Your Quick Guide To Managing Ethics & Compliance

Ten days ago, we moved into a new home. We’d been looking for 18 months, providing plenty of opportunities (and failed bids) to learn.

Two nights ago, as temperatures dropped, half the house (the kids’ rooms, bathroom, and utility room) lost all water (and, therefore, heat). Was our risk assessment wrong? Could we have prevented this? What lessons might this give us for risk & compliance due diligence work?

Rapid due diligence

As we scrolled through endless listings, we learned to spot the real estate agent’s creative use of euphemisms:

💀 Cosy = for toddlers; adults – standing up possible in places.

💀 Spacious = normal.

💀 Extremely spacious = cold, eery, and from the set of The Others.

💀 Rustic garden = trench warfare a better option than landscaping.

💀 Rare opportunity = previous owner died and didn’t redecorate after Woodstock.

💀 Thoughtfully refurbished = by people who like pool tables in bedrooms.

💀 SmartHome = only NASA electronics experts should consider.

💀 Outbuildings with conversion potential = Asbestos murder shack.

💀 Improvement potential = dynamite needed.

We learned to screen for obvious turkeys and what wasn’t shown. No floorplan? No photos from outside or of certain rooms? There’s always a reason. Deception is not just lying; it’s omission.

Google maps (Streetview), ordnance surveys, flood mapping, crime stats, nearby school inspection reports, local council planning applications, new developments, etc., became vital tools. It was shrinking a massive dataset down to something manageable.

Pick up the phone

My wife gets on the phone. She gets far better results than email booking forms ever would. With the one-on-one interaction, we started to screen for the *SBF factor*. You’ve seen that story about Samuel Bankman-Fried playing video games during an investor meeting. Some agents behave similarly. Or they lie (about things we’ve gleaned from our research). Thus, the list of potential viewings gets even shorter, which is good.

The site visit

For those that made it past this screening, there’s the viewing. In the UK, you get 30mins to walk around a property before you make the biggest purchasing decision of your life. Yes, you get a brief second viewing, but it’s the compliance due diligence equivalent of a pitch meeting.

How can that ever be effective? Well, it can’t. Not really. But as you do more viewings, you get an idea of your priorities and significant red flags 🚩 (red lines). Damp, poor insulation, cracks in ceilings, noise, and on. The little things that don’t feel or look right.

But then comes the leap of faith, the bid.

Getting into the weeds

Once we had bid (successfully) for this place (after five failed bids), we instructed our solicitors and surveyor the go deep. They did. We waded through dense documents from footpaths to adjacent farmland, flood risks, and structural integrity. We knew some work was needed, but not the plumbing issues we now face.

Why? The kids’ rooms were an extension, built a year or two back. The pipes are internal (in wall cavities and not visible to the surveyor). The plumber was slipshod, incompetent, or a cowboy.

That’s life. Some risks will remain unforeseen.

Lessons

Would we have done our diligence differently? Yes and no. We were painstaking. This was the most significant financial decision of our lives. We dragged the sale on a month to get all the checks done. We could have gathered more HUMINT (information from locals) about the contractors involved in the extension.

No alt text provided for this image
This is my spot!

What lessons then for compliance due diligence (DD)?

  1. Develop screening criteria rightsized for you (not regulatory boilerplate stuff).
  2. Define red lines and amber ones (where more data is needed).
  3. Read into what is not said.
  4. Learn more about behavioural analysis, deception detection, and how we lie (for the pitch and other meetings).
  5. Don’t scrimp on homework and paperwork for big decisions.
  6. If you can, do HUMINT (for big decisions), but please be careful. Many providers are charlatans in this area. Building networks of assets is demanding – I did it for a decade. It is also explainable, so beware of the smoke ‘n’ mirrors routine.
  7. Contingency plan – things will still go wrong. Risk transfer (including insurance), risk mitigation, and resilience should be part of the post-deal plan.

Much has been written about failed DD in the aftermath of the SBF crypto carnage. But this isn’t news. I started doing DD in 2006, and many folks don’t want to know the truth (they’re incentivised to close deals and not deal with later consequences).

If you’re the one left carrying the can, as many E&C folks are, test your DD plans. Think laterally. There’s a wealth of information to augment the prospectus, disclosure, etc. Develop HUMINT sources – or find competent partners who have them. Build contingencies and resilience if you can.

What was our contingency and resilience plan? Insurance was part of it. But we’ve been saved by a broader risk management plan. Having seen how febrile utility providers in the UK are, we did some prepping. Most importantly, secondary heating sources (a wood burner, photovoltaics shortly) and the wood supplies and space to create a small coppice area, plus a store of other supplies, including large water containers.

How do you do DD? How do you plan for contingencies?

Need more?

Book a (free) strategy session, get new articles, and other content designed to be useful and fun.

Your Quick Guide To Managing Ethics & Compliance

Be the first to know

Subscribe to receive a weekly newsletter with trends, news, and hacks for all things risk. PLUS, behavioural science, investigations, human risk, and alternate perspectives.