John Thackeray (Author)

Social capital is increasingly recognized as a vital asset for banking institutions, influencing their stability, reputation, and overall success. Here are several key points highlighting its importance:

  1. Trust and Reputation: Trust is fundamental in banking. Strong social capital fosters trust between banks and their clients, leading to better customer relationships, loyalty, and satisfaction. A solid reputation can attract new customers and retain existing ones.
  2. Community Engagement: Banks with strong social capital often engage more actively with their communities. This can enhance their brand image, facilitate local partnerships, and promote initiatives that benefit both the bank and the community, such as financial literacy programs. Bank branches can be seen as social hubs in reinforcing community spirit.
  3. Risk Management: Institutions with good social capital are better equipped to manage risks. A strong network can provide insights into local market conditions and social dynamics, helping banks anticipate and respond to potential risks more effectively.
  4. Customer Insights: Engaging with customers and the community can provide valuable feedback and insights. Understanding customer needs and preferences allows banks to tailor products and services, enhancing customer satisfaction and loyalty.
  5. Employee Engagement and Retention: Social capital also impacts internal dynamics. Banks that promote a culture of collaboration and community tend to have higher employee engagement, which can lead to better performance, reduced turnover, and increased innovation.
  6. Crisis Resilience: In times of crisis, such as economic downturns or reputational challenges, strong social capital can provide a buffer. Trusting relationships with stakeholders can help banks navigate difficult periods more effectively.
  7. Regulatory Relations: Building positive relationships with regulators and policymakers can ease compliance processes and foster a more favorable operating environment. Banks that engage proactively with regulatory bodies often find it easier to adapt to changing regulations.
  8. Attracting Investments: Investors increasingly consider a bank’s social responsibility and community impact when making investment decisions. Strong social capital can enhance a bank’s attractiveness to socially conscious investors 
  9. Innovation and Collaboration: Social capital can facilitate partnerships and collaborations with fintechs, startups, and other financial institutions, driving innovation and allowing banks to stay competitive in a rapidly changing landscape.
  10. Sustainability and ESG Goals: As environmental, social, and governance (ESG) factors gain importance, banks with strong social capital are often better positioned to implement sustainable practices and meet ESG criteria, enhancing their overall value proposition.

In summary, social capital is a critical factor that influences a banking institution’s ability to operate effectively, maintain trust, and achieve long-term success in an increasingly competitive and complex environment.

John Thackeray (Author)

Good artificial intelligence (AI) governance in banks involves a set of principles, practices, and frameworks that ensure the responsible, ethical, and efficient use of AI technologies while maintaining transparency, accountability, and risk management. Here are the key elements of effective AI governance in the banking sector:

1. Clear Governance Structure

2. Ethical AI Guidelines

3. Compliance and Legal Framework

4. Risk Management

5. AI Lifecycle Management

6. Stakeholder Engagement and Communication

7. Innovation and Collaboration

8. Performance Metrics and KPIs

Conclusion

Good AI governance in banks combines strong ethical principles, regulatory compliance, effective risk management, and transparency. By putting the right structures, policies, and practices in place, banks can harness the potential of AI while safeguarding the interests of their customers, shareholders, and regulator.

John Thackeray (Author)

Risk Management expert helps financial firms control their financial/non financial risks by the writing of policies and procedures *Remediation of procedures* Audit & Regulatory proof documents

Banks face numerous digital challenges as they adapt to new technologies and changing customer expectations. These challenges span across cybersecurity, legacy system upgrades, customer experience, regulatory compliance, and competition with fintech firms. Below is an overview of these key challenges:

1. Cybersecurity and Data Protection

Banks are prime targets for cyberattacks due to the sensitive nature of financial data, whilst at the same time having to adhere to strict regulations like GDPR, CCPA, and PCI DSS to safeguard customer data and avoid penalties. A financial institution may contain tens of thousands of computers and other networked devices. Incorporating social, cloud, and mobile platforms, means the attack surface expands considerably.

