IERP® Team No Comments

The Cost Of Corruption

How much does corruption cost – not exclusively in monetary terms, but to business, and by extension, to the national economy as a whole? In Malaysia, the Auditor-General’s annual report speaks volumes about the prevalence of fraud, “leakages,” misuse of funds and abuse of authority. Yet these shameful, unhealthy practices persist, to the extent that they can actually be quantified – and the amount is staggeringly in the billions!

Of course, the Auditor-General’s report references the situation of the public sector, but the cost of corruption is one of the major risks that the private sector has to deal with as well. Organisations which tolerate fraud, ignore instances of poor corporate governance or sanction kickbacks by their silence are as culpable as the individuals that actually perpetrate them. Companies should declare that they will not tolerate fraud. Internally, there should be clear, concise policy concerning fraudulent practices and the penalties incurred, communicated to employees from their first day on the job, and emphasised at regular intervals.

In fact, businesses should make such policies a key element of business management and corporate integrity, and ensure that it is enforced at all times, at all levels of the organisation. Anti-graft policies and codes of corporate conduct should be communicated to suppliers as well, so that any attempt to influence bids for procurement or preferential treatment can be nipped in the bud. But why go to such lengths when businesses, out of prudent management, inevitably make provision for losses, and have probably already established a risk appetite that has taken into account, unsavoury as it may be, the cost of corruption?

Because there will never be “just one” case of corruption. Corruption inevitably snowballs, proliferating exponentially and getting more damaging with each incident. No organisation will want to reach a point where corruption has permeated the structure to the extent that it becomes the norm. Corruption will eventually kill the company that condones it, not just financially, but reputation-wise. We see evidence of this every day: firms that lose their investors’ trust and stakeholders’ support, and become unsustainable because they were seen to condone corruption. These enterprises are irredeemably damaged, and their destruction affects both honest and dishonest employees.

Bad news travels fast. It doesn’t take very long for information to circulate, and even staff who may not have been in the same department where the fraud took place, will find themselves tainted by the allegations. Worse still, the company will be perceived as less than honest by practically everyone else. Although this may smack of hypocrisy – as corruption is rarely limited to just one enterprise in any industry – perceptions of this sort have a very damaging knock-on effect which can result in long-term damage to the firm.

But what actually constitutes corruption? Unfortunately, in Malaysia, the general perception is that corruption has been condoned for decades, that businesses cannot function if they do not grease palms or fail to factor kickbacks into their expense accounts. While there are cases of blatant corruption, with large sums being siphoned off, and contracts being awarded in instances of obvious conflict of interest, corruption is less likely to be traced when the perpetrators do not see themselves as doing anything overtly corrupt. One example is the awarding of contracts not to the most capable contractor or the lowest tender, but to a party known to the person with the authority to award it.

It should be noted that there is sometimes no intention of committing fraud, and certain practices are not seen as corrupt within certain cultures. Indeed, what some cultures perceive as cronyism or nepotism, others may see as just “helping” a friend or relative to “get a bit of business.” Of course, this begs the question of how to tell the difference, but there are rules and regulations that can be applied, boxes that can be ticked, and checks and balances that can be instituted to ensure that boundaries are not crossed. Politicians, for instance, should not be on Boards; companies which are bidding or tendering should not have any connections whatsoever with Board members or management of the company calling for bids or tenders.

As concrete measures of combatting corruption, organisations should cultivate the ability of exercising independent judgement among staff, and curbing corrupt thinking from the outset through the appropriate training and a clearly written code of conduct. The correct tone should be set at the top, and cascade downwards because at the end of the day, it is human behaviour, not rule books, that will drive the firm. Management should be aware of weaknesses in systems and processes, and staff should be encouraged to whistleblow without fearing retaliation because ultimately, being corruption-free hinges on integrity, transparency and good corporate governance.

IERP® Team No Comments

Another Approach To Risk

Few companies greet risk with open arms; most approach it with extreme caution and intense dislike. And only rarely can an organisation find a risk and turn it into a paying proposition. But that is exactly what some companies have done. They are putting a positive spin on disruption and making it work for them – and they’re doing it precisely with the technology that causes the disruption in the first place, like Artificial Intelligence (AI), Big Data (BD) and Data Analytics (DA). In the process, these organisations are finding ways of doing business more effectively, reaching out to a larger client base, and making better-informed decisions and better-balanced judgement calls.

