agents have to pay a high price, but the seeds of change are sown. People recognize that there is a better way of doing things, and gradually move towards light.

Closing Thoughts

 Change is difficult. We ourselves find it difficult to change, so getting others to change is an obstacle race. As Mahatma Gandhi said on leading the non-violent Indian independence movement – “First they ignore you, then they laugh at you, then they fight you and then you win.” Being a change agent is a test of stamina, perseverance, discipline and sacrifice. There are no low hanging fruits to pluck, no short-term rewards, no personal glory, however, in the end organization benefits.


Strategy to Execution – A Risky Path

Some companies fail and some succeed spectacularly in the same market conditions. The question for successful companies is – what did they do differently? On the other hand, failure is attributed to either poor strategy or pathetic operations.  A popular notion among managers is that if company is not achieving targets, then review the strategy, something must be wrong with it. If the strategy is found reliable, review the operations and focus on it to be successful.  Is the explanation for failure that simple?

In my view failures occur because complexities of the situation are either ignored or misunderstood. The third-fourth-fifth dimensions are normally missed and must be looked into. The overall strategy might be right, the execution flawless, and  the company may still be staring in the face of failure. According to me the path from strategy to execution is very risky. Below are my views on the same, do you agree with them?

1. The Human Dimension

Let me give you an example, that most employees are familiar with:

Objective of the company : Make the organization a “Great place to work”.

Strategy to achieve the objective : Focus on diversity, work-life balance and good leadership pipeline.

Execution plans :  Hire 25% women, promote 10% women to senior levels, issue policy of work life balance , introduce 360 degree feedback and balance score card system.

All the execution plans were implemented, however employees are still cribbing and consider the organization one of the worst places to work. So what went wrong?

Now let me give you a few situations that occurred in the organization :

a) A gorgeous looking woman was placed in a senior management position who was rumored to be having an affair with a CXO. Employees down the line didn’t like her personally as she did not have a reputation of high professional caliber or ethics.

b) A few employees in the 360 degree feedback, gave honest negative feedback about their bosses. In less than a quarter the bosses with help of human resource department terminated or demoted the employees.

c) Bosses allowed the employees to leave office premises by 6 pm. However, they asked employees to work at home and deliver reports the next morning at 9 am.

The missing component – the human dimension – was overlooked. The culture of the organization didn’t change with the strategies and plans. The messages that employees received were –  “One gets promoted if one sucks up to the boss, merit doesn’t count, honesty has a huge downside and bosses will harass.  Nothing has changed.” The tone at the top remained the same and no one was seen walking the talk. Hence, though everything looked good on paper, and all execution deliverables were achieved, the execution team met the key performance indicators, the objective wasn’t accomplished. People make the difference, hence analyzing culture, messages and in some situations even the grapevine is helpful.

2. The Organization History

The often ignored impediment in failure of strategy is the organization history. History – good and bad – makes a difference in success and failure of strategy as it directly impacts commitment levels. If the organization has had bad incidents or history, a host of issues become undiscussable. These undiscussable issues make communication superficial, hide negatives in the wood work and portray a picture that management wants to hear. In a globally connected world, even a small incident can become a historical landmark. To bring clarity to my point, I am narrating an incident that I experienced.

I was working in an organization in which one of the core values was “respect for everyone’s time”. The offices were open plan, with no difference between a CEO desk and an admin desk. All meetings were conducted in various conference rooms and room bookings were done through an intranet application. The cultural guideline was – do not overstay in a room as it may be booked by another group/individual. There were no reserved conference rooms for senior managers.

One day a new employee with his group saw that the people in the conference room he had booked for a meeting continued in the room after their meeting time elapsed. He knocked on the room, and asked the team inside to leave. The other employees outside were horrified. After 5 minutes, when he saw no action, he again knocked. The team inside walked out and all employees were red-faced. The poor chap had just evicted the Global CEO and his executive team out from the conference room.

