Blog
/
KYC
/
Competence Eats Culture For Breakfast

Competence vs. Culture: What Really Drives Better Decisions in Risk Management?

Anders Meinert Jørgensen
February 22, 2025
AML
KYC
How To
Opinion

Competence eats culture for breakfast...

Over the last few years, people have repeatedly cited culture as the big culprit behind various corporate scandals. After a scandal, new leadership quickly concludes that “the previous management and culture was the main reason behind XYZ, and now we are installing a brand new (and better) culture.”

The argument that culture is the main root cause is easy to buy, and I think we have all heard the phrase “culture eats strategy for breakfast” too many times.

But is it true? I am sure it's true in some cases, but I dare to claim that in most cases, it's a much more complex list of underlying reasons. Therefore, I urge executive teams to think more broadly when looking for root causes.

Why? Because the only real value of identifying root causes is that it allows you to change things going forward and become more resilient.

Other root causes to be considered:

➡️ IT infrastructure: Do we have an infrastructure that can give the right data at the right time? Are all of our customers and transactions being screened and monitored?

➡️ Resources: Do we have the right number of people to drive the desired risk management and compliance level, and can we retain them across all three lines of defense? Do we invest enough?

➡️ Competences: Do we have the right competencies at all levels of the organization? Are the people in critical positions across lines of defense competent enough to do their job? Do we do enough to educate the entire organization about current and future threats? How do we ensure that executive management and the board have the right competencies to understand the risk and make the right choices when allocating resources?

Of all the above (including culture), lack of competence is the most important root cause. It is often the most ignored, lacking the most in organizations. I can't prove this opinion with hard facts, so my rationale behind this thinking is purely based on experience (hard experience, I may add) and a somewhat optimistic assumption about my fellow beings.

I assume that people around me will do the right thing. This means that most people you work with will avoid risks and non-compliance, especially avoiding doing something harmful or illegal. Therefore, disagreement is often due to a lack of understanding of the risk and its size more than bad culture.

Lack of competence can be fixed by:

✅ Educating people.

✅ Bringing in external consultants.

✅ Hire people who have tried something similar before.

The power of having people on the team who have seen a specific risk unfold in a comparable situation is priceless.

The more competent the team, the more likely they will make the right choices, and the less of a factor culture is.

You can easily find organizations with a healthy culture that make bad decisions simply because they lack a thorough understanding of the risks across all organizational layers.

Relevant products

Avallone products and services that can help you

KYC Hub
Immediate, secure and easy management of all your KYC efforts including built-in organization.
KYC Collector
Collect KYC - including information and documentation - from anyone outside of your organization.
KYC Responder
Quickly and easily respond to KYC questionnaires coming in from your counterparties - such as banks, law firms, auditors and more.