88
5
Management of Risks
It is important to have monitored the transactions and all monitoring and control programs that have a purpose of identifying and detecting any suspicious activity, both inside the company, and in its relationships with other entities. These can consist in, for instance, financial checks of the gifts received or monitoring systems of sanctions of antifraud checks. Besides these, we must carefully analyze the compliance, culture, and professional development programs within the company or that its employees participate in, as well as the internal audit reports and those of examination of the regulations that touch subjects concerning compliance and integrity. The results of these analyses can provide us with valuable information regarding the factors that affect a company’s integrity. The results obtained after carefully evaluating the dishonesty risk are then analyzed in order to see their potential impact on the company’s image and revenues. This analysis can lead, and it oftentimes does, to adopting measures in order to minimize those risks. This also has a direct impact on the company’s revenues and costs. If significant issues are discovered during the evaluation, the company must ask itself the question whether these are important enough to present a risk for the company’s reputation, brand, and organizational culture. If the answer to this question is yes, then it is time to take into consideration certain methods of reducing the risk. In extreme cases, it can get to the point of changing one of the company’s objectives or pulling out from a transaction. These situations are rare, appearing only in case of chronical issues, spread at all company levels, or if the risk cannot be reduced or tamed. Once the risks have been identified, it is time to define a strategy to manage them, within which there must be mentioned the actions that have to be taken in order to tame, reduce, and eliminate them. A SWOT analysis is of great help at this stage. Usually, the dishonesty risk happens when a transaction takes place between two sides with a shared interest. In order to reduce it, various measures have been elaborated. Over time, some of these proved their effectiveness more than others. Strategy Outline • A list that identifies the risks. Information on this list is updated in order to identify the threats the company has and to evaluate the dishonesty risk. • A risk analysis—a systematic process with the help of which the potential dishonesty risks are identified, and the probability and consequences in case these risks become reality are estimated. • A detailing of the existent standards and regulations in the area and the methods used in order to respect them. • A matrix of assigning responsibility (RACI), where the people in charge of fulfilling the tasks in order to efficiently implement the plan, as well as the people that must be updated during its run, are designated. • A list of the techniques, frequency, monitoring the conditions, inspections, and monitoring the process of diminishing the risk necessary in order to successfully fulfill the plan. • An analysis of the failures or successes of the efforts previously made in this respect, if there were any.