As a broad-brush stroke, business as usual seems to be rapidly evolving where sudden changes in political or economic winds seems to be becoming the norm rather than an exception. Risk challenges suddenly pop up.

As a risk manager, you play a critical role in identifying, assessing, and mitigating risks within your organization. But to do that effectively, you need access to timely, accurate, and relevant information.

Ask yourself:

1. Are you getting the right information in a timely manner? Is this information current and accurate? How do you know?

If you’re not receiving the right information, it can leave you blindsided to emerging risks or vulnerabilities. Timeliness is just as crucial—outdated information can lead to poor decision-making and ineffective risk mitigation. So, how do you verify that the information you receive is both accurate and current?

• Source Verification: Are you getting data from reliable sources? Consider cross-referencing information from multiple credible points.
• Frequency of Updates: Ensure that your data is refreshed at appropriate intervals. Real-time dashboards and automated reports can help keep you informed.
• Feedback Loops: (See Informal Networks) Engage with stakeholders and frontline teams to confirm that reported risks align with actual conditions on the ground.
• Data Validation Processes: Establish protocols for checking information accuracy, whether through audits, system checks, or AI-driven analytics.

But receiving information is only half the equation. The next step is just as important.

2. Not only are you getting the right information, but are you passing it along where it needs to go in the right context for it to be acted upon?

Risk management is not a siloed function; it requires collaboration across teams and leadership. If critical information stays within a single department or isn’t communicated effectively, it loses its impact. Consider these key factors:

• Clarity & Context: Data alone isn’t enough—how you present it matters. Are you framing risks in a way that decision-makers can understand and act upon?
• Right Audience, Right Time: Is the information reaching the appropriate stakeholders? A security alert might need to go to IT immediately, while financial risk trends should be escalated to executives.
• Action-Oriented Communication: Ensure that your reports include clear recommendations, rather than just observations. What specific steps should be taken next?
• Technology Enablement: Are you leveraging tools like workflow automation, risk dashboards, and collaboration platforms to streamline the flow of information?

Audit Your Information Flow Today!

Take a moment to assess how well your risk management information flows within your organization. Are there bottlenecks? Are insights getting lost in translation? The effectiveness of your risk strategy depends not just on collecting information, but on ensuring it moves efficiently to the right people at the right time.

I’d love to hear from fellow risk professionals—what strategies have you implemented to ensure a seamless flow of risk-related information? Let me know in the comments. Thanks

I’ve spent thousands of hours reading research articles on leadership—specifically, the intersection of corporate governance and risk management. While research directly addressing this connection was limited, I found plenty of insights on leadership and risk management individually. Over time, I gathered golden nuggets of wisdom that shaped my thinking and deepened my understanding of the role leadership plays in an effective risk management function.

Eventually, I realized I had collected enough to share with the risk management community. The challenge was figuring out how. Should I write a paper? Start a blog? Host discussions? I wasn’t sure about the best approach—I just knew I needed to start somewhere.
Earlier this week, I came across my Risk Management Conference presentation, and it struck me that its core message still holds relevance today. My key takeaway back then? A Risk or Compliance Manager’s role isn’t just about enforcing policies and procedures—it’s about building relationships within the organization just as fast (if not faster) than enforcing the rules.

Why? Because risk management isn’t just about identifying risks—it’s about influencing behavior, decision-making, and company culture. And that doesn’t happen through policies alone. It happens through people.
If I were to update this presentation today, I would emphasize why relationship-building is key:
✅ Influence Over Authority – Risk managers often don’t have direct authority over business decisions. Unlike some functions that operate with clear-cut mandates, risk management is about influence. You need to shape how people perceive and act on risk, which requires building trust and credibility. If you’re seen only as the person who enforces rules, you’ll struggle to make a real impact. But if stakeholders trust you, they’ll involve you early in decision-making rather than after the fact.
✅ Proactive Risk Awareness – One of the biggest challenges in risk management is that risks are often identified too late—after they’ve already materialized into issues. When people trust you, they’re more likely to bring concerns forward early, giving you time to address risks before they escalate. This is especially important in fast-moving organizations where risks can emerge rapidly. The stronger your relationships, the more likely employees will view you as a resource rather than a last resort.
✅ Collaboration Over Compliance – Traditionally, risk and compliance functions have been seen as rule enforcers—people who say “no” rather than enabling the business to say “yes” in a responsible way. However, the most effective risk managers shift this perception by embedding themselves within the business, working alongside teams to integrate risk awareness into decision-making. When you focus on collaboration over strict compliance, you create an environment where people see risk management as a value-add rather than a barrier.
✅ Stronger Culture of Risk Awareness – Policies and procedures are important, but they only go so far. Real risk awareness is built through conversations, relationships, and shared understanding. When employees feel comfortable discussing risks without fear of punishment or bureaucracy, they make better decisions at all levels of the organization. Risk culture isn’t dictated—it’s cultivated through ongoing engagement.
A Shift in Mindset
When I first started in risk management, I thought my role was primarily about ensuring policies and procedures were followed to the letter. Over time, I learned that while policies are necessary, they don’t drive behavior—people do. The key to effective risk management isn’t just about having the right framework; it’s about having the right relationships.
If I were giving my presentation today, I’d focus even more on this mindset shift. The most successful risk managers aren’t just compliance experts—they’re trusted advisors who understand the business, build strong relationships, and influence decision-making at all levels.

