A previous Hes-so study identified human risk as one of the major threats to banks and other Financial Services (FS) providers. The new project will use OXIAL’s Governance, Risk and Compliance (GRC) software to amplify the weak signals within an organisation and prevent human risk from causing too much damage.
“Human risk is a highly significant factor in whether or not a bank achieves its business objectives, but it is hard to discover and even harder to mitigate against,” says Magali Dubosson, Professor, Hes-so. “Working with OXIAL will enable us to amplify the weak signals within a bank that could signify the threat of human risk, adding quantitative and qualitative measures to the established framework from our previous studies.”
The Hes-so and OXIAL are seeking forward-thinking banks to become part of the upcoming project, benchmarking real-life situations with the partner. While traditional Enterprise Risk Management (ERM) is formal and based around engineering principles, the university research team will use an anthropological approach, based on amplifying weak signals to identify ill feeling and employee disenchantment that could lead to a threat.
“It’s a tough time for banks, with increased compliance pressure and the growing threat of cyber-attack. But it is human risk that could be potentially the biggest threat yet and there are very few banks properly equipped to mitigate against this,” says Eric Berdeuax, OXIAL. “They lack the tools required for mitigation and also the understanding of the threat human risk poses. So we are looking to establish very early in the process where banks might be vulnerable to human risk and what they can do to reduce this before it even happens.”
The previous project involved the research team interviewing executives from European private banks, and found evidence of a rampant neglect and of a lack of leadership, which had led to a toxic corporate culture. Many employees felt dissatisfied and hungry for revenge against those they perceived to be responsible.
The five most common acts of revenge were:
• Stolen data
• Abuse of internal or customer accounts
• Manipulation of wage components
• Unjustified charges applied to customers
• Abuse of money-bearing advantages and repayments from customer transactions are abused
“The rise in human risk can be attributed to the many restructures in banking since the financial crisis of 2008,” explains Emmanuel Fragnière, Professor, Hes-so. “The changes led to declining margins and higher regulatory costs and to address this, banks pushed their staff harder and harder, bringing occupational stress and disenchantment. This in turn increased the likelihood of stolen data and fraud, endangering the FS firm’s reputation and bottom line. We want to work with organisations that are serious about human risk so we can mitigate against this more effectively than ever before.”