Ben: Hi, I’m Ben Stapleton, here to have a chat today with Matt Oyston and Mark Pulvirenti from Control Risks.
We’re going to explore the role that collaboration and trust has when we look at safety in high-risk environments, and also integrity management and anti-bribery and corruption – really critical topics for any business.
So, Matt, just perhaps start with safety and high-risk environments. Safety is really the number one thing for our industry, and certainly here at Aurecon. We have our “My Life-Saving Rules”, our top 10 “My Life-Saving Rules”, and one of those is “Travelling to and working in high-risk environments.”
So, just interested in the role that building trust has in managing the safety outcomes in high-risk environments?
Matt: Sure. So, I think there are sort of two areas that we talk through and advise clients, the first being understanding the threat environment that you’re dealing with. So, we look at areas of political threat, security, operational and integrity threat as well, looking at the regulations in that particular jurisdiction.
So, firstly, understanding that threat environment is key. As you can appreciate the security environment in, say, Port Moresby in Papua New Guinea would be vastly different to, say, an environment such as Lagos in Nigeria. So, understanding that threat environment for us is key.
I think the second point is understanding your stakeholders, so knowing from both an internal and external perspective “Who are those stakeholders that I’m dealing with.” Use an example of your joint venture partners; you know, you may have an individual that may be politically exposed in that joint venture. Well, a change in a political environment may impact your ability to operate and actually the safety and security of your particular employees working in that environment.
So, I think doing those two things really builds a level of sort of trust and confidence with your employees that they know “Look, this is the environment that I’m dealing with”, and being able to trust particularly the external parties that you’re dealing with by cutting out those two tasks.
Ben: So, how does collaboration then fit within that building of trust; what do you see in practice in terms of collaboration?
Matt: So, say there’s a particular project in a high-risk environment, what is the sort of security function or umbrella that that particular joint venture partner is going to provide? That might be quite different to, say, operating in an office environment in the CBD; you might be reliant upon you know a base building security or the local security services. So, that collaboration piece from the start is important.
You may recall the unfortunate events that occurred in Nairobi in Kenya back in January this year where there were 21 people killed during that event. So, there was basically an attack on the Dusit Hotel. Now, our control risk offices are actually located in that same compound. Now, the event occurred, there was a lot of obviously commotion, a lot of gunshots that went off, and basically one of our lead consultants in our office at the time had to make a judgment call as to basically run or hide, so they chose to sort of shelter in-place in the office. And in parallel with that one of our consultants, who was actually external to the compound, actually came to the location and started working with the intelligence and security services, and he knew some of the people there.
So, what had occurred was there’d been a relationship built and a collaboration built up over the previous years with those particular security services. And he was actually able to relay information between sort of forward command posts that had been set up and our employees still within the office and it very much helped both sides to use that information and really collaborate during that event.
And I think the final piece of that, which was important, was after the actual attack they were able to collaborate with those security services because it became a crime scene basically, and they were able to get access to their facility, to our offices, over the coming weeks and really were in a sort of business recovery mode. So, I think again going back to the collaboration piece was important to be able to operate during that business disruption.
Ben: Interested in what tips, techniques, tactics that you use or recommend to be able to create that environment?
Matt: Sure. Look, I think doing the basics right is important, and this is going back to my earlier point doing a Threat Assessment. And then the follow-on from that is the Risk Assessment itself, so knowing the assets that I have there, the vulnerabilities that I have, and really coming up with a mitigation plan around that.
I think the second point is doing some basic Security Awareness training with your staff that travel to and from the office, and even their environment, so giving some sort of tips and tricks around being more security-aware and what are the responses available for our employees. Even basic things like having a communication protocol within your office, you know if I don’t have access to my laptop.
I think finally is actually having an exit strategy, so if things unfortunately do go pear-shaped on a project or a particular office being able to extract yourself from that situation, be it contractually and physically, at that point is important.
