No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

John Bell Hood and the Measurement of Conduct Risk

by Thomas Fox
July 23, 2014
in Risk
John Bell Hood and the Measurement of Conduct Risk

This article was republished with permission from Tom Fox’s FCPA Compliance and Ethics Blog.

Readers of this blog know I am huge Civil War buff. Growing up in Texas, I only focused on the Southern side as a youngster and while this led to a sometime myopic view of events, in my mid-20s when I did begin to study the Northern side of the war – because I had never seriously studied from that perspective – an entire panorama opened up for me.

One thing that never changed however, was the disaster that befell the South from the appointment of John Bell Hood to commander of the Army of Tennessee, which opposed General Sherman’s advance into Georgia since his stunning defeat of the Confederate forces at Chattanooga and later Lookout Mountain in Tennessee in late 1863. On this day 150 years ago, Confederate President Jefferson Davis replaced General Joseph Johnston with John Bell Hood as commander of the Army of Tennessee. Davis, impatient with Johnston’s defensive strategy in the Atlanta campaign, felt that Hood stood a better chance of saving Atlanta from the forces of Union General William T. Sherman. President Davis selected Hood for his reputation as a fighting general, in contrast to Johnston’s cautious nature. Hood did what Davis wanted and quickly attacked Sherman at Peachtree Creek on July 20, but with disastrous results. Hood attacked two more times, losing both and destroying his army’s offensive capabilities. Over the next two weeks in 1864, Hood’s actions not only led to President Abraham Lincoln’s re-election but spelled, once and for all, the doom of the Confederacy.

I thought about the risks of appointing Hood to command when I read a recent article in Compliance Week magazine by Carol Switzer, co-founder and President of the Open Compliance and Ethics Group (OCEG), entitled “A Strategic Approach to Conduct Risk.” Her article was accompanied by an entry in the OCEG Illustrated Series entitled “Managing Conduct Risk in the GRC Context,” and she also presented thoughts from a round-table that included John Brown, Managing Principal, Risk Segment, Financial and Risk Division at Thompson Reuters; Tom Harper, Executive Vice President-General Auditor, Federal Home Loan of Chicago and Dr. Roger Miles, Behavioral Risk Lead, Thompson Reuters.

In her article, Switzer pointed to the “ill-advised risk taking” which led to the near-collapse of the financial sector as the genesis for the creation of the UK’s new Financial Conduct Authority (FCA). But she also noted that conduct risk is something that exists in industries far afield from the financial sector where “sales schemes driven by inappropriate incentive plans and outlandish short-term objectives” can cause severe financial consequences to an organization. As an example of the need for change in the financial sector, Switzer quoted Clive Adamson, FCA Director of Supervision, on the need to address conduct risk: “achieving an effective conduct- or customer-focused culture is challenging for firms, particularly for those whose focus has been primarily on profitability and shareholder returns. … From what we see, there are key drivers that set and re-enforce this conduct-focused culture, with the most important being clear and ongoing leadership from the top of the organization, constant re-enforcement, hiring practices, incentive structures, effective performance management and penalties for not doing the right thing, all of which should set the tone for a framework for decision making on a day-by-day basis.”

Switzer continued, “throughout his speech and other materials published by the FCA, there is a theme that returns over and over again to integrity, leadership, culture, the concept of controls over conduct and strong risk management—all tied to an outcome of business success. What is this? It is a vision of principled performance—a point of view and approach to business that enables organizations to reliably achieve objectives while addressing uncertainty and acting with integrity. And it is refreshing to see leaders (and in some cases past wrongdoers) in the financial sector rising to the occasion and establishing a principled performance approach to conduct risk, even though they may not yet call it that.”

Harper described conduct risk as follows: “conduct risk embodies elements of the risks that we have been discussing over the past few years, including not only operational and compliance risk, but also reputational risk and tone-at-the-top. The idea that organizations need to ‘do the right thing’ and balance the immediate pressure of short-term growth and revenue along with meeting the aspirations of equity holders and managers is not new. In the past, conduct risk was primarily mitigated by the long-term focus on the goals of the organization of the Board and management.”

In the Illustrated Series piece included with the article, Switzer set out four principles for managing conduct risk. These principles are an excellent starting point for the Foreign Corrupt Practices Act (FCPA), UK Bribery Act or other anti-corruption compliance practitioner in that it can be used to evaluate, assess and manage conduct risk in such a context.

Assess Conduct Risks

Miles stated that “the idea of benchmarking ‘conduct’ as a basis for business, or life in general, is actually of course a very old one. Constraints on behavior are exactly the right direction to go in, though it’s not yet clear how these will be framed, let alone policed. Now with the FCA’s new Risk Outlook 2014, there’s a big step forward. They have a deep commitment to sharing understanding about how various elements of behavior feed through into good and bad product design, into selling or mis-selling.” Based on this, Switzer believes that you should first identify potential conduct risks in your business. After such identification, you should conduct a risk and control assessment. From this measure, you can best determine the level of inherent and residual risk. Finally, you should carry out an emerging risk workshop to develop a more complete risk profile.

