Featured Risk and the Failure to Establish a Risk Conscious Culture

One of the first banking scandals of scale was the fraudulent Treasury securities bids by Salomon Brothers traders over a six-month period between December 1990 and May 1991. In the aftermath, the CEO was forced to resign, the major shareholder and board director Warren Buffet took over as interim chair, a rogue trader was handed a four-month jail sentence for lying to the regulator, and the investment bank was fined US$290 million.

In the opening statement of his testimony before a congressional hearing on the matter, Warren Buffet, referring to his infamous ‘newspaper test’, said:

If [the employees of Salomon Brothers] follow this test, they need not fear my message to them. Lose money for the firm, and I will be understanding; lose a shred of reputation for the firm, and I will be ruthless.

Good Governance

Leadership and governance are allied. Good governance is an outcome of the culture and values the leadership lives. The capacity to articulate the vision and mission of the organisation and to establish and maintain its culture is the responsibility of the leadership team, the board, and the CEO. These people are the keepers of the culture in which the organisation’s mission can be achieved and everybody involved can be justifiably proud of what they are contributing and take satisfaction from their contribution to the collective effort.

As Buffet suggests, mistakes can and will be made but there should be no tolerance for behaviour that in unethical, illegal or corrupt. Anything that damages the reputation of the organisation or that of any of its stakeholders.

Protecting the Enterprise’s Reputation

The CEO and Board own the responsibility to protect the enterprise’s reputation. They must encourage key decision-makers across the company to engage in ethical and responsible business behaviour consistent with the organisation’s core values. That task revolves around laying out the parameters within which decision-makers function within applicable laws, regulations, and internal policies. This entails articulating boundaries around the levels of risk the organization is willing to accept, and those risks it intends to avoid at all costs (such as endangering the health and safety of the public). Strategic, operational, and financial parameters should also be expressed.

It is important to be bullish in pursuing entrepreneurial opportunities and the goals of the organisation, but it’s also crucial to clarify the parameters of acceptability around those pursuits.


The featured risk here is Failure to establish and maintain a risk-conscious culture. It is one group of risks that look at reputation, behaviour, and culture and which will, when assessed honestly, offer insights into the tone at the top of any organisation. This risk assessment takes a risk-based approach to identifying the controls that are or should be in place and to setting out appropriate boundaries for reducing risk arising from uncertainty about what the organisation is willing to tolerate in terms of behaviour, shortcuts, corruption, etc.


Obviously, setting these boundaries implies that in the first instance there is a way to identify if, and, or when the set limits are being breached and that there is certainty about what the corrective actions will be when breaches, and those who commit them, are identified.

To find out more about featured risk and streamlining risk management processes, request a tailored demo today.

Recent News

6 things you need to know about the Individual Accountability Framework (IAF)

The Central Bank of Ireland has recently released regulations and guidance on the Individual Accountability Framework (IAF). Here ...
Read More

Paysend chooses CalQRisk as their Risk Management Solution

Paysend, a next generation integrated global payment ecosystem, has recently implemented the CalQRisk solution in order to enhance ...
Read More

ESG and Sustainability Reporting

The practice of businesses promoting sustainability and social responsibility in their operations can be traced back to the ...
Read More

CalQRisk Wins Best RegTech Solution at National Fintech Awards

CalQRisk, a leading provider of Governance, Risk & Compliance solutions has won the ‘Best Regtech Solution Award’ at ...
Read More

CalQRisk shortlisted in National Fintech Awards

The CalQRisk solution is shortlisted for ‘Best Regtech Solution Award’ at the inaugural National Fintech Awards. The National ...
Read More

CalQRisk shortlisted in 2023 CIR Risk Awards

Having won ‘Risk Management Product of the Year’ at the 2022 CIR Risk Management Awards, CalQRisk is now ...
Read More

From Risk Capacity to Risk Appetite

Risk Capacity is the maximum amount of risk that an organisation is technically able to assume before breaching ...
Read More

SMT automates their approach to Risk Management with CalQRisk

SuMi TRUST Global Asset Services (“SMT”), a subsidiary of Sumitomo Mitsui Trust Bank Limited, one of the largest ...
Read More

Digital Operational Resilience for the Financial Sector Act (DORA)

The Digital Operational Resilience Act (DORA) entered into force on 16th  January 2023. It outlines EU regulations for information ...
Read More

8 Things to Consider in a Data Breach Response

A data breach can lead to reputational damage, financial losses and much more. By effectively preventing and investigating ...
Read More