Deep vs Shallow Professionalism: A Modern Perspective

In today’s rapidly evolving world, the perception of professionalism has undergone significant changes and what it means to be a professional. The qualities that mark someone as a professional, and the ethical standards associated with different professions have all started to shift. This posting explores the concept of deep versus shallow professionalism, shedding light on the contrasting characteristics and implications of these two approaches.

Defining Professionalism

Professionalism is a term used to describe the conduct, qualities, and characteristics that distinguish an individual as a professional. Traditionally, professions such as doctors, lawyers, accountants, and athletes were considered examples of deep professionalism. These individuals dedicated years of education and training to their craft and were required to meet stringent requirements to obtain the necessary credentials.

The Rise of Shallow Professionalism

Over time, shallow professionalism has emerged as a phenomenon that co-opts the deep professionalism of certain fields. Shallow professionals create a facade of being experts in their respective domains but lack the same level of education, training, and credentials as their deep professional counterparts. This raises questions about the ethical standards maintained within shallow professions.

Ethical Standards and Shallow Professionals

One of the key concerns surrounding shallow professionalism is the low ethical standards that often accompany it. Shallow professionals may lack the same level of commitment to their field, leading to a higher likelihood of poor ethical behavior. This includes conflicts of interest, unethical practices, and a disregard for the consequences of their actions.

For risk managers and compliance officers, the presence of shallow professionals within an organization poses significant risks. Deep professionals have their livelihoods at stake, as they can face sanctions, loss of licenses, or the revocation of hard-earned designations for unethical behavior. On the other hand, shallow professionals can often walk away from their actions without facing any significant repercussions.

Identifying Shallow Professionals

Detecting shallow professionals can be a challenging task. In my past experiences, I have found that assessing an individual’s perception of regulators can provide valuable insights. Those who maintain a consistent tone and attitude, irrespective of the topic, may indicate a deep professional mindset. However, those who exhibit a change in tone or make disparaging remarks may raise red flags.

It’s crucial to keep a watchful eye on individuals who claim to be professionals but exhibit shallow professional traits. Monitoring their actions, adherence to company policies and procedures, and their overall ethical conduct can help identify and manage potential risks associated with shallow professionalism.

The Significance of Professionalism

The concept of professionalism holds immense importance in various fields. It ensures the delivery of high-quality services, maintains ethical standards, and fosters trust between professionals and their clients or stakeholders. Deep professionalism, with its focus on continuous learning, skill development, and adherence to ethical guidelines, is crucial for maintaining the integrity and reputation of professions.

The Changing Landscape of Professionalism

As society evolves, the definition and perception of professionalism continue to transform. The traditional view of deep professionalism is being challenged, and new forms of professionalism are emerging. This shift is driven by factors such as technological advancements, changing work dynamics, and evolving societal expectations.

Nurturing Deep Professionalism

To address the challenges posed by shallow professionalism, it is essential to nurture and promote deep professionalism within all fields. This can be achieved through:

  1. Education and Training: Emphasizing the importance of rigorous education and continuous learning to develop deep expertise in a profession.
  2. Ethical Guidelines: Establishing and enforcing robust ethical standards to ensure professionals uphold integrity and accountability.
  3. Mentorship and Guidance: Encouraging experienced professionals to mentor and guide younger generations, instilling the values of deep professionalism.
  4. Recognition and Rewards: Recognizing and rewarding deep professionals for their contributions, expertise, and commitment to their fields.

In The End

Deep versus shallow professionalism is a topic of increasing relevance in today’s world. The distinction between these two approaches highlights the importance of upholding ethical standards, maintaining rigorous education and training, and continuously evolving to meet the evolving demands of our professions. By nurturing deep professionalism and identifying and managing the risks associated with shallow professionalism, we can ensure the integrity and sustainability of our professions for generations to come.

The Capability Life Cycle in Organizational Behaviour — Is this a  Wake-Up Call for Risk Leaders in Canadian Financial Services

In financial services, risk management is often treated as a static function — a robust framework built to withstand external shocks and internal missteps. But as the sector continues to evolve in Canada, from open banking to digital transformation and DEI/ESG expectations, is it enough to rely on the same risk frameworks we built five or ten years ago?

Recently, I came across the concept of the Capability Life Cycle in organizational behaviour — a perspective that sparked a broader question:

Can and should risk management evolve alongside the organization’s capabilities, rather than react to their decline?

Think of the Capability Life Cycle like a product life cycle — but applied to a specific internal capability or function. It typically moves through these stages:

  1. Founding / Development – New capabilities emerge in response to opportunity or necessity (e.g. a fintech initiative or digital onboarding system).
  2. Growth – The capability gains internal buy-in, funding, and operational maturity.
  3. Maturity – The capability becomes embedded and optimized, but innovation slows.
  4. Decline or Renewal – The capability either loses relevance or is reimagined and adapted to new conditions.

Now apply this to risk management in Canadian banks, insurers, or credit unions. Many frameworks were developed during a time of regulatory stabilization following the 2008 financial crisis. Those frameworks have matured — some might say ossified. Yet the world they operate in — cyber risk, geopolitical shifts, climate finance, GenAI — continues to change rapidly.

