Do regulators and risk managers focus too much on the metrics of risk at the expense of focusing on the people they need to influence? Troublesome staff may seem blind to risk and compliance issues but are risk managers similarly myopic? Are they failing to recognise important individual differences in Risk Type that will impact on risk perception, risk behaviour and on the effectiveness of compliance frameworks?

The representations of ‘people’ as chess-set pawns or as matchstick figures in presentation slides and compliance literature gives the unfortunate impression that ‘people’ are an undifferentiated herd to be funnelled through the innumerable organisational flow-charts. The reality is that risk disposition is a defining aspect of personality. It is every bit as variable as the risks people have to cope with. This is true of the population as a whole and of any work force.

The Objective
Our proposed approach to Risk Management has the following aims:

1. To align compliance agendas of the board, risk management and employees
2. To foster pro-active personal responsibility
3. To energise communication and co-operation as drivers of Risk Culture
4. To highlight measurable personality differences that impact on compliance
5. To open up the personal development route to improved compliance
6. To identify and address person specific compliance challenges
7. To respect the diversity of Risk Type contributions and harness commitment
8. To broaden risk awareness through a shared new ‘person centric’ vocabulary

The Challenge
In spite of many decades of regulation of the financial sector and of workplace safety, we are still struggling for solutions. It seems that in many sectors, from banking and finance to heavy industry, there is frequently a tension between those who regulate and those who deliver, and even a whiff of hostility. On the risk management side of the fence, there is despair at the inability of staff to adhere to the regime demanded by regulators and legislators. From the other side of the fence there is cynicism about the inflexibility of the compliance brigade, their rigid intolerance of even minor discretionary acts, and their apparent inability to take personal responsibility in sanctioning procedural variations that appear perfectly sensible to everyone else; an issue of systemic defensive decision making.

At the core of this cameo of strained working relationships is a moral conviction about what ought to happen; what people should do. The view is that, ‘We have a code of behaviour designed to prevent accidents and staff have a responsibility to comply with it’. Compliance and risk awareness training is designed to support this directive. Since the policy is there to protect people, the virtuous position is that of the risk managers and regulators. Ipso facto, anyone wilful enough to break the rules is an opponent of virtue – ‘one of the bad guys’. It’s a simple black and white issue.

Micro-managed in this way, the deliverers may feel frustrated by rules that make tasks more difficult and procedures that interfere with productivity and profitability. No matter how experienced or how skilled an individual may be, no personal discretion is permitted; everyone is choreographed to perform in the same way. To those who share the compliance mind set, this is all just as it ought to be, to others it feels like a particularly uncomfortable straight jacket. No need for common sense, no place for ingenuity; a world in which blind obedience replaces personal responsibility and where there is no recognised personal development other than even more obedience. There is no real dialogue because, in this ‘mother knows best’ approach, nothing is really negotiable.

The consequence of all this is that relationships are strained and trust and co-operation go out of the window. Whether in terms of FCA transgressions or industrial accident rates, risk management problems prove to be stubbornly resilient. For all the gains achieved by the regulatory approach, there is still a residual rump that just doesn’t respond.

A Different Agenda
The dialogue about ‘risk’ has to change. The debate has been unbalanced, largely because no coherent contribution to that discussion has been made from the Human Factor perspective. Globally consensual personality research changes all that. The identification of distinctly different risk personalities, or Risk Types, gives an important new shape to the debate. Removing the stigma of the ‘all risk is bad’ mantra will also contribute to a more constructive and optimistic risk management agenda. We have to recognise that all enterprise, and indeed all survival, depends on taking enough risk.

THE NEW RISK AGENDA

Of course, in reality, this was always the agenda, but the activity has been almost entirely in the shaded lower left quadrant.

A New Approach
Not many applicants for a job at the drill head on a North Sea oil platform will be of a prudent and cautious disposition. The reality is that the individuals willing to take on the most extreme, physically demanding and risky operational roles are, in personality terms, likely to be from a different planet than the typical risk manager. Of course, this is a huge generalisation, but we have enough data on Risk Type from many different roles and professions to be confident that it is also a realistic and important perspective. Whether it is because they are too creative, spontaneous, fearless or imperturbable, those operating on the frontiers of risk are unlikely to be the most placid, conservative, vigilent or routine loving individuals.

People are fundamentally different in their disposition towards risk. Yes, we do all have ‘free will’, but we also each have our own distinctive risk bias. This bias is deeply rooted in our emotional and rational nature and it predisposes us to perceive risk, respond to risk and take risks in different ways. The Risk Type Compass® maps these individual variations onto a continuous 360o spectrum within which each of us has our place. That spectrum has been segmented to enable the differentiation of eight distinctive Risk Types.

Risk Type puts a handle on Human Factor risk and brings it into the realm of objective measurement. As Peter Drucker famously pointed out, “If you can’t measure it, you can’t manage it”. Risk Type adds a crucial new component to the Risk Management tool kit and brings a sensible balance to the ‘command and control’ approach of regulation.

This in no way changes the aim of steering towards responsible financial management and safe working practices. Whether in terms of financial ethics, quality control or making the work environment safer, the objectives remain the same. The changes are in the approach, the relationships, the collaboration, the motivation and the language; the building blocks for a change in culture.