330 likes | 522 Views
The story of a man in a rowing boat trying to slow down an oil tanker. Paul Moore, Former Head of Regulatory Risk HBOS plc 9 th February 2010 Professional Risk Managers International Association. Agenda. BBC Newsnight clip 11 th February 2009 A bit about me
E N D
The story of a man in a rowing boat trying to slow down an oil tanker Paul Moore, Former Head of Regulatory Risk HBOS plc 9th February 2010 Professional Risk Managers International Association
Agenda • BBC Newsnight clip 11th February 2009 • A bit about me • A bit more about the whole story • The RiskMinds 2009 Risk Managers Survey key findings • Discussion – what have we learned and what should we do about it? • Some final thoughts - if we have time • Advice to those who speak up to “group think” – people who helped me • Personal observations on financial crisis
A bit about me • Barrister & one of UK’s leading risk, governance & regulatory specialists. • Over twenty four years experience in industry and professional services • 2007 - Today- Telecoms, Consultancy & Charity work. • 2005 – 2006 - Head of Compliance EMEA Marsh Ltd • 2002 - 2005 - Head of Group Regulatory Risk, HBOS • 1995 – 2002 - Partner KPMG, London • 1984 – 1994 – In house lawyer in financial services • Other – Joe Simpson, hang gliding, motorcycling, sailed across Pacific. • Risk management is not about not taking them! • F1 is less risky than angling!
A bit more about the HBOS story • Actually blew whistle twice – first time failed • Second time - Email to Danny Savage BBC News – 16th Sept 08 “I think that..the time may now have come when someone who has been there / done it / and wears the T shirt (“I was a Senior Risk & Compliance Officer who was fired for trying to slow down a bank”) speaks out again on what has gone wrong in the financial system and what needs to be done to make sure it does not happen again.” • Motivation was policy change not revenge or celebrity. • Money Programme – 30th October 2008 – rowing boat analogy.
Key points from my evidence • I gave initial evidence to UK Treasury Select Committee 10th Feb 09. • Key extracts from my evidence:- • Sales culture markedly out of balance with control systems. • Cultural indisposition to challenge • Sub-prime risks obvious to anyone. • Underlying cause inadequate separation and balance of powers. • Process, framework and structure without the right culture will fail. • Emperor’s new clothes, lemmings and pied pipers!
I reported that the sales culture was out of balance • “...I certainly knew that the bank was going too fast (and told them), had a cultural indisposition to challenge (and told them) and was a serious risk to financial stability...(and told them) • “I told the Board to slow down and ....that their sales culture was significantly out of balance with their systems and controls.” • “That ...very careful consideration should be given ...as to exactly what level of sales growth is achievable, given current capacity, without putting customers and colleagues at risk.”
Sub-prime risks • “..even non-bankers with no “credit risk management” expertise...would have known that there must have been a very high risk if you lend money to people who have no jobs, no provable income and no assets.... • You simply don’t need to be an economic rocket scientist or mathematical financial risk management specialist to know this. You just need common sense.
Inadequate separation and balance of powers • In simple terms this crisis was caused....because there has been a completely inadequate “separation” and “balance of powers” between the executive and all those accountable for overseeing their actions and “reining them in” • i.e. internal control functions such as finance, risk, compliance and internal audit, non-executive Chairmen and Directors, external auditors, The FSA, shareholders and politicians.
Process without the right culture will fail • The most important point I made:- • “There is no doubt that you can have the best governance processes in the world but if they are carried out in a culture of greed, unethical behaviour and indisposition to challenge, they will fail.
Emperor’s new clothes, lemmings & pied pipers! • To mix a few well known similes / metaphors / stories, the current financial crisis is a bit like the story of the Emperor’s new clothes. • Anyone whose eyes were not blinded by money, power and pride (Hubris) who really looked carefully knew there was something... • But sadly, no-one wanted or felt able to speak up for fear of stepping out of line with the rest of the lemmings who were busy organising themselves to run over the edge of the cliff behind the pied piper CEOs and executive teams that were being paid so much to play that tune and take them in that direction.
