One company is in North America, the other is in Central America. The North American company is a large, fast growing company in Canada. The Central American company is a I'd like to compare two recent events. Both events occurred with communication companies to which I subscribe. One company is in North America, the other is in Central America. The North American company is a large, fast growing company in Canada. The Central American company is a small national company in Costa Rica. They both provide the same services: land lines, cellular service and Internet. I have been a customer of both companies for more than five years.
With my North American provider, my cell phone account was recently hacked. A fraudster acquired my account number, my birthday, my address and my password. He or she was able to order two new smart phones and change my service contract. Interestingly, my service provider claimed that "I" picked up the new phones at a neighborhood store. "I" didn't have to show any identification to prove "my" identity.
After delivery of the new phones, my service provider emailed me my change of contract confirmation. I immediately advised them that I had not ordered the phones or changed my service plan. After an investigation, they reversed the contract changes and absorbed the cost of the smart phones and service.
The bottom line was that in their haste to engage in a new contract, they didn't do the simplest risk management -- confirm the identity of the person changing the agreement. They did, however, spend far more time unwinding the mistake and bearing the cost of the fraud, costs that clearly exceeded any profit they were going to see from selling the two new phones. Their haste and lack of diligence cost them.
The Costa Rican company I have dealt with, on the other hand, has been much more risk averse. They take significant time to review and research evidence before taking any action.
In Costa Rica, I recently wanted to add high-speed Internet service to my existing account. I tried to accomplish this over the phone. I have a phone line with the same company handling the Internet service, so it should have been quick and easy?
Nope. I had to prove, by a certified, stamped, notarized document that I was the rightful owner of the property, and that it is in good standing. This involved getting my lawyer to prepare a document to satisfy their requirements. I also had to deliver the original document and the request for the new service in person. I had to bring a valid, government-issued identification to prove my identity. No short cuts allowed.
On reflection, who is doing the better risk management job?
The Costa Ricans assured themselves they had a valid client and most important, they weren't going to have to undo a mistake made, due to a step skipped in the qualification process. Their process certainly reduces the incidence of fraud.
So guess which company I feel more secure about? Which company has my full trust? Which commands my loyalty?
I wonder if in our haste to acquire or satisfy customers, we short cut too many of our risk management processes. The growing consumer demand for instant gratification is decreasing our tolerance and patience for proper research and consideration; increasing our errors and our number of failures. If we just took the time to not circumvent key risk assessments before we made a decision, I think we'd all be better off. The more consideration we give a situation or opportunity, the better our results are in the end.
JOANNA MAKOMASKI is an internationally recognized enterprise risk management executive with experience in energy, health care, and most recently in the sporting event sectors. She can be reached at email@example.com.
February 19, 2013
Copyright 2013© LRP Publications