Here’s the challenge:

Disruption or uncertainty may force a change in how risk is managed — but can risk management proactively adapt over time?

This isn’t about compliance checklists or audit cycles. It’s about ensuring that risk management itself doesn’t become a mature capability in decline. It must be a living function that aligns with the business strategy, the pace of innovation, and — crucially — with the evolving behaviours of the organization.

A few takeaways for Canadian financial services leaders:

🔍 Look outside traditional risk functions for inspiration
Organizational behaviour, behavioural economics, and even marketing offer models that better reflect how people and systems actually behave under uncertainty.

🔄 Think in life cycles, not permanence
A great risk framework in 2018 might be a liability in 2025. Capabilities need ongoing investment, feedback loops, and the occasional reinvention.

🧭 Build for adaptability, not just resilience
Resilience helps you survive a disruption. Adaptability helps you evolve before the disruption hits.

💬 Ask the hard questions

  • Is our risk culture aligned with how our business is actually evolving?
  • Are we over-relying on historical metrics to define emerging risks?
  • Is our framework enabling strategy — or inhibiting it?

The Canadian financial services sector is at a pivotal moment. Open banking, evolving customer expectations, and systemic digital shifts mean the very nature of financial risk is changing.

So let’s ask ourselves — is our risk capability evolving too?

A Key Component of Trust Is a Willingness to Be Vulnerable: Are You in an Environment That Supports This?

A Key Component of Trust Is a Willingness to Be Vulnerable: Are You in an Environment That Supports This?

The genesis of this post is a conversation I had with my wife a couple of weeks ago regarding general office behaviour at her work as well as office culture overall. The conversation was about a feeling we have that there may be an erosion of trust and the acceptance of being able to be open and honest, being vulnerable so you can develop trust. Trust is often considered the foundation of strong relationships whether its in the workplace, in friendships, or with family. Personally, I typically associate trust with reliability, integrity, and consistency. But I believe one of its most powerful and often overlooked ingredients is vulnerability.

What Does It Mean to Be Vulnerable?

Vulnerability is the courage to show up and be seen, even when the outcome is uncertain. It’s admitting you don’t have all the answers, asking for help, or sharing when you’re struggling. It’s being honest about your fears, your mistakes, and your hopes.

Far from being a weakness, vulnerability is a profound act of strength. It invites connection, fosters empathy, and builds trust. When someone is willing to be vulnerable with us—and we respond with compassion—we create a bond that’s deeper and more resilient.

But Vulnerability Requires the Right Environment

Here’s the catch: vulnerability only builds trust in the right environment. If you’re in a culture that punishes mistakes, mocks uncertainty, or demands perfection, being vulnerable can feel like stepping into a trap. In such environments, people learn to hide their true selves, and trust erodes.

So, I am asking you, are you in an environment that makes it safe to be vulnerable?

Here are the Signs of a Trust-Supporting Environment

A culture that supports vulnerability—and therefore trust—often exhibits the following characteristics:

  • Psychological safety: Team members feel safe to take risks, voice their opinions, and admit mistakes without fear of ridicule or retaliation.
  • Leaders model vulnerability: When leaders share their challenges and admit mistakes, it signals permission for others to do the same.
  • Failure is seen as learning: Instead of blame, the focus is on growth and improvement.
  • Feedback flows in all directions: Honest conversations aren’t just tolerated they must be encouraged.

If these elements are missing, the price is high: team members withhold ideas, avoid risks, and disengage emotionally. Over time, innovation slows and relationships fracture.

How to Cultivate a Culture of Trust

Whether you’re a team member or a leader, here are ways to build an environment where vulnerability—and therefore trust—can thrive:

  • Go first, share your own uncertainties or past failures because this invites others to do the same,
  • Respond with empathy, because when someone opens up meet them with support, not judgment,
  • Celebrate honesty and recognize when people take the risk to speak truthfully or admit fault,
  • Create rituals of reflection by making space for regular check-ins that allow for open dialogue.

My Final Thought

Trust isn’t built by putting on a strong front, it’s built by letting others see the real you, and that only happens when vulnerability is met with compassion, not criticism. It’s not easy, it takes work, and it takes time. It does not happen overnight. So ask yourself, does your environment support vulnerability? And if not, what can you do to affect change towards that environment?

Information Flow: Ensuring It Reaches You and Goes Where It Needs to Go

As a broad-brush stroke, business as usual seems to be rapidly evolving where sudden changes in political or economic winds seems to be becoming the norm rather than an exception. Risk challenges suddenly pop up.

As a risk manager, you play a critical role in identifying, assessing, and mitigating risks within your organization. But to do that effectively, you need access to timely, accurate, and relevant information.

Ask yourself:

1. Are you getting the right information in a timely manner? Is this information current and accurate? How do you know?

If you’re not receiving the right information, it can leave you blindsided to emerging risks or vulnerabilities. Timeliness is just as crucial—outdated information can lead to poor decision-making and ineffective risk mitigation. So, how do you verify that the information you receive is both accurate and current?

