The 30 Second Rule

Does anyone in the Risk field enjoy churning out huge risk reports, running to many (dozens, hundreds) of pages, so convoluted that much of it goes straight to the shredders? Me neither. I’d rather lick wasps.

Happens a lot though. I’ve lost count of the number of times I’ve seen a report so ram-packed full of 8-point information it’s almost impossible to work out what the hell it’s saying.

And yet, this is the key element of the whole risk cycle, the bit where the risk community gets air time at the Palace, the ‘value-add’.

So, my proposal: the 30 Second Rule. It’s simple: your report is a success if a non-technical reader can understand the key issue, its magnitude and what should be, or is being, done about it, within 30 seconds of picking up the paper. If the reader is still in the dark on the 31st second, the report fails.

That’s all we have to do to avoid licking wasps.  






Some people I know are very excited about all this blogging, Facebooking, txting, Twittering, online forums – this explosion of everyday media. Some people think it has lead to increased democracy. 

Call me an old grumper, but I’m just not so sure that, for the majority, media changes have actually delivered anything more meaningful than a handy shopping experience, some maps and a few naughty pictures. 

The means of delivery has changed, certainly. In the past if you wanted to get on your soapbox you had to, well, get a soapbox. And get on it. And shout. Or write to the papers.

Today we have more channels – alternatives to soapboxes – and the means to broadcast without actually straining your throat. 

So, more noise. Any more signal? And, if there is, any positive impact on democracy?

Weeeeell….possibly not. Two graphs. The first shows the sharp increase in net usage we all know and love, the second suggests no change in the democratic landscape over a similar period (all UK data).



 Source: Democracy Barometer.

Conclusion: lots more noise – less signal.



No supermen

We’re all human. I’m fairly sure of that. Notwithstanding the ultra-low-likelihood Ike-esque scenario whereby Earth has suffered a stealth invasion by shape-shifting, super intelligent extra terrestrials, I’m fairly certain we’re all human.

And being human means we share the same palette of strengths and frailties. When it comes to those frailties, no matter our personal qualities, education, family history, skills and experience, none of us – not one – is immune.

There are no supermen.

Tim Loughton MP seems to have missed the memo.

He reckons it’s OK for HRH Prince Charles to have direct, personal access to national decision-makers for discussions on subjects (such as planning and the environment) he has a keen interest in. The detail of these discussions remain secret.

Mr Loughton sees nothing wrong with this, largely on the basis that, in his opinion, the Prince is well-intentioned and his role is passive. He is not ‘lobbying’, dear me, no. Not a whiff of the ‘L’ word.

In short, trust us. We’re the Great and the Good. No need for ‘transparency’. We’ll behave. You can count on that.

And yet – to restate – there are no supermen.

Bad Words

There’s just some days I want to do something really radical in the workplace. Not radical as in violent or illegal. No, I mean really radical. Like overthrowing the entire corporate culture in a single stroke, say by insisting on calling ‘challenges’ ‘problems’.

Let’s not stop there. Why not introduce an Executive Directive that stipulates brutal honesty in the depiction of the corporate wellbeing and, in particular, problem management? Anyone caught masking the facts with a stream of arse-covering corporate-speak losses pay and share options.

It would be a tough call, one that only the most robust, self-assured organisations could handle. One that would require the entire Executive to grow a pair and be ready to sign-off on reports that said, in so many words, ‘We’ve screwed up’.

Any CEO who wants to speak to her workforce in a meaningful way should adopt this approach. Why? Because that’s how the workforce understand the business. They might talk about ‘challenges’ and spew bucket-loads of meaningless business-speak in the management update but, back at their desks, they know what root cause looks like and they use terms like ‘balls up’ and ‘clusterfuck’.

Want to get your risk management to work? This is it. Avoid the corporate jargon, get to the point and don’t flinch from the brutal truth. Any organisation that can do that – and be prepared to fix things in an equally head-on fashion – can make it work.

Anything else is just playing with words.

Mean City

Edinburgh, Scotland. It’s a nice town, for the most part. Often a bit windy and slightly damp. Great history and an elegant ‘New Town’ area that’s beautiful when the sun shines. It’s a big art town, with major festivals, numerous museums, lovely botanical gardens and a lively cafe culture. In short, a nice place to live.