2. Digital Transformation and Legacy Systems

Many banks rely on legacy systems that are difficult to modernize or integrate with new technologies like cloud computing or AI. Updating infrastructure is costly and complex but essential for offering innovative digital services. With the introduction of digital banking, there is a need for a consolidated platform that consolidates customers data and connects previously independent financial systems.

3. Customer Expectations and Experience

Customers demand tailored banking experiences requiring a seamless interaction across mobile apps, websites, and branches is expected, requiring robust backend integration. Multi faceted authentication will be required to enhance security.

4. Mobile Banking and Digital Payments

Creating secure, user-friendly mobile apps is challenging given the rapid evolution of customer needs and security demands and the pressure from fintechs offering innovative digital payment solutions like P2P systems

5. Regulatory Compliance and Technology

Compliance with evolving laws on AML (Anti-Money Laundering) and KYC (Know Your Customer) is resource-intensive and requires investment in regulatory technology

6. Artificial Intelligence and Automation

Leveraging AI for fraud detection, chatbots, and automation requires expertise and investment and an upskilling of the work force.

7. Fintech Competition

Fintech startups innovate faster than traditional banks, offering services that bypass conventional banking systems. Banks must decide whether to partner with fintechs or compete directly—a strategic challenge

8. Cloud Adoption 

Transitioning to cloud computing raises security issues around data privacy and control over sensitive information. Moving to the cloud involves careful planning to prevent service disruptions during the transition

9. Social Media

Banks must engage with their consumers in the places where they spend the most time, which is increasingly on social media. Making sure all social media accounts are secure should be a primary priority.  A centralized monitoring system capable of detecting and preventing possible policy violations in all communications should be put in place. In the digital banking transformation, implementing efficient yet user-friendly controls over social communications is critical.

 Conclusion

Addressing these challenges will require banks to invest in robust cybersecurity measures, modernize their infrastructure, embrace AI-driven personalization, collaborate with fintechs where appropriate, and maintain compliance with stringent regulations.

John Thackeray (Author)

Credit Union Risks

Risk Management expert helps financial firms control their financial/non financial risks by the writing of policies and procedures *Remediation of procedures* Audit & Regulatory proof documents

The landscape for credit unions is shaped by various risks that can significantly impact their operations, financial stability, and member services. These challenges arise from economic conditions, regulatory changes, technological advancements, and shifting consumer preferences. Below are the key risks that credit unions are likely to face:

Economic Risks

  1. Interest Rate Fluctuations: Credit unions are sensitive to changes in interest rates, which can affect their lending and deposit rates. As central banks adjust rates to manage inflation or stimulate growth, credit unions must navigate the balance between attracting members with competitive rates and maintaining profitability. A rising interest rate environment could lead to decreased loan demand, as consumers may be deterred by higher borrowing costs.
  2. Economic Recession: A downturn in the economy can lead to increased loan defaults and delinquencies, particularly in sectors most affected, such as real estate and consumer lending. This not only impacts credit unions’ balance sheets but also their ability to lend and support members during challenging times.

Regulatory and Compliance Risks

  1. Evolving Regulatory Landscape: Credit unions are subject to a variety of regulations that govern their operations. Changes in regulatory requirements could increase compliance costs and operational burdens. For instance, heightened scrutiny on anti-money laundering (AML) practices and data protection regulations could necessitate investments in compliance infrastructure.
  2. Capital Adequacy Requirements: Regulatory bodies may adjust capital requirements in response to perceived risks within the financial system. Credit unions must ensure they maintain adequate capital buffers to absorb potential losses while still meeting the needs of their members.

Technological Risks

  1. Cybersecurity Threats: As credit unions increasingly rely on digital platforms for transactions and member interactions, they become more susceptible to cyberattacks. Data breaches can lead to significant financial losses and damage to reputation, undermining member trust. Continuous investments in cybersecurity measures, employee training, and incident response planning are essential to mitigate these risks.
  2. Digital Transformation Challenges: The push towards digital services creates operational challenges for credit unions, especially those with legacy systems. The need to modernize technology infrastructure can strain resources and require significant capital investment. Failure to adapt to technological advancements may result in diminished competitiveness against larger financial institutions and fintech companies.

