This week on Aevitium: Risk vs Control in Risk Management
Julien Haye
Transforming Risk into Opportunity—Strategic Risk Leader | Advisor | Speaker | Author | Chair, NED, & Trustee
Featured Article: Risk vs Control in Risk Management - A Paradigm Shift
Why Adding More Controls Isn’t Always the Answer to Managing Risk
Hello everybody,
Happy Monday. I hope your week has started with fresh energy and new ideas.
Last week, I shared a refreshed look at non-financial risks, exploring how these factors shape boardroom discussions and risk culture, and why they remain central to leadership and resilience.
This week, I am returning to the foundational debate of risk vs control - an issue that lies at the heart of how financial firms navigate complexity and maintain resilience. The question I keep coming back to is why simply adding more controls often fails to address the real risks. What's clear to me:
“More controls don’t always create more safety. They can create more complexity and embed the very risks they aim to manage out.” – Julien Haye
Firms often spend millions (or more) on process and control improvements, yet many still struggle with fundamental risks. In my experience, the problem isn’t always a lack of controls; it’s a misunderstanding of how risks emerge and where they really live.
In this new article, I explore:
📍 The risk vs control debate and why it matters for financial firms
📍 How layered complexity and organic processes create hidden risks
📍 Why first principle analysis and re-engineering often work better than adding controls
📍 How to build a culture and mindset that sees beyond checklists
These insights are crucial for any risk leader or board grappling with the limits of control frameworks and the need for holistic risk management.
I would love to hear how your organisation is balancing risk vs control and what strategies you’ve found most effective in managing complexity.
Wishing you a week of thoughtful decisions, meaningful conversations, and fresh insights.
Best, Julien
Article link: 🔗 https://www.aevitium.com/post/risk-vs-control-a-paradigm-shift-required
This Week’s Additional Updates & Opportunities:
1️⃣ New insights on the Three Lines Model and Governance: Recent polls show that while many have adopted the Three Lines Model, gaps remain in role clarity and cultural alignment. This week, we explore how clear roles and psychological safety can strengthen governance, reduce duplication, and support better decisions.
2️⃣ Book Update: Risk Within is now available! