So, what else is new?


I laughed like a drain when I heard about Paul Moore, the Cassandra of HBOS. All the breathless media coverage in the UK - oh my goodness, nobody on the board or in senior management listened to the risk manager, how could that be? - veered from the ridiculous to the sublime.

Most operational risk managers have had to cope with this collective deafness at the top of their organisations for years. At a panel discussion last November, 'Delivering GRC to the board' (posted on the OR&C website), participants talked about their frustration with the way reports get 'cleansed' before they are passed on up the organisation. The consensus seemed to be that board reports about risk management are pretty sanitised.

Nobody wants to deliver bad news. Let's be honest - whistleblowers are inevitably portrayed as noble but slightly nutty. Paul Moore himself was treated to some fairly robust spin and insinuation in the media. People who point out problems are branded 'difficult personalities' who 'aren't team players' and 'didn't get along with their colleagues'.

Again, hearty laughter from this quarter. Of course these attributes apply to most whistleblowers. In the environment for truth-telling that existed up until now, who but someone that was very individualistic and not afraid of being isolated by their colleagues would even bother to point out potential problems? Most of the time, if the whistleblower isn't pushed out of the organisation, they know they will have to jump when they do speak their mind.

In a perfect world, these individualists who don't quite fit in to corporate politics would be seen as valuable additions to the corporate mix of personalities and valued for their insights. Concerns about the way businesses are being run or the way individuals are behaving would be swiftly passed up the organisational communication chain, heard by management and the board with interest, and acted upon.

This is really the place that financial institutions need to strive to get to. Certainly, there are technology tools out there that can help firms achieve better communication and more transparency regarding the risks they face. But at the end of the day, all technology can be fiddled with to produce the desired result. It's the organisations themselves that need to change - from the tone at the top all the way through to the front line. Speaking out needs to be visibly rewarded - creativity and perception must be nurtured.

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact or view our subscription options here:

You are currently unable to copy this content. Please contact to find out more.

Financial crime and compliance50 2024

The detailed analysis for the Financial crime and compliance50 considers firms’ technological advances and strategic direction to provide a complete view of how market leaders are driving transformation in this sector

Investment banks: the future of risk control

This survey report explores the current state of risk controls in investment banks, the challenges of effective engagement across the three lines of defence, and the opportunity to develop a more dynamic approach to first-line risk control

Op risk outlook 2022: the legal perspective

Christoph Kurth, partner of the global financial institutions leadership team at Baker McKenzie, discusses the key themes emerging from’s Top 10 op risks 2022 survey and how financial firms can better manage and mitigate the impact of…

Emerging trends in op risk

Karen Man, partner and member of the global financial institutions leadership team at Baker McKenzie, discusses emerging op risks in the wake of the Covid‑19 pandemic, a rise in cyber attacks, concerns around conduct and culture, and the complexities of…

Moving targets: the new rules of conduct risk

How are capital markets firms adapting their approaches to monitoring and managing conduct risk following the Covid‑19 pandemic? In a webinar in association with NICE Actimize, the panel discusses changing regulatory requirements, the essentials…

You need to sign in to use this feature. If you don’t have a account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here