Every business is subject to risk, so risk is everyone’s business; managing it effectively keeps a firm sustainable and gives it a competitive advantage, mainly because risk forces the organisation to plan ahead, and drives outcomes by identifying areas which may need attention. Relying increasingly on AI can help support existing processes, without having to stretch resources too much. Staff, too, need not fear “the robots taking over” because AI undertakes primarily onerous, repetitive tasks of the mind-numbing kind, thereby allowing real human talent to be more effectively deployed. AI can make work easier but organisations need to first have a handle on their real tech needs.

Many firms plunge headlong into the tech revolution, only to find that road unsustainable, and upon emerging – usually when they run out of funds – discover that the tech they have been using has become obsolete or was not really suited to their needs. They need to be aware that tech advantages can often be a double-edged sword. Companies should not start on comprehensive tech upgrades unless they have a comprehensive, long-term tech strategy in place, and preferably, someone with enough knowledge to drive it.

AI, BD and DA exist symbiotically; their biggest advantage is probably their ability to capture and analyse huge amounts of data rapidly. They are particularly effective in tracking consumer behaviour, can bring certain spending patterns to light, and even predict trends and tastes of certain market segments. But there are risks – such as human error – which, if they occur at the most basic programming level, could skew results or cause distortions. When these happen, the resulting damage could be irreparable, particularly where reputations are involved – hence the need to strategise carefully.

Because of time constraints and other resources that are usually invested in them, technology and innovation should always be viewed long-term, and factored into the firm’s risk appetite. There is also the psychology behind the use of technology to consider. Most people regard technology as a tool that will do their work, which is not entirely wrong. They see technology as the answer. Significantly fewer people regard technology as only an enabler, i.e. something that will help them do their work better by enhancing, not overwhelming, their skills.

As long as people expect tech to do the work, they will be held in thrall to it, and actually fear being replaced. They need to realise that tech is a tool which needs to be controlled by humans, for human empowerment – even if the pundits say that AI in the future may well enable a patient’s health to be diagnosed from a smart phone, or allow drones to deliver packages anywhere on earth through facial recognition, or even launch a personal space probe!

Many banks are jumping on the AI bandwagon with great alacrity, seeing this as a practical way to cut costs. In Australia, some banks have closed down branches, forcing customers to bank online or use their phones – something which many people are not used to. This has resulted in the banks losing customers, which they cannot afford to do, considering the current economic climate in many regions and industries. This is an example of how technology, which is intended to enhance business, became disruptive instead, and backfired badly. Can any business, in this day and age, afford to lose customers?

Perhaps the bank which closed its branches should have strategized differently, and done what a bank in the US did. Forced to replace its (human) tellers with ATMs, it made efforts to get feedback from customers on their “upgraded” banking experience. What they missed most, the customers said, was the interaction with the counter staff, and the comfortable waiting area. The bank took note, and installed seating in the ATM lobby, with a coffee vending machine, to keep their customers’ banking experience as pleasant as possible. Sometimes better technology is not the answer, at all.

IERP® Team No Comments

It Won’t Go Away

The spectre of cybercrime is more than an inconvenient truth that will not go away; it is a growing phenomenon that threatens to engulf whole businesses and disrupt entire industries, whether or not people choose to ignore it. Read more

IERP® Team No Comments

Crisis Management And Brand Resilience

When a crisis hits, people usually pay attention to the business side of the crisis, but the human side of it needs just as much attention. It’s not just the risk managers who should be involved with managing the situation; HR should be involved with crisis management too. Read more

IERP® Team No Comments

Challenges In Corporate Governance

Corporate governance is the systems with which an organization is run, delineating the roles and interests of stakeholders, board members, executive staff, and to a certain extent, members of the wider community. Read more

IERP® Team No Comments

Can Millennials Survive In The Corporate World?

In the next few years, Millennials will make up more than 75 percent of our modern workplace. According to a millennial survey conducted by a Big 4 accounting firm, Millennials’ opinions about the motivation and ethics of business have spiralled downward. Read more

IERP® Team No Comments

Business Continuity Management

As a form of crisis management, business continuity management (BCM) has evolved since the 1970s in response to the technical and operational risks that threaten an organisation’s recovery from hazards and interruptions. All business ventures have hazards and disruptive factor with which to contend. Read more

IERP® Team No Comments

Distinguishing Between ERM and ORM Approaches

Distinguishing Between ERM and ORM Approaches

On May 4, over 20 professionals from across industries attended a Tea Talk session at the IERP® International Secretariat. Our keynote speaker for this session was Mr. Ramesh Pillai, Chairman of the Board of Governors of the IERP® and Group Managing Director of Friday Concepts, an ERM, GRC, and BCM boutique consultancy. Speaking on distinguishing between Enterprise Risk Management (ERM) and Operational Risk Management (ORM) approaches, he aimed to dispel common misconceptions of the two related but different approaches.

