Why risk management frameworks fail to prevent wrongdoing
ISSN: 0969-6474
Article publication date: 31 January 2020
Issue publication date: 17 April 2020
Abstract
Purpose
The purpose of this paper is to consolidate research in whistleblowing, wrongdoing prevention and enterprise risk management (ERM) frameworks with the goal of creating a more comprehensive and effective framework for the prevention of wrongdoings.
Design/methodology/approach
A gap analysis based on organizational learning theory (OLT) is performed between the research fields of whistleblowing, wrongdoing prevention and ERM to identify enhancements that are needed for effective wrongdoing prevention.
Findings
ERM is an incomplete framework for wrongdoing prevention which omits the components of prevention and learning. A culture of continuous learning is required to minimize the experience component of learning and maximizing sharing. Storytelling can be used to protect individuals and provide transparency. The stakeholder dimension must be expanded beyond the borders of the legal entity to include all stakeholders. Every stakeholder experiences the climate of wrongdoing prevention differently, and the evaluation of these different perspectives is essential in establishing a culture of prevention. Personal psychological safety is a critical element in empowering stakeholders to discuss and address wrongdoings. Standards established through professional associations enable innovations to diffuse more quickly throughout society than legislation. Standards and standard setting processes that are able to adapt to changes in societal expectations proactively help organizations to independently protect stakeholders. Global standards are needed to overcome incongruences between countries and cultures.
Research limitations/implications
The effectiveness of a prevention framework is difficult to measure. Declining incidence of wrongdoing within an institution is an incomplete picture. Rare and severe types of wrongdoing, and their prevention throughout society should require a more concerted, centralized approach which could be modeled upon the health system’s national centers for disease prevention. By combining the dimensions of the learning organization questionnaire(Marsick and Watkins, 2003) and Whistleblowing and Wrongdoing statistics, organizations should be able to develop complex KPIs and be able monitor their development over time. Researchers should be able to use the same strategy to confirm the assertions made here will improve the safety and security of all stakeholders.
Practical implications
Organizations which use ERM frameworks may be unable to effectively prevent wrongdoings and protect stakeholders from the consequences of such wrongdoings. The shortcomings identified here provide specific clear points that organizations can address to be more effective in preventing wrongdoings. Any one of these actions and the scope of their impact within the organization and their environment represent substantial challenges for all stakeholders. Like the ascent of a great mountain, the planning of the each step taken and thorough understanding of the challenges faced along the path to each waypoint are essential to reach the summit and the achieve the objective.
Social implications
This paper advocates for changes that may take decades or generations to fully accept: inter-organizational sharing; stronger use of guidelines instead of legislation; and enhanced transparency on all organizational levels. The resources required to drive change on this scale are considerable with the private sector and public sectors having unique needs and requiring potentially different approaches.
Originality/value
The novelty lies in the identification of shortcomings in ERM frameworks to effectively prevent wrongdoing, through the integration of OLT, Whistleblowing and Wrongdoing Literature and the COSO Enterprise Risk Management Framework.
Keywords
Acknowledgements
The author wants to thank the Editor, Anders Örtenblad, for inviting me to submit this work and his suggestions for improvements to earlier version of this paper.
Citation
Schmidt, C. (2020), "Why risk management frameworks fail to prevent wrongdoing", The Learning Organization, Vol. 27 No. 2, pp. 133-145. https://doi.org/10.1108/TLO-10-2019-0150
Publisher
:Emerald Publishing Limited
Copyright © 2020, Emerald Publishing Limited