Change Mindsets, Embed Risk Awareness
Robust risk management frameworks and stricter controls are simply not enough. Today’s complex risk landscape calls for a holistic effort. A strong risk culture is needed to foster enterprise-wide behaviours that proactively contribute to risk management.
How do you measure risk culture?
How do you demonstrate tone at the top?
Can you engage managers to take ownership of risks?
Can you increase risk awareness among staff at all levels?
Acquire Practical Approaches to Cultivate a Risk-Intelligent Culture
Join this 1-day dynamic workshop to adopt a practical framework and initiatives to effectively strengthen risk culture. Understand common cultural drivers and root causes of risk-related events. Assess the strengths and limitations of different risk culture measurement techniques. Find out how to improve risk culture using tone, accountability, capability, reinforcement and enablement. Learn how risk, compliance, human resources, internal audit and operations divisions can work together to embed a sound risk culture.
- Led by Grant MacKinnon, who led a global Risk Culture centre of expertise for a Big 4 firm
- Case studies from financial services, manufacturing, energy, aerospace industries
- Best practices and pitfalls to avoid from organisations with successful implementations
- Group discussions based on real-life case study scenarios
Benefits of Attending
- Define risk culture and build on lessons learnt from Safety Culture
- Assess risk culture using different techniques – from basic to advanced
- Identify drivers of behaviour for targeted and impactful change initiatives
- Report and communicate findings to get buy-in for behaviour change
- Demonstrate tone from the top: values, strategy and appetite, objectives
- Build staff capability through training, development, knowledge management
- Instill accountability through governance, interactions, collaboration, transparency
- Adopt reinforcement strategies: performance, rewards, consequences, talent programmes
- Examine indicators for enablement: capacity, policies, processes, technology, quality
- Learn how to monitor and measure the impact of culture change initiatives
- Make it easy for employees to provide feedback to address areas of concern
- Help leaders ‘connect the dots’ across different sources of risk and culture information
- Define roles and responsibilities across departments to monitor and change risk culture
Grant is an internationally recognised risk culture specialist, having previously led a global centre of expertise for Deloitte serving clients across Asia Pacific, Europe, and the Americas.
For the past decade he has worked with some of the world’s largest and most respected companies to design and implement risk culture assessment methodologies, deliver comprehensive assessment programmes, and design/implement programmes to strengthen organisational resilience.
His work centres on the identification and redress of culture-related vulnerabilities (or organisational ‘design flaws’) that may result in reputational damage, unsustainable risk exposure, risk-aversion or other undesirable outcomes.
He has worked across a number of industry sectors including the government, airlines, transportation, media, utilities/resources, venture capital and the financial services (retail banking, global markets, institutional, investment banking, wealth, insurance).
• Global Banking and Securities Organisations (Europe, North America, Asia Pacific)
• Wealth Management (UK, Australia)
• Global Insurers (Europe, Americas, Asia Pacific)
• Real Estate and Construction (Australia)
• Venture Capital (Europe, Middle East, South America)
• Manufacturing (Japan)
• Central Government (Australia)
Who Should Attend
Senior level executives responsible for Risk Management, Internal Audit, Compliance, Governance
Registration: 8.30am • Workshop: 9.00am – 5.00pm
Morning, afternoon refreshments & lunch will be served at appropriate intervals.
Session 1: Defining (Risk) Culture
This session introduces the practical definitions and concepts that help to define risk culture and get management buy-in for a focus on risk culture. We will focus on publicly available industry examples where culture has played a key role in events that have caused harm, covering case studies from aerospace, financial services, manufacturing and energy/resources sectors.
- Explore case studies from across different industries that highlight the role culture plays in risk-related incidents or reputation-damaging events
- Understand common cultural drivers and root causes of risk-related events
- Practical frameworks to define risk culture, building on lessons learnt from Safety Culture
Session 2: Assessing Culture and Drivers of Behaviour
In this session, we will demonstrate different techniques used for understanding risk culture including surveys, focus groups, interviews (and potentially others) so that delegates can experience first-hand some of the strengths and limitations of different approaches and consider ways to address some of these limitations. For example, focus groups are susceptible to a number of group-related biases so we will explore ways to mitigate the impact of some of these biases (like Group-Think).
- How to assess risk culture using different approaches and techniques (from basic through to advanced)
- Experience different assessment approaches and techniques
- Understand strengths, pitfalls and lessons learnt from different measurement and assessment approaches
- Identify drivers of behaviour so that change initiatives are targeted and impactful
- Reporting and communicating findings to get buy-in for change
Session 3: Strengthening Culture to Improve Risk Management, Conduct and Compliance
In this session, we will focus on a couple of example programmes that can be used to strengthen risk culture.
- Building a sound risk culture and the importance of acting on culture concerns
- Introduce a practical framework and suggested initiatives that can improve risk culture:
- Tone: Purpose/values, strategy and appetite, objectives, leadership
- Accountability: Roles and responsibilities, governance, interactions, collaboration, transparency
- Capability: Training, development, knowledge management
- Case Study: Leader-led change initiatives and building risk awareness
- This case study explores the importance of leaders setting and reinforcing the importance of risk management, conduct and compliance for their teams. We will explore two examples of leader-led programmes; using case study and scenario-based programmes that focus on decision making (and the consideration of risks, including reputation, through the decision-making process) and awareness programmes that allow leaders to role-model the importance of understanding and evidencing regulatory requirements (in this case, anti-money laundering).
- Reinforcement: Performance, rewards, consequences, culture and talent programmes
- Enablement: Capacity, policies, processes and procedures, technology, quality
- Case Study: Unintended consequences of culture change initiatives
- In this case study, we will explore how organisations responded to regulatory change to address a concern that staff were experiencing undue sales pressure in retail banking environments and potentially selling products to customers that were not suitable. The changes included new balanced scorecards that focused on customer needs instead of sales and removal of individual sales-based remuneration incentives. Yet, more than a year after the implementation of these changes, staff continued to experience sales pressure – but from where?
- Monitoring and measuring the impact of culture change initiatives
Session 4: Working Together Across the Organisation to Strengthen Risk Culture
In the last session, we will look at ways that organisations have successfully implemented approaches to understand risk culture. We will be looking at a number of different examples of what has worked (and what has not worked) rather than one ‘best practice’ organisation as what may work in one business may not work in another. We will also examine how risk, compliance, human resources, internal audit and operations divisions can work together to build and embed a sound risk culture.
- Making it easy for employees to provide feedback and see areas of concern get addressed
- Helping leaders to ‘connect the dots’ across different sources of risk and culture information
- Establishing roles and responsibilities across different departments to understand, monitor and change risk culture
- Successful implementation approaches