People (including, or perhaps especially, regulators and risk managers!) tend to get excited about the latest hot topic and run off to do lots of exciting stuff on them. A bit like a dog chasing the latest frisbee. It was (and still is to some extent) conduct and then cyber (cyber is on the top of most/ many risk registers even where they have no customer or sensitive information to lose and don’t rely on any business critical systems) and is now climate change. Brexit has been the same too. All driven by a range of human biases and of course self-interest – who wouldn’t want to go off to seminars to talk about climate change versus working on documentation of desk procedures!
The real danger (an operational risk in itself) is that boards and managers are distracted by the latest hot topics and forget about the operational risks that were material yesterday and will probably continue to be so!
The good risk manager needs to try and steer the organisation away from just focusing on the latest fashions – but this can be a challenge! It’s a bit like the old adage that no one got fired for hiring a big 4 firm to do a review – there is security in going with the crowd but we all know the madness of crowds!
NJ Risk and Regulatory Consulting Limited can provide independent challenge to help ensure that the Board is not distracted by the latest ‘new thing’.