We all know Risk Management is key in our business.
Yet, almost all risk models (e.g.
Coso) emphasize mainly on known or knowable risks.
Of course, as we could have seen in the 2008 credit crisis, the art of Risk management is in managing the unknown or unknowable risks.
But how?
Let's try to learn from two main major accidents:
I. The Challenger shuttle disaster (1986)The accident was caused by failing O-Rings. Warnings of many engineers were
overruled and ignored. This crash was the consequence of a typical effect called GROUPTHINK. Groups naturally look for consensus and will often come up with a false consensus, even when individual members disagree.
Watch a
video of the space shuttle Challenger disaster that illustrates this
GROUPTHINK phenomenon.
Other examples are the Columbia shuttle disaster and the 9/11 attacks. In all cases
Management failed because the information suggesting a disaster was weakly transmitted within an bureaucratic system, and managers failed to authorize action because of bad communication and performance or time pressure.
II. The 2008 credit crisis- Underestimating early signals
The first indication of the coming credit crisis was the collapse of Enron in 2003, uncovered by whistleblower Sherron Watkins.
After the collapse, the FED refused to come out with new 'rules based' guidelines . A Senate investigation showed that - starting already in 2000 - some major U.S. financial institutions had "deliberately misused structured finance techniques". But the Fed and the SEC underestimated the situation, kept to their 'principles based' system and consequently missed the opportunity to to flex their muscle by regulating market conditions for subprime mortgages.
Lesson: It's not about 'rules OR principles', Football Or Soccer, but it's about 'Rules AND Principles'.
- Mixed Central Banks (FED) responsibilities
Central Banks, The Fed in particular, have at the same time two main responsibilities with regard to (other) financial institutions:
1. Supervision
2. Providing financial (banking) services
Those two functions clearly conflict with each other. It's impossible to independently supervise the financial company you're financing at the same time. Supervisory advises will be suspicious by definition.
Secondly you can't supervise yourself as central bank. Therefore, every country needs an independent (that is 'without central bank board members'), professional supervisory board, that audits and supervises the central bank and the national bailout plan(s).
- Whistleblowers
How could the credit crisis technically happen?
Not an official, but a more outside kind of whistleblower, businessman Warren Buffet, warns in a 2003 BBC article that “Derivatives are financial weapons of mass destruction and contracts devised by madmen". The financial world isn't listening.
Derivatives like Collateralised Debt Obligations (CDO's,) were developed to (re)fund the subprime loans. CDO's are packaged portfolios of credit risk, made up from different sliced and diced loans and bonds. They were hard to uncover without a whistleblower. At last an anonymous banker e-mails journalist Gillian Tett of the Financial Times about the situation. Only after she publices early 2007 what's wrong, the dices start rolling. This case also stresses the important role of journalism and whistleblowers in our aim for a healthy transparent financial market.
- The Greed Game
One can argue about the roots of the credit crisis. However, essential in the 2008 credit crisis were, or still are, the excessive remuneration practices at private equity companies, hedge funds and banks. They encouraged unhealthy and excessive risk-taking. Key is the lack of balance between possible earnings and possible losses of board members.
To prevent unhealthy pressure management (with groupthink effects), board members' total rewards should always be in line with the long term realized added value of the company and not be based on yearly P&L profits or short term added value.
Manage the unknown risksRisk Management is not a static, but a dynamic process.
To gain and behold control of the unknown risks, it's necessary to create a transparent organization and company-process that guarantees whistleblowers' and whisperers' (= whistleblowers, that wish to stay anonymous) safety and encourages and even rewards compliance reports from employees, clients or any other stakeholders.
Because of
GROUPTHINK and - on the other hand - possible negative employee outcomes (demotion, dismissal, etc) in case a reported compliance issue turns out to be compliant after all, it's important that whistleblowers are always given the opportunity to report directly, anonymously and safely to the independent federal Supervisor. Employees must have the choice to report internal within their company (small compliance matters) or to report directly to the federal Supervisory board.
Conclusions- Separate the Supervisory and Financial Services functions of the central banks (FED)
- Redesign whistleblowers management
Whistleblowers should have the opportunity to report compliance issues directly and anonimously to an independent federal Supervisory board.
Whistleblowers that choose to report within a company, should always directly reporte to the compliance officer, the executive board and the supervisory board. On top of this they should always, especially in case of discharge, dismissal or demotion, have the right to escalate to the federal Supervisor.
- Change supervisory procedures and criteria
Approval of (company) board members by the federal Supervisor should als be based upon:
- The 'ethical track record' of a candidate
- The feasibility of, in macro economic perspective, "realistic and balanced" board member performance parameters.
The federal Supervisor should audit and approve the existence of a consistent 'company reward plan' that guarantees a sound and measurable balance between long term company results and board member rewards.
CEO's that haven't established measurable long term added value for their company, shouldn't receive any bonus or golden parachute at all.