I’d love to hear your thoughts. How do you balance enforcement with relationship-building in your organization?

As a risk and compliance manager, over time, I’ve found developing an informal network at the companies I’ve worked for has been invaluable. While formal processes and structured compliance programs are essential, it is often the informal relationships that provide the early insights and collaboration necessary to manage risk effectively.
Why is an informal network so valuable? First, risk and compliance management is not a siloed function—it touches nearly every department, from finance and IT to operations and HR. Having an informal network allows for the flow of information in a way that a structured reporting system sometimes cannot. Colleagues are more likely to share emerging concerns, regulatory shifts, or operational challenges in casual conversations than in formal meetings. These early signals can help risk and compliance teams act proactively rather than reactively.
Second, trust is a cornerstone of effective risk management. By building relationships across departments, compliance professionals can create an environment where employees feel comfortable raising potential issues before they become full-blown problems. A strong network fosters a culture of openness and cooperation rather than fear of repercussions.
Third, an informal network enhances agility. When an unexpected compliance challenge arises, having established relationships across departments makes it easier to find solutions quickly. Instead of navigating bureaucratic red tape, you already know who to call for guidance or immediate action.

So, how can you build an effective informal network across company departments?

1. Engage Beyond Your Department – Attend team meetings outside of your immediate compliance function. Volunteering for cross-functional projects or committees provides natural opportunities to connect with colleagues in different roles.
2. Be a Connector – Introduce people across teams who could benefit from knowing each other. When colleagues see you as someone who facilitates communication, they will be more likely to turn to you when they need compliance guidance.
3. Leverage Common Spaces – Casual interactions in break rooms, hallways, or company events are excellent opportunities to engage with colleagues informally. A simple “How’s your project going?” can open the door to valuable insights.
4. Build Rapport Over Time – Relationships aren’t built overnight. Regularly check in with colleagues, whether it’s a quick chat about a shared interest or offering to help with a challenge they’re facing.
5. Use Technology to Stay Connected – With hybrid work environments becoming more common, digital connections are just as crucial as in-person ones. Utilize company chat tools, virtual coffee meetings, or internal social platforms to maintain and strengthen your network.
6. Be a Trusted Resource – Share relevant insights, industry updates, or compliance tips in an approachable way. When people see you as knowledgeable and helpful rather than purely as an enforcer of rules, they will be more inclined to keep you in the loop.
   Building an informal network doesn’t mean bypassing formal processes—it means complementing them with a human approach. In the fast-evolving landscape of compliance and risk, relationships can often make the difference between catching a risk early or dealing with a crisis too late.
   By proactively developing connections across departments, compliance professionals not only make their jobs easier but also contribute to a stronger, more resilient organization. A well-connected risk and compliance team is an effective one—so start building those bridges today.

In an era were having access to information and good information is critical in decision making, have you ever worked with a leader who seemed to keep crucial information to themselves? If so, you’ve likely encountered an insecure leader—one who sees knowledge not as a tool for collective success but as a form of personal power.
Information hoarding is a silent form of sabotage within an organization. It erodes trust, slows down decision-making, and stifles innovation. Worse yet, it fosters a culture of uncertainty, where employees feel like they’re constantly missing key pieces of the puzzle. Without access to relevant information, teams struggle to align with organizational goals, and confusion replaces clarity.

The Impact on Teams and Organizations
When leaders withhold information, productivity suffers. Employees waste time chasing down answers or making decisions based on incomplete data. Trust breaks down, and a culture of second-guessing takes hold. Instead of focusing on innovation and progress, employees become preoccupied with navigating office politics and decoding what their leader isn’t saying.
Moreover, a lack of transparency can lead to disengagement. Employees who feel excluded from key conversations are less likely to feel invested in the company’s mission. When staff members do not trust leadership, turnover rates increase, and attracting top talent becomes harder. High- performing employees thrive in environments where they are trusted and well-informed; when that trust is broken, they often seek opportunities elsewhere.

How to Identify an Insecure Leader

1. Lack of Transparency – They rarely share the full picture and often provide vague or incomplete answers. You might find out about important changes through the grapevine rather than directly from them. This creates frustration and a sense of being undervalued.
2. Control Over Decision-Making – They make unilateral decisions and resist delegating authority, fearing that others having full context could undermine their position. By keeping critical details to themselves, they maintain control but at the expense of efficiency and collaboration.
3. Resistance to Questions – Instead of welcoming curiosity and discussion, they dismiss or deflect questions that probe deeper into their decision-making process. This can make employees feel hesitant to speak up or challenge the status quo, limiting the team’s ability to grow and improve.
4. Fear of Being Outshined – They may avoid recognizing the contributions of others and hesitate to mentor or develop their team members, worried that their own importance will diminish. A strong leader understands that lifting others up does not diminish their own worth, but an insecure one sees it as a threat.
5. Gatekeeping Information – Critical insights, data, or even meeting invitations are selectively shared, creating an environment where only a chosen few have access to essential details. This leads to unnecessary silos and inefficiencies in workflow.
   

What Great Leaders Do Differently
In contrast, strong and secure leaders operate with transparency and trust. They understand that empowering others doesn’t diminish their own value—it enhances the entire team’s success. They share knowledge freely, create open channels of communication, and trust their teams to act with intelligence and integrity.
Great leaders recognize that an informed team is an effective team. They encourage open dialogue, actively listen to concerns, and create a culture where employees feel safe asking questions. They also ensure that decision-making processes are clear and inclusive, fostering a sense of shared purpose.
When information flows freely within an organization, collaboration improves, innovation thrives, and employees feel more engaged. A culture of trust and transparency strengthens morale, leading to higher performance and better business outcomes.
If you want to assess leadership health in your organization, start by looking at how information flows. Is it open and accessible, or does it feel locked behind invisible walls?

Have you experienced working under an information-hoarding leader? How did it impact your team?

In my last posting, I talked about why leaders need to create a psychologically safe environment for followers to be able to be them selves, to feel welcomed and appreciated. However, leading a team means you are part of a larger team, and needing to work together.

So, leadership isn’t just about making decisions at the top of your team, it’s about other teams and bringing people together, leveraging their insights, and creating a culture where everyone feels valued. That’s the essence of participative leadership, also known as democratic leadership.

Instead of a leader making decisions in isolation, participative leadership encourages collaboration, open communication, and shared responsibility. Employees aren’t just told what to do—they have a voice in shaping the decisions that impact them.

What Makes Participative Leadership Effective?

At its core, this leadership style is built on a few key principles:

✅ Collaboration – Leaders actively seek input from their teams and other teams, fostering teamwork and shared decision-making.
✅ Employee Involvement – When employees have a say, they feel more valued, engaged, and committed to success.
✅ Mutual Respect – Leaders recognize the expertise of their team members and other team members and trust them to contribute meaningfully.
✅ Transparency & Trust – Open discussions create an environment of trust, where employees feel safe to share ideas.
✅ Innovation & Growth – A culture of participation between teams encourages creative problem-solving and continuous improvement.

Why Should Leaders Adopt a Participative Approach?

📈 Higher Employee Morale – People work harder when they feel heard and valued.
💡 Better Decision-Making – More perspectives lead to smarter, well-rounded choices.
🚀 Increased Productivity – Employees who take part in decisions are more motivated to see them succeed.
🎯 Stronger Team Dynamics – Encouraging input from other teams fosters collaboration and unity.

Of course, this leadership style isn’t without its challenges. It can slow down decision-making and requires skilled facilitation to balance input with efficiency. However, when applied correctly, participative leadership can transform an organization’s culture, unlocking innovation and driving sustainable success.

The best leaders understand that they don’t have to have all the answers—they just need to create an environment where great ideas can thrive.

Have you experienced the benefits of participative leadership in your workplace?