1. Legal Technology, Content and Solutions
  2. Insights
  3. Risk governance and the politics of rage


Risk governance and the politics of rage

Stephen Scott and Karen Cook

At a time of broad discord, the world has a welcome cause to come together in celebration. With the signing of the Armistice in 1918, the horrors of WWI came to an end on “the eleventh hour of the eleventh day of the eleventh month.” This November 11th marks the 100th anniversary of that momentous occasion. Leaders from dozens of nations will gather in Paris in commemoration.

President Macron has convened the Paris Peace Forum to honor the moment. The event has been organized to showcase various ‘governance solutions’ presented by project leaders hailing from 115 countries and all walks of civil society: foundations, academia, NGOs, religious organizations, and – most notably – private business. “Peace is linked with global governance,” the Forum’s organizers contend, with reference to corporate governance as well as the civic sort.

It may be unusual for those in corporate and risk governance roles to think of their work in the context of War and Peace. But business is the engine of prosperity. When businesses stumble and economies wobble, discord can swiftly lead to conflict and, from there, to open hostilities.

Effective risk governance is essential in this context, and perhaps most significantly in the banking sector, where misconduct, self- dealing, and financial crime damage the interests of shareholders, employees, customers, and society more broadly.

As evidence, one need only consider the Financial Crisis, pointed to by many as the proximate cause of the rancor that characterizes daily discourse in many countries today. This, in turn, has led to trade tensions in international affairs. Left unchecked, things could get far worse. As the world lurched towards war in 1914, economic tensions played significant part, and the financial sector played a particularly prominent role as the architecture of the gold standard crumbled.

It is a good time to take in the lessons of history.

Chapter One

Trust matters

Chief among such lessons is the importance of trust. The human race is successful because of a carefully-cultivated ability to cooperate with strangers, at scale, as a presumed behavioral norm. Where this is wanting, as John Stuart Mill observed, prosperity is diminished or absent

Contemporary political scientists contend that institutions create the pre-conditions necessary to the broad extension of trust by establishing what might be called a ‘trust infrastructure’ that enables collective action around shared challenges. Our key institutions – public and private – foster the development and exchange of social capital: “features of social organization, such as networks, norms, and trust, that facilitate coordination and cooperation for mutual benefit.”

The result is widespread prosperity. Several economic historians have observed that, from about the time of the Renaissance, nations that succeeded in building an institutional trust infrastructure outperformed those that did not. A quick look at data reflecting levels of GDP per capita over the last two millennia reveals the productive power such institutions have generated.

If we accept that trust is essential to collaboration and establishes the basis for shared prosperity and the peace this typically engenders, then we should be deeply worried by findings that reveal trust in our core institutions to have cratered in the last decades. The decline began in the 1960s but has accelerated since, particularly in the wake of the Financial Crisis, and in just about all institutions but for the military. (A finding that may carry its own worrying implications)

This returns us to risk governance.

Chapter Two

Trust issues

Reasons for the collapse in trust are perhaps many, but we would submit that a central issue is a decline in successful risk governance. When ‘the elites’ charged with running our institutions are seen repeatedly placing their interests before those of the people they are meant to serve, it is little wonder that our shared trust infrastructure erodes and that faith in ‘the system’ is lost.

This is significantly worsened when those found guilty of front- running society avoid punishment. “When the fairness of the rules grows questionable and the benefits of the system are distributed too unequally,” writes economist Luigi Zingales, “the consensus for free-market meritocracy can collapse.” It is the responsibility of those in risk governance roles to guard against behavior within private organizations and public institutions that may result in such wholesale disaffection.

What is true at the macro level of social and economic orders is true also at the microeconomic level of the firm. Where a firm is seen to ‘cheat’ or to engage in bad-acts, faith in such a firm will weaken. Though typically spoken of in anodyne terms such as brand impairment, reputational or ‘headline’ risk, and loss of ‘good will’ (in accounting-speak), bottom-line impact is demonstrable.

Consider for example the emissions scandal that continues to rock Volkswagen. Or the opening of false accounts at Wells Fargo. Or findings of sexual abuse that enliven the #MeToo movement and have led to turmoil at firms as diverse as Uber, CBS, Nike and Papa John’s, to name but a few. The subsequent costs imposed on these firms are material: mistrust imposes a tax on profitability.

When misconduct is seen across firms in the same sector, a loss of faith in whole industries may follow. This has been evidenced most recently by findings of misconduct among Australian banks, exposed by a Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry. An interim report released by the Commission lambasts the entire Australian financial sector, broadly reflecting public sentiment.

For economies and societies to function, writes Nobel Laureate Joseph Stiglitz, participants must trust that the system is reasonably fair. “But if I think that you are cheating me, it is more likely that I will retaliate, and try to cheat you... As the trust deficit persists, a deeper rot takes hold: attitudes and norms begin to change. When no one is trustworthy, it will be only fools who trust. The concept of fairness itself is eroded.”

A sense of betrayal then fuels a Politics of Rage.

Chapter Three

The Four Horsemen

A growing number of business leaders appear to recognize the dynamics of our time and have begun to emphasize the importance of trust. “Employees will walk out, executives will walk out, customers will walk out, & partners will walk out if they do not Trust the company & the CEO’s values,” Salesforce CEO Marc Benioff Tweeted. “If Trust is not your highest value than what is it?”

“We need trust and confidence in our institutions – confidence is the ‘secret sauce’ that, without spending any money, helps the economy grow,” JP Morgan CEO Jamie Dimon wrote in a letter to stakeholders. “The health of America’s public corporations and financial markets — and public trust in both — is critical
to economic growth and a better financial future for American workers, retirees and investors.”

The faith of regulators, investors, employees, and customers collectively constitute the four pillars that support successful businesses and economies. When this faith is lost, the four pillars instead morph to resemble the Force Horsemen of the Apocalypse.


“We need to adapt to the times and arm ourselves with the appropriate technologies, data and methods to combat misconduct more effectively with the resources at our disposal,” the Deputy CEO of the Hong Kong Securities & Futures Commission recently stated. “Let there be no doubt — we will vigorously pursue individuals culpable for misconduct.”

It is ironic that many in business view regulation as a pest: after all, those businesses that win regulatory approval for their activities often benefit by a powerful barrier to entry for would-be competitors. With supervisors making misconduct risk a priority, it’s clear that firms showing a greater commitment to managing such risks will benefit by less ‘pestilent’ regulatory attention.

As the Deputy Governor of the Central Bank of Ireland recently remarked, “Given that misconduct can cause consumer detriment and, indeed, threaten the safety of financial institutions, regulators are increasingly focusing on how firms manage conduct risk.” She cites the IMF’s Christine Lagarde who has argued that, “those working in the financial sector must be as serious about values as they are about valuation, and just as passionate about culture as they are about capital.’’

“A challenge for the community of risk managers,” argues Wayne Byers, Chairman of Australia’s Prudential Regulatory Authority, “is not only creating a sound infrastructure of limits and controls to guard against financial risks, but also to instil a culture of risk awareness and stewardship across the entire business, including for behavioural and reputational risks.”

After public hearings into misconduct across the country’s banking sector, the Australian Securities & Investments Commission has made restoring trust one of its key priorities. “As a starting point to establishing trust, individuals, firms and industry need to improve their conduct,” says Chairman John Price. “To support better conduct, cultural change and better governance are also vital.”

“I’m really worried about this governance thing,” former Fed Chairman Paul Volcker is quoted as having stated recently, “but the lesson of all this is we need better, stronger supervisory powers.”

Greater supervisory capabilities are surely desirable, from a public policy stand-point. But the real struggle will be won or lost by those in risk governance roles within organizations, not by external monitors who can never achieve a level of insight that approaches that of company insiders.


Businesses that fail to address regulatory concern for effective risk governance may be penalized by investors as well as regulators. And businesses that lose investor appeal will be starved of capital, while firms that show concern for the social consequences of their activities may feast.

“To prosper over time, every company must not only deliver financial performance, but also show how it makes a positive contribution to society,” Blackrock CEO Larry Fink wrote earlier this year. “Companies must benefit all of their stakeholders, including shareholders, employees, customers, and the communities in which they operate.” Where this is not found to be the case, Fink warns, such companies may “lose the license to operate from key stakeholders.”

He is hardly alone in this view. “We’re really saying shareholders have a role to play in this,” says the CEO of the Governance Institute of Australia, “and that while the buck stops with boards and with senior management, there is a place for shareholders in this.”

A current emphasis on activism among shareholders extends beyond large institutional investors to involve providers of private capital as well. For instance, corporate acquirers have taken to imposing a “Weinstein Clause” in their deals, allowing them to unwind acquisitions where it is discovered that past instances of sexual misconduct were not reported during diligence. Venture capital investors have also began to insert a “#MeToo Clawback” provision into their term sheets.

Increased activism around specific social issues necessarily implies that board directors will need to attend to ‘soft’ concerns like company culture more regularly and demonstrate a readiness to promote effective corporate engagement around ‘hot-button’ social issues. It also implies that, going forward, CEOs will need to play a role once reserved for diplomats when confronting such issues in the public eye and on the world stage. Effective risk governance must start from the top.


Competitive struggles in business are often described in the terms of warfare: battles for market share that target a competitor’s strategic vulnerabilities so as to capture advantage. While wholly apt in the competitive context, the metaphor today extends more broadly to cover internecine threats from a firm’s own employees.

Countless studies reveal that workers today want three things from employers: opportunity for personal development and career progression; a sense of community and belonging; all tied to a job that affords a sense of meaning and purpose. Particularly for Millennial employees, purpose takes priority over paycheck, which implies that company values must match personal values.

With unemployment at record lows, employees are voting with their feet and leaving companies that do not act in a manner consistent with their personal views. And they’re lobbing grenades on their way out.

This past July, Facebook made the headlines for scoring the largest loss in value in a single day ever recorded: $120 billion, or a 19% drop in stock price. A spate of scandals tied to privacy issues and misuse of the company’s platform for malicious political manipulation may account for the initial collapse in value, but it doesn’t explain why Facebook’s stock-price has continued to sink since.

Facebook’s own employees are keeping it in the news, in persistently unflattering light. In August, the company experienced organized dissent from a large group of employees decrying “a political monoculture that’s intolerant of different views.” When the press obtained internal blog posts to this effect, the story went viral almost instantly.

And when a senior Facebook executive was seen on television at the contentious confirmation hearing of U.S. Supreme Court justice Kavanaugh, many Facebook employees decried what they took to be an implicit company endorsement of a political figure they felt to be an anathema.

With these employee-led struggles continuing to suppress the company’s stock price, public funds have begun to call for Facebook founder Mark Zuckerberg’s ouster as board Chairman. Zuckerberg has hired former UK deputy prime minister Nick Clegg to help face down current controversies.

Facebook is not alone: the personal is increasingly political. Google, for instance, has struggled recently with an employee revolt over the company’s work on a “censored search engine” for Chinese customers. And Microsoft faced employee pushback against the company’s pursuit of a $10 billion contract with the U.S. military. “We joined Microsoft to create a positive impact on people and society, with the expectation that the technologies we build will not cause harm or human suffering,” employees wrote in a public blog post.

Employees have come to represent a company’s ‘strategic vulnerability’ even as they remain one of a company’s chief sources of competitive advantage. Leaders must be trusted to align company values with those of employees if they are to win the ‘battle’ for hearts and minds. Where they fail in this, risk managers may expect to face increased ‘insider threats.’


Monitored from above by regulators and investors, and judged by employees from within, firms face equally intense scrutiny from customers below. Social media creates ‘radical transparency’ with customers, whether firms like it or not, and organizational practices that once may have been hidden from the public are now laid bare in a ‘Tweet-storm.’

Increasingly, customers are looking to companies to take a stand on political and social issues. Doing so successfully can become a source of brand advantage as firms’ positions on social issues is now found to be as important a driver of purchase intent as are offered product features.

Woe unto companies that get this wrong. According to the Manifesto of consumer activist group Ethical Company, “at this critical time in our political culture,” consumers must engage in “issues which could each have a transformative effect on the economic systems within which we live, and which are illustrative of the kind of broader change we are seeking.” A chief weapon deployed by such groups is the boycott. Ethical Company lists some 50 active boycotts on its site.

Boycotts may be motivated by perceived racism on the part of a company or its visible leadership, as U.S. pizza chain Papa John’s has experienced in the last year. Or in response to claims of sexism or sexual harassment: witness the recent travails of Sir Philip Green, head of UK retailer TopShop, who is contending with calls for a consumer boycott under a #PinkNotGreen Twitter banner.

Still more frequently, consumer activism has a more overtly political drive. Consider last year’s #DeleteUber campaign; a backlash triggered by the perception that the company sought to profit from the Trump ban on travelers from certain Muslim countries entering the US. Or the successful boycott of the Ivanka Trump clothing line, launched in broad protest of her father’s presidency.

What such protests have in common is a consumer concern for company values. A majority (88%) of American consumers engage in boycotts to protest “irresponsible business practices,” according to one study. Once again, institutional trust is a critical factor: when faith in political and judicial institutions is low, consumers are more likely to act directly. “Boycott is practiced by those who distrust political institutions to regulate corporate behavior,” another study finds.

Few boycotts lead to corporate death. But they can certainly imperil firms and, at minimum, they extract enormous costs. After a cascade of misconduct scandals, a recent study finds that thirty- percent of Wells Fargo customers may pull a collective $90 billion in deposits in the coming year, equating to more than $2 billion in lost sales revenues. Their principal complaint is that the bank was engaged in “dishonest, unethical or illegal practices.”

“There really is a consequence for bad behavior,” observes former NY Fed president Bill Dudley. Formulaic apologies uttered by corporate spokespersons in the wake of a conduct scandal are insufficient and seen to be disingenuous and self-serving. They may therefore backfire. Instead, customers want to see those responsible punished, and a doubling-down on risk governance measures that provide some credible guarantee of desired company conduct going forward.

Chapter Four


War and peace are intimately tied to the ability of economies to provide a path to prosperity. This extends beyond the political realm: it is business that creates the conditions for wealth creation.

To function as necessary, public and private institutions must provide a trust infrastructure that allows for strangers to cooperate at scale, establishing the basis for a shared ‘commonwealth.’ If they are to facilitate the extension of trust, these institutions must themselves be trustworthy, guided by trustworthy leaders, directing trustworthy staffs. It is the responsibility of those in risk governance roles to assure that such trustworthiness is safe-guarded. When they fail, we fail.

“The key process in the decline of violence,” historian Peter Turchin reminds us, “has been the increase in the scale of human cooperation.” A rising tide of incivility – and instability – triggered by an erosion of trust in our institutions is perhaps the gravest threat to peace in the world today.

Business is at the front-line in the struggle for restored public faith, and those in risk governance roles are at the vanguard. They must conscientiously champion the cause. As President Macron urges, “Let us never be sleepwalkers in our world, let us always be vigilant.”

About the authors

The views expressed are their own.

About Starling

Starling is an applied behavioral sciences technology company, and a pioneer in the regtech space. Its predictive behavioral analytics are used by financial institutions to drive improved performance and desired culture, and to identify and mitigate behavior-related risks before they are permitted to cascade into crises.