There was a stunning contrast in messages between two keynote speeches at this spring's RIMS conference in Honolulu.
The first was a warning shot to all risk managers from former Enron executive Lynn Brewer about how risk management can fail in the face of widespread corporate fraud and complacency.
The second, from Microsoft Corp.'s senior director of finance, Lori Jorgensen, trumpeted the successes of enterprise risk management in handling any future risk.
"The nature of risk has always changed," said Jorgensen. For instance, she pointed to how the great 1905 Chicago fire changed the way companies viewed risk then, in much the same way that companies altered their appreciation of risk after Sept. 11, 2001.
Not only were risk managers' eyes opened to new exposures, she said, but they realized the extent that exposures were interconnected and threatening to their entire enterprises.
So even basic material risks must be viewed broadly, such as the ones that Microsoft faces--from product catastrophes and product liability to contract management, business continuity and supply-chain risks to injury to others.
But Microsoft and companies like it also need a healthy appetite for such risks if they are to move ahead.
"The challenges are the good stuff that makes us better," Jorgensen said to a lunch audience of her peers.
Few risk managers, however, would wish the challenges that Brewer faced at Enron on their worst enemies, let alone on themselves.
Brewer was recruited in March 1998 in a risk management capacity, and soon came across what would be the greatest threat to her new company's health--widespread fraud, which, she claimed, started from the top down, along with the even more pervasive complacency toward it.
Brewer, for instance, revealed a case of bank fraud she discovered at the company, to the tune of $232 million. She communicated her concerns through the right internal channels at Enron, but as a midlevel manager, Brewer was virtually powerless when her voice went ignored.
After this event, said Brewer, she joined the other two-thirds of Enron employees who, she said, were willfully turning a blind eye to the 20 to 40 people (her estimates) who were actively committing fraud at the company. Brewer would eventually, of course, blow the whistle.
"I had reached my threshold of pain," she said.
And what she learned, as well, was the message that permeated her keynote: All risk managers could have a potential Enron on their hands.
Enron, she reminded the RIMS audience, was a well-respected corporation up to the very end, and Brewer played a recruitment video for the audience to underscore this. In the video, Enron CEO Jeffrey Skilling and President Kenneth L. Lay take turns speaking in corporate jargon about how "we gotta set the standard" and "thinking about the world differently"--all catchphrases on innovation and values that could be heard from many speakers, and from many companies, at RIMS sessions in 2006.
Brewer's point was that not much has changed post-Enron. In fact, the situation may be worse. Nearly 50 percent of chief financial officers, according to Brewer, still feel pressure to practice aggressive accounting, while 20 percent feel more pressure since Enron.
Add to that an environment where employees feel little or no loyalty, and you have the potential for an ethics scandal writ large. As Brewer reported, there were only 6,100 whistle-blowing reports to the Securities and Exchange Commission in 2000; in 2004, there were about 40,000 every month.
Risk managers must recognize this. As Brewer cautioned her audience, it's up to the risk managers in companies to keep capital markets, and their companies, safe.
June 1, 2006
Copyright 2006© LRP Publications