Yesterday, we outlined four attitudes which the Cultural Theory of Risk advances as a fundamental classification. Today, I want to look at what that classification suggests organizationally.
David Ingram suggests (1) that you find
Individualists in Sales/Underwriting/Trading. They tend to be paid with a high proportion of incentives or bonuses. They prefer to get paid for what value that they bring to the firm. They will frequently argue with the nit pickers and bean counters about how good the deals that they do will be for the company.
Fatalists in Operations and IT. Their priorities are frequently changed without their knowledge. Many firms tend to value the flexibility of Fatalists who do not expect things to stay steady and predictable anyway. Fatalists in a firm are quite happy with a job where they do not know in advance what they will be doing from day to day. You probably want a Fatalist on your help desk.
Egalitarians in Compliance, Internal Audit, ALM and some CFO and Legal functions.
Egalitarians will tend to keep to themselves within the firm and have few connections with the other areas. They tend to think that the company is going into decline, but that their department is run well and things would be much better if people just listened to their group more.
Authoritarians populate the risk management area and are commonly CFOs. When there is an Authoritarian CEO or powerful authoritarian senior administrative officer, the firm will usually have a very organized planning process with regular update to short and long-term plans. The emphasis of Authoritarians in management will be to set goals and measure progress against those goals.
Now, if we read this as a broad tendency rather than a prescription, I think he has a point. Certainly the CFOs I have known tend to be authoritarian (sometimes sufficiently so as to be to the detriment of their firms), and you certainly want someone who believes in fairness and the rule of law in compliance. Where I think Ingram goes wrong, though, is in a statement that he gives emphatically
Enterprise Risk Management is clearly an Authoritarian risk perception
It can be, but it does not need to be. Risk managment infrastructure should be a decision making aid, no more. At its best, it provides good information – quantitative and judgemental – which allows management to decide on which risks to take and which to hedge.
If objective risk measures are used in a purely authoritarian way, two things happen. First, the firm will miss out on opportunities that don’t look good according to the particularly risk framework. Individualists will see this, and some will leave in frustration. Second, other sneakier individualists will try to game the system. Sometimes they will succeed, and that can lead to disaster.
Firms with better risk management implicitly understand this. Their risk philosophy is a blend of egalitarian (let’s create a fair risk framework, including human decision judgement) and fatalist (how are those bastards trying to screw with me today?). Yes, sometimes you need an authoritarian to say ‘no, you can’t go over your risk limit’. But if that is all you have, you are in trouble; although perhaps slightly less trouble than if risk management is run by a bunch of fatalists (2). Risk management, as with so many other things, is better with if it has more cultural diversity.
(1) His discussion is based on insurers; I have adapated it slightly to be more bank-relevant.
(2) There is a school of thought that risk managers are simply short out of the money puts on the P/L, and that their aim in life is to be employed long enough to collect sufficient premium. This is an essentially fatalist view of the role (which is not entirely without basis).