  • Source Verification: Are you getting data from reliable sources? Consider cross-referencing information from multiple credible points.
  • Frequency of Updates: Ensure that your data is refreshed at appropriate intervals. Real-time dashboards and automated reports can help keep you informed.
  • Feedback Loops: (See Informal Networks) Engage with stakeholders and frontline teams to confirm that reported risks align with actual conditions on the ground.
  • Data Validation Processes: Establish protocols for checking information accuracy, whether through audits, system checks, or AI-driven analytics.

But receiving information is only half the equation. The next step is just as important.

2. Not only are you getting the right information, but are you passing it along where it needs to go in the right context for it to be acted upon?

Risk management is not a siloed function; it requires collaboration across teams and leadership. If critical information stays within a single department or isn’t communicated effectively, it loses its impact. Consider these key factors:

  • Clarity & Context: Data alone isn’t enough—how you present it matters. Are you framing risks in a way that decision-makers can understand and act upon?
  • Right Audience, Right Time: Is the information reaching the appropriate stakeholders? A security alert might need to go to IT immediately, while financial risk trends should be escalated to executives.
  • Action-Oriented Communication: Ensure that your reports include clear recommendations, rather than just observations. What specific steps should be taken next?
  • Technology Enablement: Are you leveraging tools like workflow automation, risk dashboards, and collaboration platforms to streamline the flow of information?

Audit Your Information Flow Today!

Take a moment to assess how well your risk management information flows within your organization. Are there bottlenecks? Are insights getting lost in translation? The effectiveness of your risk strategy depends not just on collecting information, but on ensuring it moves efficiently to the right people at the right time.

I’d love to hear from fellow risk professionals—what strategies have you implemented to ensure a seamless flow of risk-related information? Let me know in the comments. Thanks

Public Speaking as an Option – Risk Management Beyond Rules: Why Building Relationships Matters More Than Enforcement

I’ve spent thousands of hours reading research articles on leadership—specifically, the intersection of corporate governance and risk management. While research directly addressing this connection was limited, I found plenty of insights on leadership and risk management individually. Over time, I gathered golden nuggets of wisdom that shaped my thinking and deepened my understanding of the role leadership plays in an effective risk management function.

Eventually, I realized I had collected enough to share with the risk management community. The challenge was figuring out how. Should I write a paper? Start a blog? Host discussions? I wasn’t sure about the best approach—I just knew I needed to start somewhere.
Earlier this week, I came across my Risk Management Conference presentation, and it struck me that its core message still holds relevance today. My key takeaway back then? A Risk or Compliance Manager’s role isn’t just about enforcing policies and procedures—it’s about building relationships within the organization just as fast (if not faster) than enforcing the rules.

Why? Because risk management isn’t just about identifying risks—it’s about influencing behavior, decision-making, and company culture. And that doesn’t happen through policies alone. It happens through people.
If I were to update this presentation today, I would emphasize why relationship-building is key:
✅ Influence Over Authority – Risk managers often don’t have direct authority over business decisions. Unlike some functions that operate with clear-cut mandates, risk management is about influence. You need to shape how people perceive and act on risk, which requires building trust and credibility. If you’re seen only as the person who enforces rules, you’ll struggle to make a real impact. But if stakeholders trust you, they’ll involve you early in decision-making rather than after the fact.
✅ Proactive Risk Awareness – One of the biggest challenges in risk management is that risks are often identified too late—after they’ve already materialized into issues. When people trust you, they’re more likely to bring concerns forward early, giving you time to address risks before they escalate. This is especially important in fast-moving organizations where risks can emerge rapidly. The stronger your relationships, the more likely employees will view you as a resource rather than a last resort.
✅ Collaboration Over Compliance – Traditionally, risk and compliance functions have been seen as rule enforcers—people who say “no” rather than enabling the business to say “yes” in a responsible way. However, the most effective risk managers shift this perception by embedding themselves within the business, working alongside teams to integrate risk awareness into decision-making. When you focus on collaboration over strict compliance, you create an environment where people see risk management as a value-add rather than a barrier.
✅ Stronger Culture of Risk Awareness – Policies and procedures are important, but they only go so far. Real risk awareness is built through conversations, relationships, and shared understanding. When employees feel comfortable discussing risks without fear of punishment or bureaucracy, they make better decisions at all levels of the organization. Risk culture isn’t dictated—it’s cultivated through ongoing engagement.
A Shift in Mindset
When I first started in risk management, I thought my role was primarily about ensuring policies and procedures were followed to the letter. Over time, I learned that while policies are necessary, they don’t drive behavior—people do. The key to effective risk management isn’t just about having the right framework; it’s about having the right relationships.
If I were giving my presentation today, I’d focus even more on this mindset shift. The most successful risk managers aren’t just compliance experts—they’re trusted advisors who understand the business, build strong relationships, and influence decision-making at all levels.

I’d love to hear your thoughts. How do you balance enforcement with relationship-building in your organization?