At the conclusion of the 2014 FIFA World Cup matches in Brazil, I wrote an article about the complexity of the system used to qualify teams for play in the World Cup. Little did I know that the arcane system used to determine how teams accumulate points that establish who plays in the tournament was the tip of the iceberg of corruption in international soccer!
There are a few points in the article that point out that FIFA had a systemic problem with corruption. First, the system for selecting teams required an advanced degree in algebraic equations. Complexity is frequently a sign that something is amiss, symptomatic of either poor management controls or a façade of credibility. Ironically, the teams advance to the final championship games through these grueling mathematical gymnastics with grace and dignity, even though the choice of the final competitors who play for the World Cup may be drawn by lots thrown into a hat!
On June 2, 2015, Sepp Blatter, the 17-year president of FIFA, stepped down, just days after winning a new term to lead the scandal-ridden organization. FIFA has now joined the ranks of Tyco, Enron and many other institutions whose reputation and credibility has been ruined because of fraud and corruption.
Given the frequency and longevity of fraudulent behavior apparent in large institutions and the common practice of relegating fiduciary responsibility to staffers with little to no control in preventing and managing enterprise risk, it sure feels like senior executives are looking out for their own self-interest.
The lesson that I drew in the previous article is that complexity does not make a risk management program more effective. In fact, complexity prevents the real problems from bubbling to the surface because organizations are too buried in administrative minutia to have real conversations about the behaviors that lead to fraud and corruption.
Activity does not equal better outcomes! Have the risk management community and regulators who oversee large institutions become blind to real risk because of a focus on an impressive array of FIFA-like systems that hide the real problem? We pride ourselves on the three lines of defense and enterprise risk frameworks, but miss the real problem. Humans behaving badly!
James Bone’s career has spanned 29 years of management, financial services and regulatory compliance risk experience with Frito-Lay, Inc., Abbot Labs, Merrill Lynch, and Fidelity Investments. James founded Global Compliance Associates, LLC and TheGRCBlueBook in 2009 to consult with global professional services firms, private equity investors, and risk and compliance professionals seeking insights in governance, risk and compliance (“GRC”) leading practices and best in class vendors.
James is a frequent speaker at industry conferences and contributing writer for Compliance Week and Corporate Compliance Insights and serves as faculty presenter and independent consultant for several global consulting firms specializing in governance, risk and compliance, IT compliance and the GRC vendor market. James created TheGRCBlueBook.com to provide risk and compliance professionals with transparency into the GRC vendor marketplace by creating a forum for writing reviews on GRC products and sharing success stories on the risk practices that are most effective.
James is currently attending Harvard Extension School for a Master of Arts in Management with an emphasis in accounting and finance. James received an honorary PhD in Letters from Drury University in Springfield, Missouri and is a member of the Breech Business School Hall of Fame as well as the Missouri Sports Hall of Fame. Having graduated from the Boston University Graduate School of Education, James received his M.Ed. in Management and Organizational Design in 1997 and a Bachelor of Arts in Business Administration from Drury University in 1980.