Market and Competitive Risks

  1. Increased Competition: Credit unions are facing intensified competition not only from traditional banks but also from fintech startups that offer innovative financial services. The rise of digital-only banks and peer-to-peer lending platforms can divert potential members away from credit unions. To remain relevant, credit unions must enhance their service offerings and invest in member experience.
  2. Changing Consumer Preferences: As consumers increasingly prioritize convenience and personalization in financial services, credit unions must adapt to these expectations. Failure to understand and meet evolving member needs could result in a loss of market share. Credit unions need to leverage data analytics to tailor offerings and improve member engagement.

Operational Risks

  1. Talent Acquisition and Retention: Attracting and retaining skilled personnel can be challenging for credit unions, particularly in a competitive labor market. The need for expertise in areas such as digital banking, compliance, and risk management is critical. Credit unions must create appealing workplace cultures and provide career development opportunities to retain top talent.
  2. Operational Resilience: Unexpected events, such as natural disasters or pandemics, can disrupt operations and service delivery. Credit unions must enhance their operational resilience through robust business continuity planning and risk management frameworks to ensure they can continue to serve members in times of crisis.

Conclusion

In conclusion, credit unions are expected to face a multifaceted array of risks, spanning economic, regulatory, technological, market, and operational dimensions. Proactive risk management strategies and a commitment to innovation will be essential for credit unions to navigate these challenges effectively and continue providing value to their members. Understanding these risks and preparing accordingly will be vital for sustaining their role in the financial ecosystem.

John Thackeray (Author)

John Thackeray is a risk & compliance practitioner and an acknowledged writer. As a
former senior risk executive at Citigroup, Deutsche AG and Société Générale, he has had
a first-hand engagement with US and European regulators. John holds an MBA from the
Chartered Institute of Bankers and was a Lecturer in Banking, Economics and Law.

He is a frequent contributor, thought leader and speaker on risk industry insights and has published
risk articles and white papers for the Professional Risk Managers’ International Association, the Global
Association of Risk Professionals, the Risk Management Association, the Association of Certified Fraud
Examiners, the Association of Certified Anti-Money Laundering Specialists, and the Chief Financial Officers
University.

Blog full content this way

Introduction

Climate risk is the defining issue of our generation, but it is the velocity of climate change which will have the greatest and most profound impact upon our lives. Climate risk is a long-term science-based, non-diversifiable risk, impacting and affecting all industries. To the corporate world, climate risk is a balance sheet risk, a profit and loss risk and more importantly a reputational risk. The risk requires firms to think about assigning a set of comprehensive roles and social responsibilities/values that can be measured up and be accountable to mitigate the challenges posed. Through climate change, one sees the interconnectedness of emerging risks, with the current pandemic, a manifestation of both the velocity and acceleration of this risk, ushering in a change transformation of both thought, word and deed.

Business Model Changes

COVID 19 is a dress rehearsal for climate change, a harbinger and abstract of what is in store down the road. The current pandemic is an agent of change, causing disruption and requiring firms to adapt their business models to accommodate these changing circumstances. Such a change can be seen in the realm of stress testing and scenario design, (which are the common tools used to identify, measure, quantify and review enterprise risks both known and unknown), with the data provided by COVID 19 adding more realistic data and testing parameters to the emergence of climate change. Stress testing and scenario design have been around for a while but what has changed in this pandemic is the need to repurpose/enhance existing models, whilst at the same time, overlaying and incorporating new thinking and parameters. Common issues such as data quality, information technology and risk management have had to be structurally addressed to ensure that the resultant output of these test results is both meaningful and transparent to its many users. The pandemic has asked questions on the gathering, collection and frequency of data utilized, requiring, and enhancing data sets which can be introduced and populated for climate change modelling.

