Lest I give the impression that I am a complete pessimist, I also think there is hope for progress. I have often said that the for-profit corporation is the closest we humans have come to creating a benevolent dictatorship. Let there be no doubt, under a strong leader a corporation is essentially a dictatorship. What keeps it reasonably benevolent is that it is an open system in which employees and shareholders have the right of exit. (This also explains why a good education and attractive skills are the surest guarantee of an individual’s personal freedom.) Competition for employees, customers and shareholders is the essential force that makes for-profit corporations more responsive than government or not-for-profit organizations.

Beyond that, for-profit corporations have a clear eyed sense of the reality of human beings as existing in a moral space somewhere between the brutes and the angles. As a result, it is universally accepted in the corporate world that everyone must be subject to oversight and independent review. Obviously this process is not 100% effective as was shown in the cases of Enron, WorldCom and Parmalat, but broad acceptance of the principle is at the heart of corporate governance.

I am not sure I would draw Sean Lyon’s distinction between external and internal drivers. In my view the need for effective corporate governance and risk management flows directly from external competition for shareholders or the self-interest of private owners. Regardless of the source, however, I agree that the importance of good governance is widely shared. Another source of pressure for more holistic risk management is a growing sense of the danger from highly unlikely events, what Nassim Nicholas Taleb calls Black Swans. The variety of potential threats, including market shocks, infrastructure failures, electronic security breaches, terrorist attacks…the list goes on, tend to push thoughtful people toward the need to marshal AND COORDINATE all available resources for effective risk management.

I do think progress will be made in this area. To show, however, that I have not lost all my cynicism, I always fall back on the sad truth that, “Experience is a harsh teacher but some will learn from no other.” The huge and highly embarrassing trading losses of the late 1980s and early 1990s gave birth to modern financial risk management as a coherent profession. September 11th suddenly concentrated people’s minds on the importance of fail-safe backup facilities. In the same fashion, I think the big push toward more integrated risk management will come on the heels of a yet unknown future disaster that either might have been prevented or the damage from which might have been minimized by having such a structure in place.