Why are so many companies missing the point? ERM’s Role in Risk Prevention

Regardless of guilt or innocence, FedEx’s recent indictment has reminded us that in today’s world of complex global interactions and increased regulations, organizations must have a strong handle on interrelated risk, business processes, and relationships.

This past week, FedEx made headlines for knowingly assisting illegal online pharmacies, according to the U.S. Federal Government. The company is being charged with conspiracy to distribute controlled substances and drug trafficking, as reports claim the shipping company willfully delivered unprescribed medications for over a decade. Whether or not management and the Board of Directors were aware of the situation is a major factor in the case, but nevertheless, FedEx has been indicted on a violation of the Controlled Substance Act.

Just over a year ago, FedEx’s competitor UPS found itself in a similar situation. UPS admitted to knowingly distributing controlled substances through illegal means, and they agreed “to establish a compliance program designed to ensure such customers won’t be able to use its services to illegally distribute drugs.” – Business Week 7.18.14

Unfortunately, FedEx failed to take preventative steps and is now caught in a legal battle, facing possible fines over $800 million. Although such a compliance program may seem standard practice, FedEx is not alone with its lack of governance.

Many companies are far behind in establishing effective controls and processes relating to risk management. Linking policies and procedures that are already in place to the specific compliance and regulatory standards they support uncovers business process gaps and allows for efficient mitigation activities. Without transparency into compliance gaps and existing oversight, events such as those experienced by FedEx and UPS are all but inevitable.

To ensure full transparency, it is critical to take things a step further and create an enterprise-wide governance program. Compliance management only goes so far on its own; integrating other existing governance areas such as risk, audit, and business continuity planning (BCP) drastically increases the value of compliance efforts. Coordinating and sharing overlapping information between these functions ensures that all risks are identified and remain uncovered. In other words, creating a true enterprise risk management (ERM).

Damage control and press release statements can only go so far once an incident, like FedEx’s, occurs. The repercussions can be nearly impossible to bounce back from, regardless of a company’s size or financial standing. Taking a reactive approach versus a proactive, companies are left facing consequences instead of preventing surprises in the form of effective enterprise risk management.

To learn more about how to integrate ERM and compliance, find the complimentary ebook ‘How to Integrate Governance Areas’ or request a demo to see how the LogicManager platform can help.

Views: 117


You need to be a member of GlobalRisk community to add comments!

Join GlobalRisk community

Our Sponsors

Would you like to reach over 90,000 + Risk Professionals? 



Current Partners Include:





Join GRC Inner Circle - Get Top Risk Resources, Member Support PLUS become our patron

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.


Our Knowledge Partners

Request our MEDIA KIT

Our Twitter feed

© 2020   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service