Business/Government Leadership

COVID 19 has ignited and obfuscated the current climate change debate, with politicians from all walks of life, trying to distract and manipulate the debate for short term considerations .This political uncertainty is amplified by the fact that firms operating in multi jurisdictions , will have to cater to the differing lenses and perspectives of a constantly changing central government policy. If the way out of the current pandemic comes in the form of a green viral, it may be that the corporate world needs to take the initiative, striving to do what is right, leading to greener pastures.

Governance

Firms have now been forced to plan to include climate risk within their portfolio of risks, with a framework that includes the five pillars of governance, risk management, strategy, pricing and metrics. The lynchpin of this framework, is governance and this is evidenced by company boards driving and dictating the change, rather than senior management; setting a whole new sense of social and commercial responsibility, the likes of which have never been seen before. Moreover, boards now have had to educated at short order with many turning to colleagues from the insurance industry who have a wealth of experience in forecasting and dealing with the long-term implications of climate. It is becoming self-evident to boards that firms very existence is wrapped up in the way they approach climate risk and the efforts needed to improve their continuing viability, sustainability and resilience. This Climate change DNA is invoking for the few who walk this path, a strong culture of compliance and governance focusing on quality returns and maximizing the customer experience.

Disclosures

Many firms have been forced to disclosure their efforts by means of written narrative in their financial reporting. The quality of their disclosures will be under the microscope with stakeholders alike, looking to see that the words have been translated into concrete actions. Boards and senior management will be watched with eagle eyes on how they behave with any discrepancies, the subject of litigation and social media scrutiny. The messaging will be all important and could be part of the sustainable company brand. The requirements need to comply with the above measures are exacting, with financial institutions now needing to monitor their customers green efforts and behavior by means of covenants and warranties. The covenants and warranties are far reaching extending to both funding and investment decisions, in terms of research and development and capital expenditure. Lending firms are becoming more closely identified with their customers and their borrowing policies, a reflection of their climate corporate governance. This gives the opportunity for lending firms to position themselves as “green” role models and brand their lending accordingly. The more astute firms will take this onboard with performance tables being designed and produced indicating the applicability of climate risk standards, enabling the corporate world to be benchmarked against one another.

Conclusion

 Above all, climate risk must be thought of as a commercial risk, the institutions that embrace these changes and adopt, reinforce corporate values which can be a game changer in terms of reputation and culture. Those institutions that adopt a higher purpose with a climate moral compass are likely to experience anecdotally a more coherent and collective culture. This culture change can be seen as a competitive advantage, but it must be remembered that there are costs associated with the introduction of this climate change vision. Embedding this change transformation requires a sustainable reengineering in terms of business practice and models, demanding investment in different skills sets and training.

Mankind is watching and the question is, do you want to be the shepherd or the sheep, the choice is yours?

John Thackeray john.thackeray@riskink.com

To regain public trust, the boards of directors at banks must take proactive steps to court complaints and encourage whistleblowing about employees’ malfeasance.

By John Thackeray

Public perception that financial institutions are driven by greed and wilful blindness has recently been reinforced by a seemingly never-ending litany of scandals. This impression of failure is a damming condemnation of both management and boards of directors to communicate clear messaging and to implement and maintain effective conduct-risk plans.  

To inform and reinforce ethical behavior, a firm needs more than, say, a 150-page employee handbook. Indeed, the pressure is now greater than ever for boards to provide sustainable, ethical governance and oversight – independently and proactively.

The question facing banks’ boards is how to ensure that the character and values they preach are actually practiced by their employees. Board members who place their faith in senior management need a multitude of mechanisms to verify this fidelity. 

Let’s now take a look at three steps every bank can take to mitigate conduct risk:

1. Proactively court complaints.

Create a department that is responsible for categorizing employee complaints and discovering the root cause of misconduct. Complaints should be risk ranked and be readily communicated to the board. Moreover, employees should be actively encouraged with reimbursement for their time and effort. The idea, of course, is not to exonerate bad behavior and bad practices, but, rather, to better understand their underlying causes.