And this point was underlined the other week by the headline in the local rag, The Edinburgh Evening News: squirrels have caused some £13k of damage to a local bowling club.

Read that again and tell me you don’t want to live in a city where squirrels make the front page. Not giant, radioactively-mutated squirrels with laser eyes and a taste for human flesh, of course, but regular, run-of-the-mill squirrels. That’s the town for me.

What’s next? A gang of radicalised moles undermining the new tram system? One can only hope.

There are some tough places to live in the world. I’m pleased to say this ain’t it.

Gaming the system

I wonder what lessons Financial Services companies will take from the recent LIBOR shenanigans in RBS, Barclays et al.

It’s a good idea to learn from others’ mistakes and any organisation that doesn’t is failing its staff and shareholders. Smart people in switched on organisations might ask ‘what does this mean for us?’. In this scenario Chief Risk Officers might task their Risk functions with exploring their own LIBOR processes – if they have them – to ensure similar weaknesses don’t exist.

That would be a start – but we can go further.

The lessons that can be taken from this latest financial services scandal are not just about the LIBOR rate setting processes. If we want to be really smart about this we need to look at the underlying issue. When we boil it down, it looks like this:

People behaved inappropriately.

When it comes to operational risks, root causes, more often than not, have to do with human behaviours. If organisations are going to ‘do risk’ well they need to do so from the basis of a realistic appraisal of those behaviours.

Such an assessment might suggest that a fundamental part of human nature is to look for ways to game the system. When there’s a benefit to be had, someone, somewhere will look to take advantage sooner or later. The moral boundary will stop most of us from transgressing but, when it comes to a major prize, it’s not enough to simply trust that we’ll all behave ourselves.

Is this overly cynical? A bit too Theory X for comfort? Perhaps. But let’s not get carried away – I’m not suggesting that workplaces are populated with entirely untrustworthy scallywags who all need to be watched. At all times. Forever. Big Brother is to be avoided, I’m sure we all agree, and an enlightened management approach to empowerment in the workplace is no bad idea. But that enlightenment should extend to an adult conversation about human behaviour, temptation and the practical limitations of ‘trust’ as a control.

So, talking of trust, here’s an idea for a sort of litmus test to gauge the level of control required in a process: assess the work from the perspective of trust – what are we trusting our people to do and what happens if that trust is broken?

An uncomfortable conversation? Possibly, but it comes with the territory and if risks flow from human behaviours then the Risk discipline must find ways to meet that head on. If it means difficult conversations, so be it. The alternative is a future of mopping up.

Looking the wrong way – part 2

I’m beginning to think national scandals are on the way to becoming legitimate commodities, available to be traded on some sort of media-owned (Murdoch-owned?) ‘Scandal Market’. They could be priced according to the analyst’s ranking of key indicators, such as the ‘contractual bonuses paid to fat-cat overseers caught with their hands in the cookie jar index’, or the ‘double standards of the great-and-the-good gradient’. Factor in the number and seniority of ‘shocked’ politicians in damage limitation mode and, of course, the likely degree of public outrage, and we’ve got a winner.

Here in the UK we recently sidelined the Savile Scandal for the LIBOR Scandal before diving headlong into the Horsemeat Scandal, the purveyors of which were no doubt praying for another choice shocker to come along and divert public attention from their own miserable backtracking. They didn’t have long to wait: the resignation and public ‘apology’ of Cardinal O’Brien (part of the the ongoing Meta-Scandal that is the Catholic Church) stole the front page before you could say ‘inappropriate fumblings’.

Meanwhile, back at the LIBOR Ranch, giants of the banking industry have been telling us – in broad brush terms, naturally – of the changes required to ensure this sort of thing never happens again. Top of the fix-list: culture. Anyone familiar with the literature will know what an uphill climb that will be. While we’re waiting for this miracle, we’re informed that the current problems have been fixed and controls strengthened. The ripening whiff of ‘trust us’ once again lingers in the air.

Funnily enough I don’t buy it. Most people I speak to don’t buy it either. Here’s why:

From the perspective of operational risk, managing a process – such as LIBOR – follows an understood set of principles: in a nutshell, identify the critical business activities, understand the associated risks and take steps to control them.

