Filed in archive
risk
by leon on January 19, 2008

In the past, I have written about how to build a resilient organization. The problem with risk management in many organizations is that they don't know how to pull it all together and incorporate it into a strategy, instead of keeping as a separate add on that's left lying around in case something goes wrong.
There are signs that this might be changing.
At the end of last year, the GARP Risk Review ran a piece on the evolution of senior risk officers changing from compliance specialists into experts on governance, capital allocation, data management, internal reporting and group-level budgeting and planning.
Sean Lyons, a principal of Risk-Intelligence-Security-Control (R.I.S.C.) International, outlines what companies need to do in his piece An introduction to corporate defense management.
According to Lyons, companies need to develop a "cybernetic loop" to bring it all together. Lyons doesn't nut out specifically what this loop should look like or how to do it, but he does give us a picture of a comprehensive system that incorporates everything from corporate governance to physical security, one that's capable of anticipating, preventing, detecting and reacting. Still, with unexpected events like a 9/11, SARS outbreak or Hurricane Katrina, it's not foolproof. But it's better to have a system like this than not.
Permalink: Corporate defense
Trackback: http://publish.creative-weblogging.com/publish/mt-tb.pl/109141
Mr Wong
Vote for Corporate defense:
|
Rating: 9.00 out of 3 vote(s) cast.
|
Response from:
Sean Lyons
(01/28/08 9:16pm)
Subscribe
Use the search to look for other interesting posts
| RSS | See all blog subscribe options |
|
What is RSS? | |
| Yahoo! |
|
| Addthis |
|
| Bloglines |
|
| Newsletter | |
| Follow us on Twitter! |
















The recent rogue trader scandal at Société Générale and the fallout from attempts to mitigate these exposures simply serve as a wake-up call for the banking world. It represents an important reminder of the requirement to have a robust corporate defense program in place in major financial institutions. Now that former trader Jérôme Kerviel is in police custody, it will be interesting to see the extent to which post mortem investigations will identify deficiencies in the overall corporate defense program at Société Générale. Given the issues which have already come to light, it would appear that there are serious questions to be answered in relation to aspects of the bank’s corporate governance, risk management, internal controls and assurance frameworks. There also there appears to be serious question marks over the bank’s approach to compliance, security, intelligence and resilience issues. The big question is of course not just what went wrong but also what lessons, if any, will be learned from these investigations and what steps need to be taken to prevent such a devastating event occurring in other financial institutions.