Your Quick Guide To Managing Ethics & Compliance

A new risk prioritisation matrix?

Year not in review

I imagine your inbox is peppered with annual wrap-ups around now. Risks included ongoing conflict, energy insecurity, climate volatility, cyber, new regulations (sustainability to fraud), inflation, more conflict, and varying degrees of economic prosperity or malaise.

How relevant each issue is will depend on what you do, where, with whom, and how.

That’s easy to write, harder to fathom in reality. I developed a matrix that might help.

Let’s use examples to help illustrate the point. Imagine you’re a manufacturer.

Alternatives: Tariffs, import restrictions, or conflict have made a commodity used in a component you purchase more volatile. Trying to understand (in detail) the complexities doesn’t make sense, but you might feel the sanctions exposure is concerning. Can you find alternative components? Do other providers source the commodity from stable markets? How does that impact timelines and costs?

Adapt: You’re in an industry on the wrong end of the ESG perception spectrum. Consider how you could innovate and create greener products. Initially, they will cost more, but is a part of the market willing to pay a premium? Or do you double down, recognising your products still have a need as competitors shift to try and appease consumer mores?

Act: Supply chain transparency requirements are increasing, especially around sustainability and human rights. Can you quickly audit your supplier list to determine where the greatest exposure might lie (countries, sectors, products/services with the highest risk)? Triaging the dataset down and starting there will undoubtedly be easier than a wholesale review (for now). It may require a strategic rethink of elements of your supply chain.

Get help: Workforce demographics are changing, and what was once acceptable on the shop floor is no longer. But who feels what? Where do people not know what’s expected of them? Where can’t people access support (to raise questions, suggestions, or concerns)? Do specific teams present elevated behavioural risks (low trust, low accountability)? Get data.

Risks will not always sit nicely in one quadrant and may travel between them. The critical step is understanding what to prioritise and where and when to act. The traditional approach of examining whatever appears most scary might skew our focus toward something indirect and hard to influence (e.g., geopolitical conflict and sanctions), ignoring sizeable exposures (fraud, psych safety, innovation constraints, workplace disputes, etc.) that we can more immediately change. The trick is striking the balance…

Need more?

Book a (free) strategy session, get new articles, and other content designed to be useful and fun.

Your Quick Guide To Managing Ethics & Compliance

Be the first to know

Subscribe to receive a weekly newsletter with trends, news, and hacks for all things risk. PLUS, behavioural science, investigations, human risk, and alternate perspectives.