Silence in the Boardroom

Yesterday, Rick Steinberg wrote a great article in Compliance Week detailing the many failures of risk management leading to the recent financial market crisis.  For those of you who may not know,  Mr. Steinberg is a leading authority on the topic of risk management and a principal author of the COSO Internal Control Framework that has become the de facto standard for public corporations and their boards of directors.  As such, Mr. Steinberg has a unique perspective of the unfolding events in each of the firms that have contributed to the market collapse.  In particular, Mr. Steinberg points to boards and their responsibility for holding senior management accountable.  He states,

"....the board must understand what management is doing to identify, assess, and manage significant risks facing the company. It must be comfortable that management has a process in place, and that the process is working effectively. The board must be comfortable with management’s appetite for taking on risk, and that senior management is positioned to obtain accurate information about key risks and relays that information to the boardroom."

While he also notes areas of weakness with other players such as the regulators and credit rating agencies, it is this critical component of risk management and corporate governance that cannot be ignored.  Without a strong enterprise risk management process and frequent communication between board members and management, companies will not be able to navigate the critical risks and new regulatory environment that is now on the horizon.