Some of the key evidence that supported my views • Head of Risk in Halifax...verbatim:- • "Leadership and focus on risk matters has had no priority....Sales are regarded as more important than anything else“ • “risk management not seen as a core business imperative or competence....and you know they are animals around here..” • “Whacker” (CF Dick Fuld, Lehman “Gorilla”) • Charles Dunstone - two stories • Reprimands by boss for raising cultural indisposition to challenge • Refusal to record proper minutes of Bd Mtg and tabling full report. • “Made redundant” by Crosby – on his own with no HR rep. • Replaced by sales manager appointed as Group Risk Director.....and
HBOS competence framework for top leaders? • Courage- Never backs away from an opportunity to demonstrate personal courage • Key behaviours • Taking courageous decisions even when they may result in criticism or unpopularity • Standing up for beliefs in the face of opposition from colleagues • Saying what needs to be said when others are hold back from expressing real feelings • Putting yourself on the line in taking responsibility for making tough decisions • Meeting colleagues in other work areas to talk openly and honestly about the real issues
What happened next? • Sir James Crosby resigned as Deputy Chair of FSA. • Crosby and FSA denied my allegations and relied on KPMG report • Brown, Cameron, Osborne, Vincent Cable called for investigation.... • I stood firm, confident and calm. I did countless media interviews. • FT story – “They would say that wouldn’t they?” • After vociferous denials by Crosby and FSA....Total silence! But no investigation.
Sunday Telegraph main story – 15th Feb 09 Sir James Crosby Me with the whistle!
Key conclusions of Treasury Select Committee / FSA • Failure of Management • ”Bankers have made an astonishing mess of the financial system.... • Banks have failed because those leading and managing them failed.” • Failure of risk management • “The current crisis has exposed significant shortcomings in the governance and risk management of regulated firms.”
Key conclusions of Treasury Select Committee / FSA • Failure of governance by non-executives • “[Banks’] corporate governance was often totally ineffective. The evidence shows that many non-executive directors failed to act as an effective check on, and challenge to, executive managers.” “..non-executive directors have operated as members of a ‘cosy club’” • “...the necessary challenge was missing from governance structures, in particular boards.... Evidence from the current crisis indicates that some NEDs have struggled to fulfil their role of providing strong independent oversight of the executive management.” • Failure of the supervisory system i.e. The FSA • But the FSA’s regulatory and supervisory approach, before the current crisis ...was not with hindsight aggressive enough... • “[this] was ...also [a failure] of the supervisory system”
RiskMinds 2009 Risk Managers Survey • 615 responses. • Independently analysed by Cranfield • The responses come from around the globe number as follows:- • UK – 43% • US/ Canada – 10% • Mainland EU – 14% • Rest of the world – 17% • 47% over 10 yrs experience; 30% senior managers. • Bankers 25%; asset managers 6.6%; insurance 11%; combination 20%; other sector 22%.
Key findings • Most important causes greed, remuneration, failures in risk management • Majority saw the crisis coming well in advance. • The risks were reported but the executive prioritised sales..... • Because they were paid to. • Cultures inhibited effective challenge....(i.e. unethical cultures)..... • Crisis not caused by global circumstances beyond anyone’s control • Big majority held executive accountable; not regulators or governments. • Not surprising as they said they saw the risks and reported them!
Culture (ethics) is most important area for change. • Capability of non-exec, regulators & line managers in risk is very low. • Focus for regulatory change should be:- • Global harmonisation, more prescription on credit and liquidity risk • More specific standards on effective risk management • Supervision of culture and ethics • Rigorous supervision of the effectiveness of internal risk management. • Higher calibre personnel in the regulators • Regulators should be accountable in law for their failures • There should have been a through enquiry to inform policy review.
Key lessons from my story and survey • The culture and values are the key – must be led from THE TOP • Openness, ethics and excellence not fear, blame and excessive pride. • Cultural disposition to challenge “group think” is key. • “Never confuse honest dissent with disloyal subversion” - Eisenhower • Introduce ethical decision making framework. Train everyone. • Each key document to contain - “Ethical considerations taken into account” • Rigorously & independently check their culture & ethics regularly • Note “Self serving statements without corroboration bear no weight” • Performance management system aligned to cultural requirement.
An interesting observation on culture • “Development is impossible without upright men and women, without financiers and politicians whose consciences are finely attuned to the requirements of the common good. • Both professional competence and moral consistency are necessary. • When technology is allowed to take over, the result is confusion between ends and means, such that the sole criterion for action in business is thought to be the maximization of profit, in politics the consolidation of power, and in science the findings of research.”
