What Germanwings Teaches Us About Risk Agility

If managing risk were based solely--or even primarily--on past data and experience, and if risk managers and decision makers were unable to adapt to the underlying conditions that define risk, the game would be over before it began.
This post was published on the now-closed HuffPost Contributor platform. Contributors control their own work and posted freely to our site. If you need to flag this entry as abusive, send us an email.

What is unforeseen is not necessarily something that was unknown, but rather was not predicted or anticipated. By contrast, what is unknown is ambiguous and a mystery, so it cannot be predicted or anticipated. We cannot do much about what is unknown, precisely because there is no way to quantify or understand it. The most we can hope to do is 'manage' the risks associated with the unforeseen, by anticipating those risks. Herein lies the distinction between risk and uncertainty. Risk can always be measured and generally understood, while uncertainty cannot be measured, and is the domain along the risk spectrum that paralyzes markets and causes bank runs.

We can learn a lot about this from the terrible tragedy of Germanwings Flight 9525, which was deliberately crashed into a mountain by the flight's co-pilot, Andreas Lubitz, in 2015, killing all on board. The passengers and cargo had been successfully screened for explosives and weapons, which, ordinarily, would imply a safe and successful flight. Germanwings' owner, Lufthansa, had learned during Lubitz's Flight School training in 2009 that he had suffered from severe depression, and subsequently, that he had suicidal tendencies, yet it still allowed him to fly commercial aircraft.

It cannot be argued that there was not a potentially substantial risk associated with allowing Lubitz to fly. Such risk was neither unknown to the airline, nor could his action necessarily be considered unforeseen. On the contrary, that he was allowed to continue flying was probably criminally negligent, as the risk could certainly have been managed by preventing him from continuing to fly.

The simple mitigation strategy to this known risk, which was, ironically, compounded by the secured cockpit doors mandated post-9/11, would have been to conduct mental health screenings with greater scrutiny and frequency. Germanwings, Lufthansa, and the airline industry exposed the traveling public to the risk, however remote, that pilots would attempt to take their own lives along with everyone on board in aircraft. The fatal error was assuming that a standard mental health checkup resulting in no known signs of suicidal tendencies or other issues at the pilot onboarding process was a constant variable in the system.

The Germanwings case serves to emphasize several things. First, some risks that are thought to be unknown, are not unknown. Second, with some foresight and critical thought, some risks that at first glance may seem unforeseen, can in fact be foreseen. Third, with the right set of tools, procedures, knowledge and insight, light can be shed on variables that lead to risk, allowing us to manage them. Adopting a broader view of risk that places an emphasis on having specialized knowledge inside an organization to specifically address issues that are, or will prove to be, critical to the organization is no longer just nice to have--it is essential.

By the same token, individual businesses and entire industries are being forced to address the increasingly important conflict between the right to information privacy and a right to genuine security. In the Germanwings case, Lubitz's right to privacy vis-à-vis his medical records, and the airline's obligation to maintain his records' privacy, became negated the instant such privacy impinged - in the slightest way - on passengers' and airline crews' right to fly safely and securely. The debate ends when peoples' lives are at stake. In such circumstances, decision makers' obligation no longer resides with their employees rights, but rather, with their own civic duty and their customers' rights.

If managing risk were based solely--or even primarily--on past data and experience, and if risk managers and decision makers were unable to adapt to the underlying conditions that define risk, the game would be over before it began. By the same token, adopting a 'reactive' approach clearly will not work. What is required is a proactive approach, which entails closely monitoring the forces that drive change, analyzing their relationship to risk, and adapting the strategies required to manage risk flexibly.

Risk agility is not all about downside risk--quite to the contrary. Risk-ready organizations often have outsized financial results, with an innate ability to read the market and gain a first mover advantage. Agile enterprises can neutralize bad news and have a propensity to turn bad information and risk into an upside. They do this by confronting risk head on. Their orientation is not the 'analysis paralysis' that can take hold of larger, more cautious organizations. Since doing nothing is often more dangerous than taking risks, agile enterprises are, by definition, entrepreneurial, and instill a culture of bounded risk-taking at all organizational levels.

Risk agility is as much about being bold and taking responsibility as it is about having both temerity and deference to challenge risk head on. Agile risk managers are a new breed of organizational leaders who are part psychologist and part financial guru. To rise to the occasion and help organizations harness the unprecedented yet unforgiving upside that can be created, we must move the discipline of risk management from being a business prevention function--a cost of doing business--to being a catalyst for longevity.

Risk agility implies a deftness of movement; whether the required pace given the circumstances is slow or fast--movement is the key. Standing still is usually not an option. We do not need to be taught that observing smoke rising from a few floors beneath us and standing still is ill advised. While the data may suggest that everything is fine, silencing your instincts occurs all too often in organizational decision making. Agile risk managers therefore need to be as courageous in confronting authority as they are poised in the face of new challenges.

When decisions are made at the global level, risk managers are most often not in the room--and they need to be. Changing this reality will require discipline. Professionals in the decision making and risk management domains need to take a long look in the mirror. They need to adapt personally as much as the organizations they work for--particularly since organizations are beginning to leave board room and corner office doors ajar.

For organizations to fully harness the power of risk agility, the competitive advantage of survivorship--long range planning, entrepreneurial culture and bounded risk-taking--those at the top need to be challenged, and in the Germanwings case, a cold hard slap in the face. Risk managers must challenge decision makers in the form of dialogue that fosters the ability to make sensible decisions under opaque conditions. Sometimes the best long range results are created when the playing field has been entirely abandoned.

*Dante Disparte is CEO of Risk Cooperative. Daniel Wagner is CEO of Country Risk Solutions. Both are co-authors of the forthcoming book "Global Risk Agility and Decision Making" (Macmillan, July 2016).

Popular in the Community

Close

What's Hot