News traveled globally within a few hours of the incident. The mathematical geniuses developed statistical models on probability of the new employee being asked to leave. Others like me, indulged in simple betting. Within a week the CEO sent a global message appreciating the employee for adhering to the organization values. He said that he felt good that induction training was effective, HR was doing a good job in recruitment & selection, and employees were fearless in confronting seniors on core organization values. All employees were absolutely jubilant on losing their bets. The incident became part of organization history and employees were inspired by the leadership. Commitment to a strategy comes from the heart and not by the numbers given in a Powerpoint presentation. In some situations analyzing the past history of the organization and failure rate of strategies might be helpful.

3. Reliance on Performance Management Systems

Norman Marks in his post“The inter-relationships of risk, objectives, strategy and performance rightly said that “performance management without considering risk is flying blind.” I agree with this statement. However, my question is – are organizations really measuring the right stuff ? If not, are organizations deluding themselves into believing that they are monitoring and as all performance indicators show green status, everything is great.

Let me narrate here my pet peeve on risk management performance indicators. Tell me, how many of us have filled a balance score card or prepared an annual plan stating the number of risk management reports issued during the year. Additionally, recall numerous times assurance has been given to senior management based on the reports issued and their findings.

According to me, these performance indicators for a risk management department make limited sense. Better indicators would be :

a) To calculate the amount of loss averted from timely risk mitigation. Or,

b) Counting the number of days organization risk was higher than the established risk appetite of the company.

However, only a few companies keep these performance parameters because these are difficult to calculate and require robust management systems. So we rely on parameters that are actually not telling us anything more than the fact that some work is being done. Therefore, my contention is that even if a the risk of not issuing 12 risk management reports (a performance measure) during the year would be available, it may be irrelevant risk identification. A good idea when doing management by objectives, is to check what the company is measuring.

4. The Organization Structure & Systems

The focus is not developing the strategy and operation plans, however the point that is missed is – whether the organization structure and systems are conducive towards accomplishing the envisaged operations efficiency.

The prime example of this is establishing backoffice operations in emerging markets or outsourcing processes. Most organizations initially off shored to save on costs. The cost-benefit analysis was done considering the explicit cost of labor and other costs in mind. However, the implicit cost of managing the operations remotely, variance in customer service quality, breakdown of services and increased risk of fraud were not considered. Quite frequently, the same process was outsourced without much re-engineering for outsourcing the process. This resulted in cumbersome and long processes, higher management time and more risks. In rare cases only the organization structure was aligned to outsourcing activities and managing the complex relationships.

In this case, the strategy was fine, effort was put in setting up back office operations properly. However, the interlinked impact on various functions and activities was ignored. Basically the problems arose due to structure and systems, as these were not considered at the strategy formation stage.

5. Strategic Risk Management

Finally, the concept of strategic risk management is gaining popularity, though it still has a long way to go. Problems sometimes arise in implementing a strategy, because at the time of formulation the strategic risks were not identified and assessed. Hence, the organization has a rosy picture of the strategy.

The additional challenge is when strategic risks are identified though not properly. Some hold the opinion that strategic risks are best identified by the top management or chief risk manager. The frontline operations teams do not have a role to play. My view is that while strategy may be developed at the top, the risks need to be captured at all levels and rolled up to the strategy development team.

To illustrate, let me share with you the venture of international fast food joints in India. KFC, McDonalds etc. made losses in the Indian market initially. The reason for entering the Indian market was clear – a huge educated middle class provided a good customer base. They replicated their operations model in India. However, they really didn’t understand Indian tastes. Indians preferred spicy food and didn’t appreciate the American bland taste. Secondly, Indians initially took these meals as snacks and not for lunch or dinner. Hence, were willing to spend much less than they would in an Indian restaurant.  It took the companies 3-4 years to understand the difference in customer tastes and expenditure patterns, and change the menu accordingly. Customer risk was local whereas the strategy was formed globally. Strategy failed due to lack of understanding of local market.

Hence, in my view strategic risk management is not a simple exercise undertaken at the top of the company pyramid. A robust enterprise risk management system aligning objectives, strategies and risks is definitely beneficial. If an organization is not meeting its key performance indicators, even when their are no obvious problems with operations, a through analysis of risks at all levels sheds light on quite a few issues.

6. Impact of Systemic Risks

Another aspect that is least understood in organizations is systemic risks. Organizations adopting enterprise risk management assume that since the key risk indicators are showing low risk, everything is running smoothly. However, as seen in the financial crises, the impact of systemic risks is huge. Underestimating it or ignoring it can nearly wipe out the organization.

Turner report highlighted the impact of systemic risks in the banking sector with the following lines:

Five key features of this new model played a crucial role in increasing systemic risks, contributing to the credit boom in the upswing and exacerbating the self-reinforcing nature of the subsequent downswing:
(i) The growing size of the financial sector.
(ii) Increasing leverage – in many forms.
(iii) Changing forms of maturity transformation.
(iv) A misplaced reliance on sophisticated maths.
(v) Hard-wired procyclicality.”

Although, in the blame game the investment bankers are being labeled as culprits for playing in the CDO market, the interconnections between retail and investment banking  resulted in the crises. The retail bankers gave home loans to individuals with doubtful repayment capacity to leverage the boom in real estate market. Simple explanation is that the collapse of real estate market negatively impacted recovery of loans which resulted in making the CDOs worthless. The key lesson to learn here is that strategies can fail majorly if they are not protected against the impact of systemic risks.

7. Leadership Quality

The quality of leaders makes the largest difference to an organization’s success. Can one imagine GE’s tremendous success without Jack Welch? He accomplished a lot as a leader, though he portrays himself modestly in his book “Straight From The Gut” . He narrates –

“I came to the job without any external CEO skills. I had rarely dealt with anyone in Washington, even though the government was more into business than ever. I had little experience dealing with the media. My only press conference was scripted session with Reg on the day GE announced I would the the next chairman. I had only one or two brief outings before the Wall Street analysts who followed GE. And out 500,000-plus shareholders had no idea who Jack Welch was and whether he would be able to fill the shoes of the most admired businessman in America.”

Jim Collins in his book “Good to Great” analysed the impact on companies that had level 5 leaders. Organizations with level 5 leaders showed consistent performance and a far better share holder return than their industry counterparts. Hence, if either strategy or operations are failing, the quality of leadership should be looked into.

8. Assessment of  Strategy Formation Process

Last but not the least is a discussion on strategy itself. Two thoughts come into mind – how should a strategy be assessed for effectiveness and when should the strategy be modified or changed? The quality of strategy itself is in doubt sometimes.

The key reasons for adopting a wrong or misguided strategy relate to some of the points I had mentioned in my earlier posts on strategic risk management :

a) Very few organizations have a proper process for strategy formation. For most it is an end of the year data accumulation practice from different business units. An organization level strategy considering all interconnected aspects of business may not have been devised.

b) Board and CXOs generally do not negate a strategy given by the CEO or fellow colleague. The political repercussions of challenging a CEO/CXOs strategy can be huge, hence most keep their opposing opinions to themselves.

c) If the organization culture is not focused on creativity, ideas and learning, new strategies will not be presented for fear of being mocked or run over. Hence, contrary to popular perceptions the strategy pipeline is quite dry.

d) Moreover, the choices of strategy selection with CEO/CXO are limited. They receive ideas which people down the line have collectively agreed to. These might not be the best ideas as the popular ones generally do not shake people out of their comfort zones.

Understanding these circumstances for assessing the quality of strategy can be difficult. Senior management in such situations has to start from scratch to develop a strategy formation process. If the formation process is full of loopholes or ineffective, the probability of having a good strategy is low.

Closing Thoughts

In nutshell, getting the strategy and operations right is critical for organization success. However, these two components itself do not guarantee success, they are just the building blocks. Other management and organization parts need to be aligned properly to the objectives and strategy of the organization. A holistic picture is required to accomplish objectives. In case of failure in achieving objectives, a review of strategy and operations is definitely beneficial. However, aspects underlining these should be delved into deeply to do a proper root cause analysis. Looking beyond the obvious helps.


  1. Turner report – A regulatory response to global financial crises – Financial Serivices Authority, UK
  2. Straight from the gut- Jack Welch with Johm A. Byrne
  3. Good to Great – Jim Collins
  4. Norman Marks Blog
The Business Enterprise Magazine published this post in February 2012 issue.