2. Employ secret bankers to act as a company’s eyes and ears, reporting independently to the board.

Much like the concept of secret shoppers within retail, these specialized bankers can be parachuted into areas of concern – including high-profit groups. They should be trained to observe whether existing working practices are compatible with a bank’s ethics policies and must use all the tools at their disposal to understand behavioral drivers and the underlying pressures that employees are facing.

3. Reward whistleblowing.

Instead of relying on regulators to reward whistleblowers, banks themselves should offer a monetary incentive for employees to report conduct violations. Since whistleblowing is often perceived as a career-ending event, the compensation should be significant. This policy will set the tone from the top, encouraging employees to challenge bad behavior, without being stigmatized and without enduring major financial losses.

Parting Thoughts

All three of these measures are proactive and require very little implementation cost. A change in mindset, above all else, is what’s needed to deploy these measures effectively.

The goal should be to encourage employees to “actively rush toward the fire,” with a plan on to extinguish it. But for that to happen, banks must implement clear conduct standards, while also taking action to better understand employee behaviors.

John Thackeray is a risk and compliance practitioner and writer. His firm, RiskInk, helps businesses control their risks by writing policies and procedures to mitigate them. As a former senior risk executive at Citigroup, Deutsche Bank AG and Société Générale, he has had firsthand engagement with U.S. and European regulators.

by John Thackeray

Risk Management – The Transformation

introduction

Never before in the age of risk management has so much been asked by so many by so few. Risk Management is going through a change management transformation, the likes of which have never been seen before. The key drivers for this change include a persistent volatile environment, a deep longing to be considered a good social citizen, endless regulation, the growth of non-financial risk types, new methods of customer engagement and a need to address past mistakes. The change is being exacerbated by the new operating environment (working from home), which has been enforced by COVID-19, focusing risk management to think differently both in terms of architecture, people, processes, systems and value.

This paper looks at the key drivers and the implications that it poses and suggests a meaningful pathway for the future of risk management by means of change transformation.

drivers

The current operating environment in which firms find themselves is anything but benign. COVID-19 has deepened structural fissures within an already existing fragile ecosystem. Negative interest rates, increased compliance costs, zombie loans, the continuing levying of fines for anti-money laundering and corruption have eaten into income and capital. Moreover, the persistence of scandals which are highlighted every week by social media have evaporated any good will towards financial institutions. Many financial institutions have been seen as facilitators of tax avoidance and enablers of financial crimes. The reputation of many is such that customer expectations, sentiment, and engagement are low, with very little confidence in both the products and the messaging of the organizations. Simply put, the financial organizations seem to many of their stakeholders to have lost their way, with no moral compass to lead them, leaving behind a bankrupt and obscure identity.

Having shot themselves in the foot, retribution has come in the form of heavy regulation partly due to past sins but also as an appeaser towards public opinion. The regulators now have the ready-made excuse to appear in the bowels of financial institutions, dictate terms, with an ever-increasing bright spotlight. This oversight extends and reaches on a global basis with regulation that can be retrospective, leading to unspecified fines for past mishaps from multiple agencies and countries.

Given the 2008 financial crisis, there is no longer an appetite to shore up financial institutions and indeed there is an intolerance towards any protest from the firms on the growing depth and breadth of new legislation which has dictated. This legislation has led to more detailed and demanding capital, leverage, liquidity, and funding requirements, data privacy as well as higher standards for risk reporting, such as BCBS 239. The financial guard rails have seen stiffened with more detail and requirements in the US banking system with regards to ‘CCAR” (Comprehensive Capital Adequacy Review) and by European Union guidelines with regards to stress testing, both bodies now seemingly dictating capital and dividend policy.

