Blog Post

This post is an update on the risk metrics project I described a few weeks ago. You can read about the origin of the project and the intent here. If you recall, the underlying metrics for the project had to meet the following criteria: Broad, not narrow (meaning the metric has widespread effects) Publicly available Easily understandable Updated frequently Commonly used Unfortunately, for a lot of the data I looked at, I could get four out of five criteria but often one remained out of reach. Usually, this was frequency as some macro-indicators are published in annual reports, not weekly or monthly. However, for a macro trend such as literacy rates, a year-on-year measurement is sufficient, which means that the final criteria could read regular or frequent. ...

A problem I’ve observed is that we often need to differentiate more clearly between what we need to do and how we will do it. This confusion makes us think that a problem’s been solved when, in fact, all we’ve done is identify the effect we want to achieve, not how we’re going to get there. The roadmap for how to make that happen is missing. Imagine a business that’s trying to cut its costs because its cash flow is out of balance. Discussions might end with decisions to trim expenses or reduce headcount, which are reasonable ways to cut costs significantly. Everyone leaves the meeting thinking the problem’s been solved. However, they still need to determine what costs can be cut without compromising operations. How to manage layoffs and the effect these will have on the business? They will have identified the ‘what’, but not the ‘how’. ...

Full disclosure: this is me working through an idea in public but, if you’ve been reading my stuff for a while, you’ll know that the blog and email are often me thinking out loud, trying out ideas to see what sticks. In this case, it’s not a new idea but, instead, a rather old one. A 20-year-old one… Data-Driven Risk Management How this came about isn’t important, but since my first risk assessment, I’ve felt that there’s a need for some kind of simple math to underpin things and help with consistency. Eventually, that became the kind of thing you’ll have seen in the metrics and gradings work here. ...

This recent tweet made me chuckle as I thought, ‘Yup, sounds just like a Barbara.’ Ed Burmilia on Twitter Like this author’s fictitious Peggy, ‘Barbara’ is my shorthand for the person who’s essential to an organization. But, unlike Peggy, Barbara’s real. What’s a Barbara? Barbara was the founder’s EA at a firm where I worked and, having been there since the very beginning, knew everything there was to know about the business. ...

ESG under attack as ‘woke’ capital This post originally appeared in the ‘So What’ newsletter on July 1, 2022 In a lot of recent coverage, ESG (environmental, social & governance) is being termed ‘woke’ capitalism by both supporters and detractors of the investment class. This perception further strengthens the sense that, rather than measuring how well a firm or fund performs in some important non-operational ways, ESG is nothing more than a form of virtue signaling and/or a scam. ...

Data or information by itself is meaningless. For it to be useful, we need to add context. This is the difference between information and intelligence: once we’ve analyzed the information and put it into context, the resultant intelligence gives us an understanding of a situation. Another way to write this is understanding = knowledge + context But that’s sometimes easier said than done. What do we mean by context, and how does this help you understand a situation better? ...

There’s a saying that there are no atheists in a foxhole, and it’s the same for a boardroom in crisis. Facing the worst day of their life, even the most bitter executives who don’t even know where the nearest church, mosque, or temple is will be trying to remember the prayers they learned as a child. They won’t add God to their stakeholder matrix, but they still hope He’s on their side. ...

I started the KISS risk management project five years ago with the idea that risk management was being made too complicated and there were too many gatekeepers in the way. That makes it hard to get started in the profession, which robs businesses of a broad range of perspectives and viewpoints (a risk in itself). But this lack of general risk intelligence also makes us all worse off: we need people to make risk-based decisions in all kinds of situations. ...

*I received an email a few years ago from someone just getting started in risk management asking if I had any thoughts or advice on the risk management skills they needed. The response quickly became several pages long and I thought it was worth turning it into a blog piece that others might benefit from. So here are 10 considerations for new risk managers (although this could also be titled ‘Letter to a 30-year old me’ or a 40-year old me.) * ...

Becoming a risk manager can seem to be more art than science. There’s not a clear pathway from degree to junior risk manager to senior risk manager to CRO (Chief Risk Officer) in the same way that you can chart the progress from freshly minted CPA (Certified Public Accountant) to head of Ernst & Young. (Financial risk management is the exception here as there is usually a clear path there.) ...