The issue of diversity – whether the focus is on sexual orientation or ethnicity – continues to be a hot button for the financial services industry. And it can be seen as a way of mitigating operational risk.
The industry often does well in measures of diversity, compared with other industries – but there is still much room for improvement.
For example, there is often less diversity in the upper levels of management, particularly when it comes to gender balance.
There can also be areas of the business that become unbalanced – for example, more women than men in some service functions such as human resources or marketing, while the opposite may be true for technology or mathematically-based roles. Progress in redressing these imbalances can seem slow.
The moderate rate of progress in addressing this challenge could be because of the way the issue of diversity is viewed. Often, it is seen as either a governance or a compliance exercise, when the true benefit of having a diverse workforce is most fully felt within the risk management component of GRC, and particularly in the area of operational risk.
Diversity and GRC
Action around diversity is frequently undertaken through the lens of compulsion. Regulators, industry groups, pressure groups and the media have all made the attainment of certain levels of diversity into something that can seem like a box to be ticked.
Percentage targets are placed on diversity and firms are told to hit those goals. In this way, diversity can simply become a compliance exercise.
Alternatively, diversity is expressed as a governance requirement – again with a focus on hitting a particular target. This is particularly true when the topic of diversity at the board of directors or C-suite level is being discussed, such as when the media talks about the number of women on boards.
Discussion of why diversity could improve actual governance outcomes can sometimes seem to be voiced in well-meaning platitudes, such as “it’s good to have a variety of perspectives.”
Diversity and operational risk
Diversity is not often discussed within the context of risk management, and in particular op risk – which is a shame because it is within the discipline of operational risk that the significant benefits that diversity can bring to an organization could be most felt.
After all, managing operational risk well is all about being able to detect, and then consider, a risk from a variety of perspectives. Diversity – that is, several sets of different eyes – can bring potential risks into awareness, and shed new light on other risks. These risks, or aspects of them, may have otherwise gone unnoticed in a more homogenous group. Consider a scenario analysis workshop – how successful is such a workshop if everyone has the same opinion on a group of risks that doesn’t change from year-to-year?
There are several other ways in which diversity delivers real benefit to operational risk programmes, including:
- Detecting emerging risks
By nurturing diverse perspectives, organizations can foster the sort of creative thinking environment in which perceptions about emerging risks can arise.
- Building a control framework
The creative thinking that can result from diversity can lead to a more dynamic approach to controls programme development. For example, firms may consider new types of controls, or learn to evaluate existing controls differently.
- Retaining risk management talent
Several studies show that a more diverse organization is better at retaining talent. Better levels of talent retention are a good thing for operational risk management – across all three lines of defence. For example, experienced staff better understand existing risks and how they have been successfully managed in the past.
In conclusion, robust levels of diversity within an organization should be viewed not as a compliance requirement or a governance objective, but rather as an inherent part of a firm’s operational risk strategy. Diversity helps organizations develop real resilience within its risk ecosystem, which ultimately translates into better business performance overall.