The people dimension • The people dimension is more important than structure and process:- • Much more competence, independence, integrity and diversity of non execs. • Risk management and compliance needs to be professionalised • Its not about forms & technical knowledge; its about ethics and excellence. • Higher calibre personnel advising on risk, compliance and internal audit. • Key non technical competencies are:- • Deep understandingof the business • Relationship management and influencing skills are key • Giving “confident & understandable advice & assurance”
Functional Profile Functional DNA Understanding the business Developing a deep understanding of our clients’ businesses, the risks they face and the needs of their stakeholders Managing relationships Establishing and maintaining relationships with clients so as to become their ‘trusted adviser’ Giving advice and assurance Providing clients with confident and understandable advice and assurance which demonstrates a passionate dedication to technical excellence Client focus Being passionately client focused in dealings with stakeholders Technical excellence Demonstrates technical excellence at all times in their own area of risk / compliance specialism Outstanding judgement Using a fine-tuned balance of all aspects of knowledge, experience and understanding to solve problems Creativity Exploring all options… thinking ‘out-of-the-box’; breaking new ground in exercising judgement Integrity and courage Demonstrating personal courage, independence and honesty in exercising judgement and giving advice – leading a culture of openness Competencies for risk & compliance professionals
Understanding the business Managing relationships Giving advice and assurance Demonstrates broad and deep understanding about general business issues and challenges Digs deep to obtain information and understanding about the business and markets of our clients Identifies and gathers information about the clients’ people and stakeholders; their perspectives, needs and expectations Understands the risks and appropriateness of the control framework within the businesses Gathers information from a variety of internal and external and/or new sources and puts it into context Understands issues and exercises judgement having regard to the businesses’ points of view Facilitates discussions and identifies common ground and differences to arrive at sustainable relationships Uses questioning & clarifying techniques to understand views, attitudes and requirements Establishes trust by enabling others to express their emotions and views and respects these Negotiates purposeful agreements that meet the needs of all stakeholders Continuously checks expectations and purpose and encourages ongoing participation to share the responsibility for risk Gains support for ideas from businesses & others by relating the benefits directly to their interests and needs Uses powers of persuasion rather than veto Uses a broad range of risk management knowledge, experience and tools to advise and assure the business Links information, knowledge and experience to form ideas so that an event, problem or issue is fully understood Steps back from a situation to see the ‘bigger picture’ Helps others to develop broader thinking and to consider the wider consequences of their requests or decisions Proposes and evaluates alternative solutions and different ways of solving a problem before making a decision Encourages others to generate and evaluate options and to explore different perspectives others have on these options By comparing options generates new and creative solutions to meet different situations Is visible and credible and demonstrates value; is clear about own position on issues and can clearly describe the services of the department to its stakeholders Inspires confidence in business colleagues and other stakeholders that risk is being identified and managed effectively Leadership & Competence Framework
Structure, process and framework • Points on structure, process & framework • If you want someone to do “A” pay them to do “A”. • A new lead non-executive accountable for “Oversight, Assurance and Ethics” • Control functions to report formally to this non-exec. • An annual risk based, detailed programme of oversight and assurance. • “Self serving statements without corroboration bear no weight” • Formal protections for risk, compliance & internal audit managers. • Better whistleblowing procedures for rest of staff see specific slide
Strategy • And, of course, the strategy must be aligned • Business models that focused on sales and growth to the exclusion of controls i.e. risk management, governance and compliance will lead to crisis. • And so.......................all elements must be aligned.
‘systems thinking’ – the key elements must align • STRATEGY • The road-map • Broad objectives • The overall context • CULTURE • Vision • Values / ethics • Management style • Operating principles • PEOPLE • Skills • Knowledge • Competence • Commitment Leadership • STRUCTURE • Architecture / framework • Functional analysis • Organisational design • Processes and controls
Advice to those who speak up to “group think” • “We only grow by taking risks, and the most difficult risk of all is to be honest with ourselves and others. Rick Warren • You get transformed by trouble” Rick Warren • “Well, If I lose my reputation, at least that will be one less thing for me to worry about” Blessed Mother Theresa • “The truth will set you free” Jesus
Some personal observations on the financial crisis • Our leaders are the high priests of Mammon & Me:- • Me, more, now. Lend, lend, lend; buy, buy, buy. • “Take the waiting out of the wanting” • “You’re worth it” • In this mess there is a message of Hope. • Money itself is not the problem. The love of money is the problem. • Move from GDP (GmeP!) to GQualityP (GyouP!) • Politics should not about left or right but about right or wrong. • Private funding of political parties gives the rich and powerful too much say.