According to QBE’s Unpredictability Index, the world has become increasingly unpredictable in recent years. Almost all of the ‘least predictable years’ in the past three decades have occurred in the past 20 years, with the majority since the global financial crisis. The increase in unpredictability is largely driven by rising political and economic risk, although the interaction of societal, business and environmental factors is one of the most striking findings of the Index.
Despite mounting regulation and advances in technology, the ‘human element’ is almost always a factor in corporate failings; from industrial
disasters, to corporate scandals and data breaches. Regulations, processes and operational risk controls are not adequate alone to address the unpredictability of human behaviour. However, a strong corporate culture can promote the right behaviours and help people consistently make the right decisions, irrespective of the nature of the events they encounter.
An organisation’s culture and values matter. Almost two thirds (65%) of business leaders surveyed in a PWC study believe corporate culture is more important to performance than strategy or structure. A good culture can attract talent, boost sales and productivity, and generally make for a sustainable business. But a bad or weak culture can destroy value and trust, damage reputation, and even lead to financial ruin.
Recent years have seen countless examples of poor corporate governance and culture. Mis-conduct by banks, emissions cheating in the automotive industry, breaches of privacy by social media platforms, sexual misconduct and safeguarding issues in the charity and entertainment industries, the use of slave labour in electronics and food industry supply chains, and environmental catastrophes, such as the Brumadinho dam disaster in Brazil. The list goes on.
QBE research suggests companies are relatively confident about leadership’s role in driving corporate culture, as well as embedding core values and a positive risk culture in operational activities. However, the analysis found organisations struggle with three key drivers for corporate culture: aligning incentives with core values and desired behaviours, embedding risk culture in performance reviews, and continual learning.
High profile corporate failures also suggest companies do not learn from their (or others’) mistakes, or at least are too slow to react. Organisational culture and risk management learning is often
fragmented, either limited to parts of the business or in response to events or regulatory changes. If not captured and shared, experience and lessons learnt will leach away as memories fade, and people leave the business.
businesses felt that they had a positive risk culture embedded
Research has shown that leadership, good management practices and a positive work environment can reduce unpredictable behaviour. A study from the CIPD, for example, shows that culture and leadership influences unethical behaviour, while moral leadership and an ethical climate will enhance ethical behaviour. The study also says certain situations or jobs affect behaviour. For example, time pressure or isolated decision making can increase the likelihood of unethical behaviour, whereas accountability and checks and balances can reduce it.
Embedding a corporate culture, however, can be challenging. When QBE conducted its Risk Culture Survey in 2015, it found only three in 10 businesses felt that they had a positive risk culture embedded. This is especially true for large multinational organisations, where the distance between the leadership and those at the coal face can be large, and messages can become watered-down. The size and scope of an organisation and its wider supply chain make it challenging to establish a healthy corporate culture at a global scale.
For example, the most recent update of the UK’s Corporate Governance Code makes clear that boards must decide what type of behaviours and culture they wish to promote, and requires them to assess and monitor culture throughout the company. The Code also introduces the concept of corporate ‘purpose’ and ‘values’, which need to be aligned with corporate culture.
Culture, behaviour and conduct are also growing areas of focus for
regulators. This is particularly true for financial services, where conduct and mis-selling scandals have caused huge reputational damage in recent years and undermined consumer trust. In the privacy arena, regulators have also turned their attention to corporate culture, which has been found to play a role in a number of large data breaches and cyber security incidents.
The risk management community is also paying more attention to culture, seen by many as
the bedrock of good enterprise risk management. The recent update to the international risk management standard ISO 31000, for example, requires companies to align risk management with the organisation’s strategy and culture.
Interest in risk culture has been growing for many years. Whilst there are now numerous scholarly articles and guides on the subject, the ability to effectively evaluate risk culture and develop a proactive plan for improvement remains difficult. However, a good place to start is to review an organisation’s risk culture. To this end, QBE has developed a
Risk Culture Profiling Tool for its customers, an easy-to-use tool that can be used to assess risk culture and shape discussions around it.
With countless cases of corporate failings, operational risk controls in isolation are inadequate to prevent the more complex claims we see in our increasingly globalised and connected world. A strong corporate culture - clearly defined and driven by leadership - can guide people on how to act in adverse situations. When processes run out of scope, people need to use their own judgement, pause and take stock, and share their concerns with others.
An organisation’s culture and values
can have a direct bearing on its ability to cope with unpredictability. A strong corporate culture should reduce the risks of unexpected events, such as a data breach or extensive product recall. But it can also help organisations adapt and pursue opportunities created in today’s fast changing world.
Sign-up to be notified about future articles from the Unpredictability Series, and other thoughts, reports or insights from QBE.