The growing of non-financial risk i.e. types cyber, model, climate and conduct has had a dramatic effect on financial institutions and their operations. Each risk now has entered the Enterprise Risk Management portfolio and needs to be addressed with urgency. Model Risk has increased with data availability and advances in computing, modelling, and the need to address in quick order pressing legislation such as “CECL” ‘(Current Expected Credit Losses)”. Climate Risk has maintained its ascendancy as an emerging risk with the Bank of England leading the way both in terms of supervision and legislation. Operational resilience has gained a foothold boosted by COVID-19 with a resultant knock on to reputational risk. Conduct risk has escalated as scandals highlighted by social media question the ethics of firms on how far they will go to boost their profits. All these pressing risks by themselves have sequestered an inordinate amount of energy and cost both in terms of mitigating and reporting.


implications

These drivers will have huge implications on the effectiveness and adequacy of business systems and operations. Technology or the increased reliance on it will be seen as a panacea, the gatekeeper that can both thwart the risks and increase the opportunities posed by these drivers. The increased use of technology continues to transform the normal processes and channels of engagement/experience and accentuate the social distancing relationship. Big Data, Machine learning and Artificial Intelligence championed by the burgeoning ranks of the FINTECH are the go-to components to mitigate the effect of the drivers by means of reimagining business processes.

As regulations become more complex and the consequences of noncompliance ever more severe, financial institutions will likely have no choice but to eliminate human interventions to hardwire the right behaviors and standards into their operations, systems, and processes. There will be a need for new algorithms to parse the data, which will need to be reviewed and challenged on a constant basis. Where these interventions cannot be automated, robust surveillance and monitoring will be increasingly critical.

Increased costs have led to an ever-increasing reliance on automation, both in decision making and processes. The amount of big data being generated will enable the more astute to redesign their processes using a comprehensive data management set of both public and private data sets. Processes such as underwriting will be digitalized, information submitted need only be scanned and verified without any in person engagement.

Artificial and machine learning will be used in behavioral analysis and remove a lot of the expert judgement required by risk officers, therefore eradicating any biases within the decision-making process.

Advances in technology will also help in the key areas of stress testing and scenario planning, especially in evaluation of climate risk within the portfolio. This advancement will lead to the multi-dimensional understanding of risks with complex models that need to be adjusted. While existing scenario analysis or stress testing frameworks can be leveraged, climate risk scenario analysis differs from the traditional use of these with longer time horizons, description of physical variables and generally the non-inclusion of specific economic parameters. These idiosyncrasies mean that data and climate scientists and engineers will need to be absorbed within the existing risk management structure. Moreover, stress testing and scenario planning will also have to incorporate operational sustainability and resilience which may call for significant contributions from external third parties to help complete the analysis and evaluation.

changes transformation

The Target Operating Model of Risk Management of the future will be very different, with the risk professionals armed with a new set of technology tools and new skillsets. In order for it be an enabler, the organization needs risk to transform its vision and redefine its role structurally given that many risk professionals will now need to work from a home environment. The main strategy will involve a heavy reliance and incorporation of new technology to both right size and reimagine risk management practices.

Listed below are some suggestions, which no doubt can be modified depending on the size and complexity of the organization.

• Risk management will be seen as foremost Firm Culture Champions and then Risk Culture Champions. Building and maintaining these identical and symbiotic cultures will be critical to ensuring the success of both the enterprise and risk function of the future. The combination of these cultures is likely to be a requisite element in a firm’s future competitive advantage. The secret recipe is to start with the risk culture first and then distribute and evangelize, so that both cultures will include a vision that will include the advocation of a strong corporate value. In order for this to take root, the firm will need to monitor and survey on a regular basis the action of its employees, no doubt enhanced by technology.

• The Chief Risk Officer (“CRO”) will be seen as a Champion of the firm and will be one of the stronger internal candidates to succeed the CEO. He/she will have to become an exceptional narrator who, armed with data, can convey and articulate the message of today. The brave new normal will call for greater transparency around disclosures concerning IT/Supplier disruptions, Operational resilience, Cyber-attacks, Sustainability, Climate change. The CRO must be able to engage in the conversation with the right message and be the voice piece of the firm backed by the data.