He noted that more attention has been placed on Operational Risk as of late as a result of geopolitical volatility and technological disruptions. The possible escalation of conflict and the deterioration of interstate ties, for example, are genuine concerns that would have far-reaching effects across the interconnected global economy. With a large range of risk factors to consider, an organization can face up to thousands of risks at a time, most of which are constantly changing and need to be re-evaluated as such. In such an environment, it is essential that risk management moves from a siloed approach towards a more integrated and dynamic one.

Read more

IERP® Team No Comments

The Star: A Special MBA

As originally printed in The Star on August 27, 2017: In collaboration with the Institute of Enterprise Risk Practitioners (IERP) based in London, KDU University College unveils a new revolution to the business industry by introducing the world’s first Master of Business Administration (MBA) programme specialising in Enterprise Risk Management (ERM). Read more

IERP® Team No Comments

The Edge Financial Daily: Disruptive Innovation has No Room for Complacency

Given how extensive technology has shifted our world today, being tech-savvy is no longer reserved for the younger generation, but a crucial requirement for today’s enterprise risk managers, said Bank Negara Malaysia (BNM) assistant governor Donald Joshua Jaganathan (pic).


For technological advancements are able to not just shape the world and business environment, but also render its users or institutions vulnerable to online threats.

As such, Jaganathan said there is a greater need for savviness for two main reasons: to harness operational efficiency and to quickly identify and respond to new sources of risks arising from these advancements.

Jaganathan, who is responsible for BNM’s supervisory function, said this in his keynote address at the 4th Institute of Enterprise Risk Practitioners (IERP) Global Conference 2017 in Kuala Lumpur yesterday. Read more

IERP® Team No Comments

Edge Weekly: IERP Global Conference 2017: ERM — Turning Risk into Advantage

While working for a Kuala Lumpur-based international banking organisation, Ramesh Pillai found himself and his management team in a dire situation when the bank’s employees were caught in the 1998 riots in Jakarta, Indonesia.

“We had to evacuate our staff in Jakarta and relocate them to Kuala Lumpur, which we did successfully. We turned the Renaissance Hotel into our ‘Jakarta office’, which meant whatever calls that were made to Jakarta were answered in Kuala Lumpur,” Pillai recalls.

However, the staff eventually moved back to Jakarta despite the dangerous circumstances — a bold decision that made the front page of The Jakarta Post. Later, when normalcy returned, the bank was given additional licences by the Indonesian government to expand its business in the country. Read more

IERP® Team No Comments

The Star: RAM to Set Up Institute of Enterprise Risk Practitioners

PETALING JAYA: RAM Holdings Bhd has teamed up with Friday Concepts (Asia), an expert in risk management and strategy, to set up the Institute of Enterprise Risk Practitioners.
The institute will design a certification programme titled Professional Certification in Enterprise Risk Management (ERM).

RAM said in a statement yesterday the primary goal of the programme was to foster a pool of well-qualified management experts and ERM specialists as well as to facilitate better networking among such professionals.

A comprehensive 12-day professional module had been specially created to equip participants with the requisite tools and knowledge.

The inaugural programme, to be launched next month, will produce its first batch of graduates in February.

As originally printed in The Star

IERP® Team No Comments

Press Release: RAM Jointly Launches Prototype ERM Certification Program

The current financial crisis has highlighted that companies with effective and holistic Enterprise Risk Management (“ERM”) practices are better equipped to weather the turbulence and to exploit the resultant business opportunities. Such companies, which span myriad industries and geographical locations, can fully appreciate the importance of ERM and how to link it to their performance. They use ERM as an effective strategic, management and decision-making tool to create and hone strategic as well as competitive advantages over their competitors.

Acknowledging the increasing importance of ERM, RAM Holdings Berhad (“RAM”) has teamed up with Friday Concepts (Asia) (“FCA”) – experts in risk management and strategy – to set up the Institute of Enterprise Risk Professionals (IERP) and design an ERM certification programme entitled Professional Certification in Enterprise Risk Management. The primary goal of this programme is to foster a pool of well-qualified management experts and ERM specialists, not to mention business leaders and entrepreneurs who are also savvy in this arena. The programme also aims to facilitate better networking among such professionals, complemented by shared business knowledge and experience. Read more