The key is the first step: identify the critical activities. If this isn’t done, you’ll not be looking at the right things. If you’re not looking at the right things, you’ll not be controlling what needs to be controlled. This is what I think of as The First Rule of Why Bad Stuff Happens, which states: ‘bad stuff happens when we’re looking the wrong way’.

Were those LIBOR-guilty organisations looking the wrong way? I can’t say for sure, but it’s one possibility and, I would venture, quite likely.

The thing is, this widely publicised desire to address cultural issues – while laudable – is a bit too nebulous to get to the real fix and asks more questions than it answers. You could get away with this in the past when the principles of risk management and corporate governance were not so focussed. Today, something more concrete is required: a starting point might be to convince us that our organisations are looking the right way.

You’ll not be able to read this at the back

I love when things are explained with pictures. I used to think it was just me: school lessons, university lectures and business presentations all seemed pictorially light. Even a course on ‘Presentation Skills’ contented itself with delivering the old chestnut ‘a picture’s worth a thousand words’ – in words.

But it’s not just me. Everyone I know in the business world grumbles about poor slides in presentations. You know you’ve signed up to a yawn-fest when the presenter starts by apologising for his busy slide (‘You’ll not be able to read this at the back’, delivered with a we’ve-all-been-there-smile).

Why does this happen? Why would anyone present a slide that that simply isn’t fit for purpose? Stuck for time? Lazy? Perhaps. Just as likely is the idea that many people don’t think about the best way to get the message across.

Pictures can be powerful, especially when the relevance of the image isn’t always obvious, thereby providing an opportunity to engage the audience on another level: why is that aardvark on the screen? Where is she going with this? Maybe I should pay attention because a) I’m intrigued, and b) I might miss something.

For the Risk practitioner working directly with business teams, the challenge in embedding risk practices & culture is in translating high concepts into useable working expressions without diluting the value. That’s quite a trick when you’re trying to sell them on a mundane tool (Risk Register, Control Self Assessment, insert risk tool of your choice here). The solution, however, is not to give them information they can’t read.

Just to finish this one off, I thought I’d include one of my favourite slides. This one aims to make the point that a psychological dissonance tends to arise as a consequence of progression through the organisational hierarchy, such that the individual’s perception of their role and accountability are misaligned with the practical realities of business life.

Or, to put it another way:


Looking the wrong way – part 1

Let’s begin.

Last year I was asked if I believed that the moon landings really happened.

This is an interesting question, not from the perspective of whether or not NASA and the US government have perpetrated a massive hoax on the entire world, but rather from a concern with ‘belief’.

Here’s what I believe: a lot of people have bought into the view that the moon landings did not happen.

That’s a bold statement. Let’s dissect it. What do I mean by ‘a lot of people’? Well, some surveys put this number as high as 25% of the adult population in countries such as the USA, Great Britain and Russia. I’m not sure of how secure those numbers are, but it’s probably safe to say the actual number is big enough to make a variety of books and TV documentaries commercially viable.

And what do I mean by ‘bought into the view’? Well, for a small minority, that could mean they believe it with every fibre of their being. For the rest, it’s probably a passing curiosity, something to file away in the folder marked ‘Stuff They Don’t Want Us To Know About But, Hey, Whatcha Gonna Do?’.

Part of me hopes that this assessment is accurate; that, in the main, this belief isn’t held in the deeply mystical or religious sense, but rather a minor factoid that people employ to tell them how the world works – ‘They lied to us about going to the moon…what next?’ – before moving on to the next bit of celebrity gossip and beer nuts. Then again, there’s another part of me that suspects some people take this very seriously indeed.

Why does this matter? If several thousand people are mistaken about this what harm does it do? They’re entitled to their views.

Well, of course they are. The problem is that such spurious ideas (and moon-hoax stuff is spurious – I’m going to point you towards more sound thinking before we’re done) are numerous and get in the way of what matters. It’s a question of signal to noise and one of the real problems we have when it comes to living in an information-rich environment is how to dial out the noise and focus on the signal – on what really matters.

SG Collins puts it so much more eloquently in this excellent piece about why the evidence for a moon hoax is flawed:

In other words, bad stuff happens when we’re looking the wrong way.

Should we be concerned? Are people distracted by the noise? Do their beliefs, left unchallenged, get in the way of focussing on what matters? And do governments and corporations use this to their advantage?

Gee, I’d really love to answer those questions, but The Lottery’s just come on the telly….