Ben: I think they’re all really relevant. I know from our business perspective we have people working in high-risk environments in a range of different locations, be it on-site in countries where there is a bit more unrest and high-risk situations, so you know that planning, the conscientious behaviour is really critical. So, yeah, thanks for your time Matt.
Matt: No worries. Thanks Ben.
Ben: So, Mark, interested to have a bit of a discussion about integrity and anti-bribery and corruption. I think there are lots of parallels between managing safety and security in high-risk environments and also integrity management. As in relation to collaboration and trust, I guess what we see there is, managing business risk is critical to any successful business. When you have operations in multiple jurisdictions with different cultures, different business environments, integrity management and ABC is really a key priority.
Just interested, Mark, in what are some of the key elements that you use in terms of managing anti-bribery and corruption risk management in a business?
Mark: Yeah, sure. So, similar to what Matt was saying that the first step is really performing that Risk Assessment and understanding where the risks might come from and where the vulnerabilities might be and then using that information to assist in designing a Compliance Program and putting in place policies and procedures and controls that are appropriate and relevant to the risks that are going to be faced. So, that’s going to be the starting point.
Ben: So, what part does the strength of a relationship and trust play in being able to manage that effectively?
Mark: Yeah. So, trust and collaboration are not the typical buzz-words that you get when talking about bribery and corruption but certainly they are integral in formulating a strong corporate culture, and that’s in a post-Royal Commission world, for all corporates it’s going to be a very important issue designing that robust corporate culture. You need to be saying to people internally and externally “We have a culture of integrity and we operate business in that way.”
Ben: So, Mark, do you think if we collaborated more effectively with our stakeholders and our partners that we’d be better at managing these risks?
Mark: Absolutely. When you’re dealing with third parties, joint venture partners, et cetera, you need to be assured they are treating the issues the same way that you are. So, communication is key to convey your values to those parties and to set the expectations that you will expect them to behave in a similar way.
Ben: When you have a business that has operations in a range of geographies you need to actually have trust that they’re delivering and implementing policies and practices at that local level, and that takes a degree of trust that that’s happening. How do you go about building that and you know what ideas have you got to support that?
Mark: More often than not now we’re going to be devising incentives in a business to have people behave in a certain way and really then it creates that two-way street of communication and trust in each other that things have been done the right way.
Ben: What sort of incentives? I’m interested to understand the carrot and the stick, and I get the stick, you know the policy and compliance, but interested in the incentive component of this; have you got any examples that you can share?
Mark: Well, it’s depending on the role of the individual really, and it’s certainly an area that’s garnering a lot more attention these days, but really about the number of trainings they might attend, the ability of an organisation to behave in a way that minimises certain events that you’re not looking to have happen. There’s any number of ways depending on the certain role just really designed in a way to guide that human behaviour the way that you’re looking to guide it.
Ben: So, I think aligned with what Matt talked about, when partnering, when you were looking at working with stakeholders or partners in a region, setting up policies and procedures and compliance programs is important?
Mark: So, communicating with those third parties is key in ensuring that the way that they are operating is consistent with the goals that you have as an organisation and that they understand really how you operate as a business. It’s not a one-stop set-and-forget process; it’s an iterative process where you work together to achieve that common goal. But you also have those contractual issues in place, the rights of audit, those things to be able to monitor behaviour and to not only encourage that behaviour but to also ensure from a compliance perspective that behaviour is coming forward.
Ben: I think one thing we find when we’re bidding work and we’re establishing projects in various regions is there’s this tendency to rush to get into the project. And I guess what I’ve learned out of this discussion is the importance of not just assuming our expectations are the same as our partners and having that conscious conversation around safety and security management, integrity management, with our partners just so that everyone is on the same page and that in the event that something does happen that we’re all prepared and all aligned to be able to manage those risks. I think it’s a really important piece.
Thanks for your time, Matt and Mark, really appreciate it.
Mark: Pleasure, thank you.
Matt: Thanks Ben.