Does RA have confidence issues?

Firstly happy new year to everyone – I hope 2010 is a successful one.

Reflecting on some recent posts, both on talkRA and more broadly, I found myself asking the above question.

My rationale was that much of the discussion around RA seems to centre on what the next step of evolution for RA should be. It is almost as if finding and preventing leakage is not enough to sustain an RA function and that more needs to be added to the RA portfolio for it to continue to be seen to be adding value. I wonder if the logic for this is an assumption that, with a well-established RA function, either leakage will fall away or more likely the costs of finding and fixing it outweigh the benefits it will bring.

In many ways this makes sense. The TMF maturity model advocates greater decentralisation of the “RA” mindset and capability across an organisation. Now in many organisations this is not practically possible to achieve but it is possible to move further along the continuum. And this would imply that the RA managers who do the right thing for their organisation by spreading the thinking of RA may find their role reduces as resource moves out to operational areas as the perceived value of RA moves from tangible detected loss to less tangible prevented.

So is it the case that RA done well means that the RA manager must look to extend their remit to hold their status in their organisation? Is RA alone not “noble” enough to provide a sustainable career path? Now, I don’t have the answers to this but as I have recently moved from an operator to being an independent consultant, this question is also relevant for me personally.

Surely though this challenge for RA is not that different to other risk management disciplines – primarily I am thinking of fraud and security but this could also apply to other risks such as legal, regulatory etc. When RA is new in an organisation then opportunity for attention arise as the leakages are found and fixed but at some stage a steady state will be met. Must RA extend itself to continue to have influence and attention at the CxO level…and if not will it find its position becomes less relevant? I don’t have the answer to this question and I suspect it will actually evolve and change anyway over time but it is something every RA manager driving their company along the maturity curve should consider.

Mike Willett
Mike Willett
Mike is a Partner at Ernst & Young, Australia. He is responsible for enterprise intelligence, helping clients to improve their management and use of data. He can be contacted at:

Mike was previously the Director for Fraud & Revenue Assurance at Telstra. He started his career at BellSouth (now Vodafone) in New Zealand and then moved to Praesidium Services in the UK. Mike graduated from the University of Auckland in New Zealand with degrees in psychology and marketing.