Beyond the Risk Register: engendering a risk-aware culture

Date: On a date of your choice
Location: Delivered as an interactive briefing
Event Code: BRR

Course Details

Regulators and activist investors are using recent advances in behavioural science to demand that public companies to give ‘better answers’ to control challenges.  These include looking again at how the Board determines what is ‘acceptable’ conduct in protecting a commercial interest; and making each Director criminally liable for allowing any form of ‘customer detriment’.

A new wave of cyber threat is rising meanwhile, as hackers use skilful mapping of your staff’s behaviour to mount ‘social engineering’ attacks, rendering conventional IT defences (such as firewalls) almost useless.

This unique event demonstrates how a properly ‘risk-aware’ Board can respond to all of these varied disruptions with a simple change of focus, transforming the efficacy of risk governance.  Since all staff engage in risk-taking, they all have a stake in collective management of risk.

Over time, every one of them can put new insights to work: strengthening the first line of defence, giving earlier warning of strategic risk and uncertainty, averting disruptive challenges, and increasing the Board’s central capacity for sensing risk. Sharing private insights from many years of Board-level risk research, Dr Roger Miles will show how Boards can lead the way in harnessing hidden resources to engage all staff in ‘working risk-aware’, for a more productive and resilient business.  

The agenda

1. Why conventional control systems fail - why today’s approach doesn’t work

  • Regulators’ poorly conceived early attempts to control behavioural risk
  • Where modern regulators get their agendas from
  • Costs and other impacts of “bad behaviour”
  • Why most businesses are looking in the wrong place for cyber risk
  • Conventional wisdom and the perverse incentives created by a “no surprises” approach that excludes uncertainty
  • Which of these claims is true?: (1) More detailed risk data reports improve decision-making; (2) Balanced Scorecards and KPIs improve risk culture; (3) Government and regulatory “crackdowns” improve conduct; (4) Impact Assessments make legislators design control interventions more carefully
  • Real-world case study behavioural research returns the clear answer: NONE OF THE ABOVE. What are we to do, now we know this?

2. What ‘risk-aware working’ is; how to identify and manage behavioural risk

  • How behavioural research findings recognized the limits of rationality in decision-making; identifying various forms of bias that contribute to ‘reframing’ and that compromise rational decision-making
  • How new methods are now emerging to assess, monitor and adjust for behavioural effects
  • Five ways that we may inadvertently switch any stakeholder from normal tolerance of risk into an intolerant / challenging / hostile stance.  How to anticipate and avoid such switching.
  • How identifying and managing behavioural risk allows you to protect business value and lower cost of capital
  • As a leader, how to overcome your reliance on econometric models, MI reports and IT systems. Which preconceptions you can change, for your organization to perceive risk more clearly and manage it more robustly.

3. Using alternative forms of risk insight to overcome the regulatory and behavioural hazards to your business

  • Getting past three big fallacies: econometrics, rational actor, expert view
  • Cyber risk: the new behavioural threat frontier
  • Separating risk from uncertainty; the different ways to engage with each of these aspects
  • Three types of risk conversation and why we must sustain all three
  • How to introduce more powerful, behaviour-based predictors of risk hotspots: what a “behavioural lens” reveals, that the conventional risk picture doesn’t  reveal

4. Putting this to work: adding business value by promoting a culture of risk-aware working

  • What stakeholders are now looking for in firms: the new common ground between regulators, customers and investors
  • Release value by allowing and encouraging everyone to “work risk-aware". Curing risk-reporting diarrhoea (checklist-vision, data dumps and ritual audits):  Getting everyone to see routinely beyond recorded, systemically controlled risks
  • The benefits of keeping pace with a moving target: consumers’ subjective sense-making of risk.  How to achieve this; where to look.
  • Embodying the Board Director’s function of challenging accustomed behaviour, leading a culture that properly values risk-awareness

Key Benefits

  • Understand and limit your personal liability, as regulators look more closely at individual Directors in banking, insurance and asset management.
  • Find out where your firm stands on a scale of risk-aware working, from fully competent to ‘box-ticking’, and how the whole organisation benefits from engaging the risk-sensing capacity of all staff.
  • Value the difference between simply reading MI and engaging a higher intuitive level of judgement – as any good Board would wish to do.
  • Identify the shortcomings of conventional risk assessments; how to avoid letting these limit the vision of Board decisions on risk; and to bring the Board to a deeper understanding of many forms of risk.
  • Dispel false assumptions that Boards and regulators make about risk culture initiatives; which forms of intervention work and which should you avoid?
  • Learn from case examples of others’ successes and failures; what actions should Boards take to demonstrate their grasp of behavioural risks to their business?

Your Consultant:  Dr Roger Miles

Dr Miles leads forum groups for the CRO and Conduct principals of many regulated financial firms at UK Finance, where he heads Conduct and Culture indicator research across the sector.

He regularly debriefs with leaders of UKF’s 300+ member organisations on their progress with ‘dashboarding’ behavioural risk factors, guiding as to how to set up indicators to ensure best practice in modern governance of risk.

He also lectures on risk perception and behavioural regulation (Cambridge University; UK Defence Academy; London Institute of Banking and Finance).  His latest book is Conduct Risk Management: A behavioural approach (Kogan Page, 2017).




Download our brochure


Keep Up To Date

Subscribe to our newsletter,

Board Matters