En Voyage_Issue#11_Flickbook
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
UP TO YOUR NECK IN RISK<br />
MITIGATION? LEARN FROM<br />
SOMEONE SUBMERGED IN IT<br />
Business<br />
BY WAYNE ATKINSON, GROUP PARTNER, COLLAS CRILL.<br />
I’m conscious you’re probably reading this on a<br />
plane to pass the time and don’t really want to hear<br />
about compliance. With that in mind I want to tell<br />
you about the most impressive speech I ever saw.<br />
It was given by a man called Jarrod Jablonksi who<br />
Wikipedia describes as a “record-setting cave diver”<br />
and who once undertook a dive traversing 11km of<br />
continuous cave which required his team to spend 21<br />
hours underwater. Unsurprisingly, cave diving is, by<br />
its nature, very dangerous. If something goes wrong<br />
in a submerged cave, a diver can’t surface without<br />
making their way out of the cave. Normal diving<br />
issues become more complicated with the added risk<br />
of getting lost or stuck and drowning. Lots of cave<br />
divers drown and amongst their community there<br />
are, as a result, strong opinions about the best (ie<br />
safest) way to cave dive. Jablonksi had some strong<br />
opinions and in his<br />
THE KEY TO<br />
SUCCESS IS TRULY<br />
UNDERSTANDING<br />
THE RISKS IN<br />
YOUR BUSINESS<br />
ENVIRONMENT AND,<br />
LIKE JABLONKSI,<br />
WORKING OUT<br />
HOW TO REDUCE<br />
UNNECESSARY RISK AS<br />
FAR AS POSSIBLE<br />
speech he answered the<br />
questions of what might<br />
be called a sceptical<br />
crowd explaining how<br />
he had formed those<br />
opinions and why.<br />
The answer to each<br />
question followed a<br />
pattern. When asked<br />
why he did something<br />
a certain way, Jablonski<br />
responded by pointing<br />
to the risks in the<br />
environment and the activity and explained how his<br />
team had approached comparing and mitigating the<br />
specific risks involved. What was impressive about the<br />
talk wasn’t that Jablonksi’s approach was risk-free; it<br />
could never be risk-free – he was spending hours at<br />
a time kilometres inside underwater caves. What was<br />
impressive was Jablonksi’s depth of understanding of<br />
the risks and how best to mitigate them. Everything<br />
he did or didn’t do, wear or take with him had a<br />
rationale attached and had been considered. He<br />
added that he wouldn’t work with anyone who<br />
didn’t operate to the same standards as him. It<br />
was the ultimate in taking a risk-based approach.<br />
I often reflect on that talk when I talk to financial<br />
services businesses about their approach to<br />
compliance. No-one is going to drown in our<br />
industry but CI businesses still deal with risk<br />
every day and manage that risk. We embrace<br />
innovative technologies such as blockchain or<br />
crypto-currencies, we share our expertise with<br />
emerging economies and markets and work with<br />
new clients every day. Meanwhile even the most<br />
vanilla of structures is open to abuse. The key to<br />
success is not having compliance policies which<br />
cut your risk to zero; that is impossible, not to<br />
mention uncommercial. Rather the key to success<br />
is truly understanding the risks in your business<br />
environment and, like Jablonksi, working out how<br />
to reduce unnecessary risk as far as possible.<br />
Mitigating risk in business requires directors to<br />
understand that risk and requires compliance<br />
teams to engage with the business environment<br />
a company is operating in. Some local businesses<br />
rely on outsourced compliance providers, others<br />
enact policies sent forth from head office whilst<br />
many more have in-house compliance teams. All<br />
these approaches can work but boards should<br />
consider their own (and their compliance team’s)<br />
understanding of the business’s risk structure<br />
and adapt their documentation and activity to it.<br />
Conducting a fulsome business risk assessment<br />
is the best way to do this (which is why regulators<br />
require and often focus on them). An accurate<br />
assessment allows a business to tailor their processes<br />
and policies to address specific concerns whereas<br />
a generic off-the-shelf precedent document may<br />
not even identify the concerns in question. Detailed<br />
consideration of the issues in question can often<br />
allow more streamlined, appropriate and successful<br />
approaches to managing risk to be taken. Having<br />
done so, one is in a position to obtain team buy-in<br />
ensuring everyone works to the same safe standard.<br />
At Collas Crill we frequently work with teams from<br />
businesses who rely on us to help them control<br />
their risk. Our first step is always the same; trying to<br />
understand their business. Off-the-shelf solutions<br />
don’t work for innovative, fast moving businesses<br />
and when they don’t work, people get frustrated and<br />
ignore them, compounding the problems, reducing<br />
cohesion in the business and increasing the risk<br />
exposure. Beautifully crafted documents prepared<br />
by lawyers with no understanding of a business’s<br />
day-to-day activity are unlikely to be a perfect fit; as<br />
with a diver in a cave, practicality and functionality<br />
in a specific situation are what really matter and to<br />
achieve that we work with clients to understand their<br />
operations. The world of cave diving is pretty far<br />
from the world of business compliance but maybe,<br />
just maybe we can take some lessons from it.<br />
101