CNN’s latest news headlines reads, “28 years for salmonella: Peanut exec gets groundbreaking sentence.” This story relates to the Peanut Butter Corporation of America’s (PBC’s) bankruptcy, and the largest food recall in the United States due to salmonella. Known as one of the deadliest salmonella outbreaks, the PCA’s case is linked to nine deaths on top of 714 affected and sickened. 

Stewart Parnell, PCA’s owner, received a 28 year prison sentence, while his brother and food broker for PCA, Michael Parnell, is to face 20 years.  Mary Wilkerson, a former plant manager, was given five years in prison.

The Peanut Butter Corporation of America’s failure to identify risk at the front line activity level is a case study in the importance of permeating effective risk management practices throughout an entire corporation. By providing incentives to the front line workers who exhibited less rework and lowered costs, PCA placed employees in a complicated situation. Employees were made to choose between their own livelihood and the safety of PCA customers. This system of incentives created a conflict of interest between employee compensation and product safety. Samuel Lightsey, a former plant manager, said under oath that “he did not quit after discovering the illegal practices because he needed a job.”

Parnell’s record-breaking sentence was disclosed only weeks after the Justice Department issued new policies regarding risk management accountability. According to the New York Times, these policies “prioritize the prosecution of individual employees – not just their companies – and put pressure on corporations to turn over evidence against their executives.”

If the DOJ is serious about these new policies, individual accountability in cases like the PBC’s will only become more common. What can individuals, and especially risk management professionals, do to protect themselves and their colleagues from this level of liability?

How Risk Management Solutions Provide Protection


Moni Basu, reporter for CNN writes, “Defense attorneys argued that Parnell did not know about mismanagement at the plant, that he was the fall guy for other employees' wrongdoing.” Not knowing is no longer an excuse according to the Securities and Exchange Commission (SEC). If a risk is material enough to cause serious illness and loss of life, senior management needs to know about it. Immature risk management is now defined as negligence, and entails similar penalties to fraud, putting an end to an era of “not writing things down” to limit what might eventually become discoverable.

An Enterprise Risk Management solution offers the proverbial “Get out of Jail Free” card. By providing a standardized methodology to record risks, document controls, and set sign offs and approvals, a risk-based risk management program can demonstrate an institutional understanding and awareness of risk, ensuring that at the very least appropriate measures were taken to secure against loss events. The result is not only increased awareness of risks at the front lines, but also assurance for executives that their risk management program is reducing their liability for negligence and employee misconduct. Additionally, for the plant managers like Samuel Lightsey, proper risk management efforts and documentation via an ERM solution for risk management may be the difference between jail time and not. 

Parnell’s story serves as a warning; if you do not identify, assess, and evaluate your risks and implement proper mitigation controls and testing around these activities, you will face the inevitable repercussions and backlash. Best practice frameworks, like the RIMS Risk Maturity Model for Enterprise Risk Management, require that a component of employee’s performance evaluations be based on the effectiveness of their risk management practices.

Take your free assessment to assess the adequacy of your risk management program. Then, download our eBook, “5 Characteristics of the Best ERM Programs,” to learn more about implementing a best practice risk management program.

Votes: 0
E-mail me when people leave their comments –

Steven Minsky, CEO and Founder of LogicManager, is a recognized thought leader in risk management. Steven is well known for his precinct abilities to guide organizations through future risk events. Steven is a frequent speaker in the Energy, Financial Services and Cyber industries. While the first wave of COVID-19 caught many organizations by surprise, Steven predicted the pandemic impacts in January of 2020 and swiftly published action plans to help organizations prepare.

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!