Best practices in strategic risk management are intended to prevent weaknesses within corporations that cause damage or even pull down the firm. However, effective strategic risk management tools and techniques become harder to implement as business operations grow, become more complex, and operate in multiple locations. Although technology has provided a platform for enhancing competitive advantage, it has also become a tool used by smart, capable, yet ill-intentioned employees to steal and distort overall results.
It starts with recruiting new employees. Candidates pass through many revolving interview doors, allowing them to hone their skills on how to dupe the interview process. Some interviewers may be incompetent or show poor judgment. Human resources departments are not foolproof, and it is only realistic to accept the fact that rogues in the workplace are here to stay. HR people will sometimes catch potential wrongdoers at the gatepost through psychological tests and other forms of due diligence involving intuition and criminal checks; but don’t count on it.
At the extreme end of the spectrum, there is a widespread pattern of “pushing the boundaries” of everything from accounting rules to disclosure rules for public companies, lax internal controls, managements that focus on doing deals rather than managing, outright fraud and theft, and incentive systems that reward the wrong actions. Enron and Bernie Madoff followed this pattern. Financial market meltdowns make the headlines; however, don’t think that the manufacturing sector is immune. Bogus parts can cause machinery malfunction or engineering disasters due to lack of proper record keeping or, worse, due to shoddy building inspections during construction phases.
An organization is only as good as its parts — in this case, the human parts. One fractured link in the chain means a vulnerable corporation. The quality aspect of management can be evoked to work hand–in-hand with problem prevention, but it is all too often overlooked. Typically, quality applies but is not limited to reducing or eliminating defects in manufactured products. Beyond this, management also needs to invoke quality principles that smooth the internal environment. Valuing people as the key drivers of both quality and performance is important to a firm and can go a long way toward identifying rogues and frustrating their efforts.
Being an ethical role model is a key function of any leader. But the emphasis on quality alone is not enough. Control mechanisms, including both financial and performance audits, are important for preventing and uncovering potential problems. The fact that an organization has survived to today without major scandal does not guarantee that it is safe in the future. The really effective tools in dealing with rogues are punishment and brandishing the legal arsenal available to the company. Such measures reassure the public. A corporation just can’t hunker down to avoid embarrassment. Swift and fair measures will fill the void of those strategic management initiatives that fail to catch rogue employees, and will serve as a heavy reminder to others who may be about to embark on a negative course of action.
Some guidelines for human risk management:
• Learn to live with the uncertainty of any risk, especially human risk.
• Place renewed emphasis on what is already being done, including audits (financial and performance), internal financial controls, and clear financial reporting.
• Vigilantly tweak and enforce the control mechanisms already in place. Think about expanding and/or adding controls.
• Revisit your own role as a highly visible manager. Are corporate controls shortsighted or are they clearly structured so as to prevent deceit, fraud, and rogues from doing future damage?
• Identify high-risk areas in your firm, from inventory to treasury areas. Think about safety and security measures in addition to internal controls.
• Reprimand or fire those who are caught red-handed. If you document your proof, there is little a union or politically correct staff member can do to “rescue” the offending employee from receiving the appropriate reprimand.
The preceding was adapted from Mr. McKaig’s article on human risk management that appears in QFINANCE: The Ultimate Resource, published by Bloomsbury.