• The risk stripes will have to be reorganized structurally around correlated risk stripe clusters e.g. Fraud, Operations, Technology, IT Security, Compliance, Human Resources, Model, Conduct, and Reputation Anti Money Laundering will all come within the same coordinated structure and governance rather than standalone silos. The synergies will result in smaller teams of agile multi discipline staff with a depth and breadth of knowledge in one or more of these subject areas.

• The Risk Personnel with be multi trained in data analytics as a starting point and have the ability to match this with practical experience in all risk stripes. The tour of duty will include cross training in the various risk disciplines which will enable the team to speak a common language while applying consistent standards. Risk professionals will be expected to wear many hats, expectations high on delivery and communication skills.

• The risk management ecosystem will demand a comprehensive enterprise wide data base which is expected to help financial institutions create a repository for all types of structured and unstructured data. Since risk functions in the future are expected to become increasingly data driven, the supporting data infrastructure is a critical enabler. This data will have many uses and create a data driven analytical risk area which will need to be resourced by staff with multiple skill sets. Understanding the data will improve overall quality, aggregation capabilities, and risk reporting timeliness thus affording the management information systems to be displayed in a means that offers the users, a great deal of information in real time, improving the quality and timeliness of fact-based decisions.

passing thoughts

Broader responsibilities, better trained, smaller, multi risk disciplined, data hungry, these will be the new requisite qualities of risk personnel. Change will happen. The question is – are you willing to embrace the change or not. The firm that thinks ahead with this mind set will be the one left standing not only with a competitive advantage but also with an enhanced reputation.

By John Thackeray

Introduction

An organization can become more productive by championing a hybrid model workplace that fosters and promotes a culture of inclusivity and trust. At the heart of a hybrid workforce model, are the ideas of shared ownership and trust, which can help the organization break down long-standing beliefs about productivity and performance.

Trust is one of the most important ingredients in this model and this can be facilitated by delivering creative management strategies and exhibiting clear behavioral standards. This trust requires management strategies to place a greater emphasis on behavioral standards such as accountability, transparency, and communication, creating a culture, whereby employees feel safe and appreciated within an inclusive environment.

Trust and Management Strategie

Maintaining greater leadership communication and visibility: Create new ways to engage informally with your employees. By defining and embracing new behaviors, that are observable to all, and by deliberately making space for virtual employees to engage in informal interactions—leaders can facilitate social cohesion and trust-building in their teams.

Establish team rituals to cement a strong bond of personal relationships enabling team members to have fun in a safe environment, thus improving morale. Ensuring that the transitions between respective team norms for onsite and remote are as smooth as possible, gives employees a cohesive experience, that feels designed, not random but shared.

Fostering an open environment by letting employees’ voices be heard e.g. by means of a virtual “Lunch and Learn” opportunity or a “Fly By” opportunity with an executive, thus enabling the employees, the opportunity, to share in a safe mode.

Re-evaluate your procedures and policies ensuring that the content is consistent, resilient and fit for purpose in the hybrid workplace. e.g. The importance of On Boarding has never been greater in the emphasis of team and trust, setting out and reinforcing cultural values in terms of expectations and requires considerable procedural changes to previous practices.

Measuring performance on outcomes: Instead of focusing on tasks or hours worked, focus on the outcomes and the quality of results. By focusing on results over style, regardless of location, a more productive, engaging, and meaningful work culture can be evidenced and shared. Success is evidenced by means of clear and transparent (“KPI’S’), key performance indicators.

Conclusion

In order to be more productive, the culture must embrace the hybrid model with a mindset of shared ownership and trust, principles, which in turn SHOULD complement, the existing values of the organization.

Procedures are written primarily to reduce the inherent risk by documenting in writing the business process or activity. Effective procedures are an insight and window into the control, governance and oversight of the organization.

In order for procedures to be effective, they should have the following traits.

The focus of this paper is on the primary trait, data points. These set the standard and expectations which enables procedures to be written in a consistent and repeatable format. Moreover, common data points can ensure the proper enforcement of policy by reinforcing the guidelines and standards prescribed. This paper articulates a menu of data points which must be considered in the appreciation and application of this objective.

