Mike Rasmussen’s recent Corporate Integrity posting, on the ever-increasing burden of compliance, set me thinking. I’ve long understood that most people don’t understand the concept of risk.
I recently came across a reference to some research which bears on this. It’s always good to see proper formalised evidence for something which otherwise is just supposition. It was cited in The Guardian recently, but (in true ITasITis fashion) I went behind the news to the original source.
Namika Sagara, for a 2009 thesis, set up a very carefully phrased statement. He told a group of people that “In a double-blind taste test, consumers tasted two cola drinks with a bite of cracker or sip of water before each tasting. Among these consumers, 35% believed that Diet Pepsi tasted most like real cola” (this was one of over 40 statements tested).
Then he tested the group’s understanding. Most people translate the statement above into “Diet Pepsi won the vote”. This “Illusion-of-Truth” effect is one way in which positive presentation of numerical data sways understanding, and shows how undiscriminating people can be. And they would have even less chance of understanding if the 35% was in competition with five other drinks instead of just one.
This work built on earlier research, cited by Sagara, which “suggests that many people are ‘innumerate’ and about half of Americans lack the minimal mathematical skills needed to use numbers embedded in printed materials” – or, presumably, other publicity information.
This bears on Mike’s point about the over-bearing burden of compliance: not just the amount of regulation that has to be understood and followed, but the rate at which new compliance requirements are being added and the burden of just keeping up. My hypothesis, which I’d love to see tested in the same style of rigorous research, is this. If it’s been shown that people don’t understand numeric information, then they certainly don’t understand the concept of risk. And they expect services they receive to be risk-free whether it’s healthcare, transport, energy, social care, or Internet. Read or watch your news media with this hypothesis in mind.
The realities of risk come home in adverse events: a beneficial drug which has side effects, a train crash caused by human or mechanical failure, fears about nuclear power, child protection scandals, online scams and worse. And when something does go wrong we look around for someone to blame and someone to claim against. The blame-and-claim culture affects the political arena, hence the attempt to legislate to create a risk-free environment.
So the push to remove the dead hand of over-regulation is dealing with symptoms, not causes. Somehow, there needs to be a concerted campaign to spread an understanding of risk management (rather than risk aversion) first through the enterprise and legislatures, but then most certainly beyond into general understanding.
Incidentally, at the same time I found Mike’s email, there was a flyer for a KPMG webcast related to a global survey conducted earlier this year into the integration of governance, risk and compliance. See the report online. I haven’t read it … but there’s a linked upcoming webcast on 4 Nov.
• Regulatory Intelligence: Bombardment of Regulations upon Organizations, Mike Rasmussen, Corporate Integrity, 27 Oct 2010
• Consumer understanding and use of numeric information in product claims, Namika Sagara, University of Oregon PhD thesis 2009
• George Osborne’s talk of percentages and billions will wash over most of us, Aditya Chakraborty, Guardian G2, 19 Oct 2010
• The convergence challenge: Global survey into the integration of governance, risk and compliance, KPMG, 15 Feb 2009
• Balancing the benefits and challenges of governance, risk and compliance, webcast 4 Nov 2010 at 14.00 EDT, Compliance Week/Thomson Reuters (note for European readers: the US is still on summer time. Watch the time differences!)