Several years ago on a previous site, I blogged about the “summit seeking ethic.” Since then, I’ve been able to update some of the thoughts around this subject which I’ll provide in a subsequent post here. Here’s my revised essay on Summit Seeking, also known as the culture seeking excess return.
Earlier this year, world-renowned mountain climber Sir Edmund Hillary criticized changes in climber ethics that caused some to ignore distressed and injured climbers on the mountain in their relentless, self-serving pursuit of the summit. The death of climber David Sharp, who had run out of oxygen on Mount Everest and was ignored by more than 40 climbers, left experienced climbers like Hillary troubled. Hillary noted on ABC Radio’s “The World Today”:
“On our expedition 50 years ago, would have never considered leaving a man like that. We were very much aware of our responsibilities to look after any person on the mountain who was in distress. There’s no doubt at all that there’s been a lowering of standards in recent years, with the commercialisation; as a consequence people are being neglected and are dying.”
Hillary’s recognition of the “summit seeking” ethic is notable. A similar viewpoint extends throughout many corporations and has a significant impact on enterprise risk which analysts, investors and auditors need to consider more carefully. Appropriately defined in corporate environments, summit seeking is the pursuit of return at nearly any cost.
My own experience with summit seeking organizations spans nearly twenty years. Having worked in several high risk tech and telecom organizations, I experienced the same ethic in interactions with investment bankers, corporate partners, carrier and technology vendors and in a few cases, our own organization. First-hand experience with partners and executives at Inacom, Enron, Worldcom, Lucent and Level3 confirmed this ethic was exceptionally prevalent.
Upon first inspection, summit seeking ala “our corporation seeks exceptional return for its investors” sounds great. What shareholder doesn’t want outstanding returns? Yet somehow, this practice highly correlates to later catastrophic collapses of the same investments, usually leaving the stakeholders high and dry. Is there an explanation for this correlation? Is the corporate summit seeking ethic complicit in these catastrophic outcomes?
It is my suggestion that this is indeed the case. Having worked through enterprise risk management assessments and operations audits, I would suggest there are significant, observable processes that cause this high-level ethic to eventually allow the organization to implode. Traditional risk management texts discuss the trade-off between risk and return. To an organization, this choice is made in the selection of its corporate risk/return ethic by its senior management. Specifically, organizations can choose one of the following on the Organizational Risk Culture Maturity Model:
1. Risk-Oblivious Ethic: Objectives are exclusively thought of by the return that is sought from them and risk, if it is ever referenced, is represented as any negative event that is often thought as exogenous and uncontrollable. The concept of return/risk as numerator and denominator in a balanced equation is unknown within the institution. Risk is not defined, measured nor managed, and is rather left up to the fates to determine.
2. Risk-Averse Ethic: While the institution has recognized the capacity for risk in the pursuit of its objectives and may even have identified likely risks, it is primarily regarded as a negative aspect “to be avoided at all costs.” Methods for dealing with risk often focus on prevention or avoidance, hoping that through enough effort, the chance of “bad things happening” will be nil. Probabilitistic thinking is absent and the very definition of risk in this environment may be blurred, with threats, vulnerabilities and uncertainties also being called risks. Risk is still not linked to return, but rather thought of as exogenous to processes and projects. Risk is rarely quantified and measured.
3. Summit Seeking Ethic: While the awareness of risk and its relationship has formed in these organizations, the return/risk maturity is still lacking. Risk is thought of as a necessary evil, where “breaking a few eggs” is necessary to make an omelette. Return is sought at any cost and processes that impair this pursuit are dismantled and discarded. Awareness of risk associated with high-return activities is somewhat present, but risk is accepted and thought of as a “necessary cost” to achieve super-normal return. Risk is rarely quantified and measured.
4. Risk-Orienting Ethic: Risk is considered with respect to processes and projects, and methods to quantify it are sought, discovered and applied. Risk levels are maintained at the product, project or process level, but aggregate representation and understanding of the overall risk posture is limited.
5. Risk-Optimizing Ethic: Risk appetite is defined, budgeted and represented at an aggregate, institutional level. Return within that budget is maximized given the constraints of the risk-management framework. Strategic approaches are communicated in the context of the sought return and the targeted risk level necessary to assure the probable achievement of the objective. Instead of the pursuit super-normal returns necessary to compensate for unexpected losses from uncontrolled risks, strategic control is exercised through the focus on the denominator “lever” in the return/risk equation. Risk is understood throughout the organization as the condition that affects the certainty of reaching objectives.
Note: This model is not intended to replace the RIMS ERM Risk Maturity Model, which instead focuses on the state of risk management practices rather than the institutional culture, awareness and interpretation of risk. I’m a supporter of the RIMS model (as well as a RIMS member), but would suggest the cultural maturity model as a method to identify ethics and practices related to risk often found in corporations and anticipate likely behaviors and approaches to risk and return.
While one would hope that the increased regulatory call for ethical corporate governance would encourage institutions to move forward toward a risk-optimizing approach, experience indicates otherwise. Recurring corporate implosions, stock-option backdating scandals and periodic hedge fund disasters tell us the summit seeker, the risk avoider and the blissfully risk ignorant are alive and well in many companies. It’s apparent that in spite of the increased awareness in enterprise risk management programs and regulatory changes that promote their institution, a cultural transformation that moves organizations along the maturity model is necessary for real change to occur.
In my earlier discussion on this topic, I discussed thoughts on the identification of a disfunctional risk culture within prospective investment targets. Given the lack of transparency in public financial statements and mostly useless reporting on the risk climate and condition, I am increasingly of the opinion that measuring public corporations through currently disclosed reporting is ineffective. While I hope to continue to develop models around a useful operational and enterprise risk scorecard that could be of value in public reporting, I would suggest that indirect measurement remains the most beneficial method for an analyst lacking private information.