Below is a table of data points followed by explanations of each data point. **High/Medium/Low refers to scale in relation to admission to the procedures.

Data points explained.

1.Inherent Risk

Inherent risk is an assessed level of the natural level of risk inherent in a process or activity without doing anything to reduce the likelihood or mitigate the severity of a mishap, or the amount of risk before the application of the risk reduction effects of control. Usually categorized into High, Medium, Low. This categorization importantly focuses the organization in both understanding and addressing those processes which represent the greatest risks to the organization, thus, enabling the proper allocation of resources to mitigate these risks.

2.Objective/Purpose and Scope

The purpose is the reason why the business exists, why you exist or why the team does what it does. The objective is the what it needs to do to achieve its goals. Scope of an activity, project or procedure represents the limitations or defines the boundaries of its application. These data points set the stage for the document and allow the reader to appreciate the significance of the process or processes.

3. Owner

Quintessentially the most important player within the process. Each owner has a unique responsibility and accountability to ensuring that the procedures are effective. It is a measurement of management skills and application and a true testament of both standards, leadership and behavior. It is the responsibility of the owner to clearly communicate and train those involved within the process. Given that the most effective control is that of segregation of duties, the Owner can never be the Approver.

4. Approver

Another implicit control is that of Authorizations. which ensures that the Approver is always one level above that of the Owner in the Organizational Hierarchy.

5.Roles and Responsibilities

According to research by the Harvard Business Review, clearly defining people’s roles and responsibilities matters more when determining a team’s success than outlining the precise path the team will take. In other words, team members perform better when they know exactly what they will be responsible for versus having a specific set of predefined steps to complete.

6. Key Controls

Key controls are the procedures organizations put into place to contain internal risks. Key controls are identified because:

7. Escalation/Exceptions/Remediation/Overrides

Every process will from time to time require exceptions, overrides which will require a clear and transparent, escalation and remediation process. This process must be formalized, and records kept to document both the decision-making process and the approval authority. The process speaks to governance and oversight as well as giving an indication of whether the procedures require revisions or amendments.

8.Training and Communication

This is perhaps the most overlooked data point, but it is important part of the efficacy of the procedures. Lack of both or little evidence of these data points being demonstrated, implies a lack of ownership involvement.

9. New Procedures, 10. Legal/Regulatory 11. Updates, Revisions and Amendments

All these data points are crucial in ensuring the currency and relevancy of the procedures. The owner is again responsible for the compliance of each of these data points. Given that these data points are either ad hoc or determined on an annual basis, the materiality of these points have a lower ranking.

12. Business Continuity

A business continuity plan refers to an organization’s system of procedures to restore critical business functions in the event of unplanned disaster. These disasters could include natural disasters, security breaches, service outages, or other potential threats. Usually in most procedures, there is a line item as to the plans and preparations.

13. Data Storage/Integrity/Governance/Management

Data is often said to be an organization greatest asset and as such policy and standards are dictated at the enterprise level. Given the risks and the regulations surrounding data misuse, this is a vulnerability that needs to be addressed upfront. Great care is needed to ensure that any enterprise standards are being complied and adhered to and that personnel are cognizant of such standards. Again, this is a data point whose compliance is an insight into how enterprise directives are being executed.

14. KPI’S, KRI’S

While Key Risk Indicators (KRIs) are used to indicate potential risks, Key Performance Indicators (KPIs) measure performance. At times, they represent key ratios that management can track as indicators of evolving risks, and potential opportunities, which signal the need for action. These measures are normally found in more mature processes.

Conclusion

In order for an organization to achieve consistent and repeatable procedures, it must first determine what data points are required and what data points are achievable. This paper has provided a menu which is not inexhaustible, but which requires considerable thought with regard to the appropriate data points. Much will depend on the organizations objectives and whether they wish to have a set of free-standing procedures or procedures which are more aligned to a consistent look and feel.

A consistent look and feel with consistent data points makes the procedures more auditable and compliant with policy and standards.