Establish Risk Appetite

Brown pointed toward the increased complexity in financial institutions as a key problem. As part of the solution, Switzer writes that the first step is to connect the risks, controls and other framework elements to your company’s organization chart. From there, you should determine risk capacity, your company’s current risk profile and its risk appetite. Next you should measure your risk appetite adherence. Finally, you will need to align your risk appetite with your company’s risk governance framework.

Measure and Monitor 

Here, Switzer suggests that there be a detailed collection of information on any issues associated with risk events. It is important that from that point, you begin to track key risk indicators. Miles noted that “managing risks due to behaviors and cultures requires a deep understanding of psychological drivers and developing programs to modify those drivers,” as such measurements would allow your company to begin to move from simple detection and prevention to predictive controls through the use of behavioral and analytical modeling. Finally, you could use the above information to perform scenario analysis on emerging risks.

Communicate and Manage

Switzer advocates that you communicate and train your company’s employees on your organization’s risk culture. You should also work to ensure that employees have accepted their risk conduct appetite metrics. Brown said, “behavioral drivers will vary around the world based on societal culture. I’ll focus on what might be appropriate for U.S.-based organizations. Most people operate to maximize their personal return, so compensation structures are an obvious avenue to modify conduct. If my bonus or equity compensation is based on specific targets, such as new accounts, loans written or customer satisfaction index, I will try to maximize those targets.” This is why you should continue to collect all key data about conduct risk in one data repository. Finally, you should also continue to provide reports and analyses on conduct risk to key stakeholders and regulators, if required.

Switzer ended her article with the following quote from Gary Kasparov: “think about it: after just three opening moves by a chess player, more than nine million positions are possible. And that’s when only two players are involved in the game. Now imagine all the possibilities faced by companies with a whole host of corporations responding to their new strategies, pricing and products. The unpredictability is almost unimaginable.” To this she added, “this couldn’t be truer than when facing the myriad challenges presented under the umbrella concern of conduct risk. Masterful strategic planning and execution is essential to stay in the game and win.”

The risks that General Hood was willing to engage in were catastrophic for his army and the Confederacy. If Jefferson Davis had used a risk conduct analysis to think through the effects of elevating Hood to command of the Army of Tennessee the results might have been very different for all involved. Switzer’s article provides a valuable tool for the compliance practitioner to bring to bear on specific conduct that could put a company at risk.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business advice, legal advice or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The author gives his permission to link, post, distribute or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.


Previous Post

LRN 306 – Planning Ahead: Building Strong Ethics & Compliance Programs for the Future

Next Post

Using Behavior Change Science To Dramatically Increase the Effectiveness of Your Compliance Program

Thomas Fox

Thomas Fox

Thomas Fox has practiced law in Houston for 25 years. He is now assisting companies with FCPA compliance, risk management and international transactions. He was most recently the General Counsel at Drilling Controls, Inc., a worldwide oilfield manufacturing and service company. He was previously Division Counsel with Halliburton Energy Services, Inc. where he supported Halliburton’s software division and its downhole division, which included the logging, directional drilling and drill bit business units. Tom attended undergraduate school at the University of Texas, graduate school at Michigan State University and law school at the University of Michigan. Tom writes and speaks nationally and internationally on a wide variety of topics, ranging from FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets. Thomas Fox can be contacted via email at tfox@tfoxlaw.com or through his website www.tfoxlaw.com. Follow this link to see all of his articles.

Related Posts

business person diving for answers

Diving Into the Deep End of ESG Reporting? Do You Even Know How to Get to the Pool?

by FTI Consulting
June 24, 2022

Companies are eager to establish their ESG programs, and it’s not hard to understand why. But as a trio of...

Stericycle FCPA Enforcement Action

Stericycle FCPA Enforcement Action

by Corporate Compliance Insights
June 23, 2022

Tom Fox dives into the details of Stericycle’s multinational bribery scheme in Latin America that landed the company millions of...

Ethisphere Launches The Sphere to Provide On-Demand Ethics and Compliance Benchmark Analysis

Ethisphere Launches The Sphere to Provide On-Demand Ethics and Compliance Benchmark Analysis

by Corporate Compliance Insights
June 23, 2022

Business ethics think-tank Ethisphere has launched a new product that aims to enable ethics and compliance leaders to efficiently benchmark...

Never the Same: 5 Ways Russia’s Invasion of Ukraine Will Impact Business Forever

Never the Same: 5 Ways Russia’s Invasion of Ukraine Will Impact Business Forever

by Thomas Fox
June 23, 2022

Tom Fox’s musings on the war following a recent chat with Exiger CEO Brandon Daniels; the pair discuss the ways...

Next Post

Using Behavior Change Science To Dramatically Increase the Effectiveness of Your Compliance Program

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance Decision-Making DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring Ransomware RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT