Two major events are going to happen in US within the five years. One is a replay of the US subprime mortgage collapse which spawned the 2008 financial crisis. The other will occur when the bubble of college debt bursts. Both events – one of which may well trigger the other – will cause massive strain on US banks with potential global repercussions.
This isn’t a bold claim. There are lots of people, all of whom much more familiar with this kind of risk than I am, sounding similar alarm bells. For example, the day after I started writing this, the Financial Times’ editorial was on a similar topic. And there may be other significant events that occur in addition to these but making forecasts about what’s going to happen isn’t the point of this article.
It’s about why these events are going to be largely the same as previous events, despite there being opportunities to identify, mitigate and avoid these risks.
And it’s about how you need to avoid making similar mistakes in your organization.
“This time it’s different…”
Before the next major event, lots of people will be on TV to explain why this times it’s different. CEOs, pundits and politicians will explain that the lessons from the last crisis have been learned. Regulations and controls are in place. People have been replaced. We aren’t going to make the same mistakes again.
The FT’s leader said as much: the risks to the banking system are not the same as 2008 – those problems have been fixed – but the contagion would come from somewhere like the shadow banking sector. So this time it’s different.
…except that it isn’t
The problem is that next time it won’t be different.
The underlying fundamentals – whatever led to the previous crisis – will be broadly similar. Not only that but it’s very similar to previous events despite multiple opportunities to identify, manage or avoid the associated risks.
I think that there are three reasons for this lack of action.
The first is that, despite any lessons identified, these lessons from previous events haven’t been learned. They haven’t been put into action. The thousands of pages of reports, studies and books stay largely unread. The actions to fix the problems always seems to fall off the agenda at meetings. Addressing the issues isn’t given any management attention.
Sometimes, this inaction is because no-one wants to relive a traumatic and damaging event. Sometimes it’s because the people involved in the event have moved on, taking their knowledge and experiences with them. Those who are left don’t have the same motivation to solve an abstract issue they weren’t involved with. Sometimes, people are just hoping the issue will go away. Maybe they just don’t want to spend any money.
Whatever the case, no matter what lessons could have been learned, nothing has been done. Things remain the same.
The second problem is that regulations and controls are treated as punishments, not safety measures. So banks having to hold larger reserves, chemical companies facing pollution controls or social media companies being asked to police their users all cry that they are facing “crippling” regulations. One of three things then happens.
The companies move somewhere with a more relaxed regulatory environment, they push the authorities until the regulations are softened or they drag their feet and avoid implementation. Even if a regulation is put in place, these are relaxed after a while because nothing has happened. (This last case obviously ignores the fact that the absence of incidents was largely due to the regulation.)
The result is that the regulations or controls are watered down or not applied at all. So when a similar situation arises, the guardrails that should have been in place are absent. Things remain the same.
But well developed, considered regulations aren’t punishments. In fact, punishments are often few and far between which is the third reason things remain the same. A lack of punishment or consequence for wrongdoing creates a moral hazard where there is no fallout for people who behave badly. There will be the occasional firing, demotion or someone who quietly retires ‘to spend more time with the family’ but often, not a lot happens.
Sometimes it’s the exact opposite. People even get promoted out of trouble or a golden handshake to leave. Banks get a bailout. If this is the case, the question isn’t why you broke the rules. The question is why wouldn’t you? The absence of consequences encourages risky behavior.
So without the lessons learned, regulations or punishment, things won’t be different – they’ll be the same.
What about your organization?
But these problems don’t just apply at the national or sector level. Individual organizations can also fool themselves by saying ‘this time it’s different’ when in fact, it is exactly the same. There are three things you can do to prevent this.
1 – Learn the lessons from previous events and implement them. Commissioning an expert study and cooperating with the authorities is meaningless unless realistic change follows. So you need to take the lessons learned and have a thorough plan to implement these in a meaningful timeframe.
2 – Follow, don’t ignore the regulations that are in place. Firstly, because it’s the law but also, if you have a CEO on TV repeatedly saying why regulations are bad, this can encourage a toxic climate of rule-breaking throughout the company. Remember, the tone from the top counts. That’s not to say that you cannot question or challenge regulations that disrupt your business – sometimes there are bad laws – but the default setting shouldn’t be to immediately object to any rule and to fight it without any intention of ever putting it into effect.
3 – Ensure there are consequences and apply these uniformly. Effective consequences are those applied across the whole organization, not where it’s only the small infractions by junior staff that are punished. Otherwise you can end up with this kind of a situation.
[The CEO] told the saddest compliance story at the conference. The company employed a cleaning woman named Joyce. “She had cancer, her husband had died, and she was raising her three grand-babies,” [The CEO] said. One day, she found a gift card on the office floor, took it to Walmart, and spent it. “And it cost her her job,” he said. “We’re tough on trust issues. Trust is a must.”
Yet this is the same company that had settled with the US Treasury a couple of years earlier when senior executives were facing charges of bribery and contravening the FCPA. After the settlement, there was no record of anyone being fired.
Maybe Joyce was a victim of new, tough rules but I suspect that she simply fell foul of double standards.
Make sure it really is different this time
So ensure that you implement the lessons learned, adhere to the regulations and instigate a series of uniform consequences. That way, when you say ‘this time it’s different’, it will be. Otherwise you are running the risk of repeating the same mistakes but worst of all, you will have fooled yourself into thinking that things really are going to be ok this time.