Follow LogicManager

Subscribe via Email

Your email:

5 minute Videos

Top-down strategic or bottom-up governance approach, watch the video that represents the priority for your ERM program.

Stream_btn

Strategic_btn

Or if you are just getting started, understand what is involved and how to define an ERM framework.

Getting_btn


Solution Overview

Download_btn_orange

Understand the benefits of LogicManager’s ERM SaaS platform and how we support your organization’s challenges

Latest Posts

Browse by Tag

Best Blog Badge

Manage Tomorrow's Surprises Today

Current Articles | RSS Feed RSS Feed

Risk Monitoring: What Cantaloupe and Citigroup has in Common

Posted by Steven Minsky on Wed, Oct 26, 2011 @ 07:00 AM
  
  
  
  

View all posts | View current post

Two stories in the news recently that highlight failures in risk monitoring have caught my eye: one involving a listeria outbreak caused by tainted cantaloupe, and the other involving Citigroup losing $285 million for defrauding investors.

In the cantaloupe story, the deadly, nationwide listeria outbreak was traced to a packing facility in Colorado operated by Jensen Farms, in which factors such as workers and trucks accidentally carrying the disease into the facility, and machinery being hard to sanitize created the environment in which the bacteria could grow and thrive.

In the Citigroup story, the Securities and Exchange Commission (SEC) settled a civil suit against the banking giant totaling over a quarter billion dollars for failing to tell investors of the role of their investments or that it had made bets that the investments would fall in value.  These charges have continued since we identified it first in 2009 and saw it happen to Goldman Sachs in 2010.

So what does cantaloupe and Citigroup have in common?

Both Jensen Farms and Citigroup were in compliance, yet failed to have effective risk monitoring in place.

The packaging facility that caused the outbreak was audited two days prior to the outbreak and received a passing grade of 96 out of 100, so their facility was in compliance.  Despite passing, the conditions causing the outbreak were still present.

In Citigroup’s case, the investments themselves were in compliance with regulations; however it was the lack of risk disclosure that resulted in a loss of $285 million and a tarnished reputation.

The lesson to be learned from both of these cases is that just being in compliance is simply not enough.  Organizations must additionally be able to fully assess, mitigate and monitor risks across all business functions and through every material level as well as see their connection to business performance.

The first step in seeing across silos and levels and seeing the link to business performance is evolving your organization’s risk taxonomy.  Your taxonomy is the framework that manages the relationships between risks, activities, and goals and defines your organization’s standards, assumptions, and terminology.

Click here to see an example of taxonomy in action.

Tags: , ,

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics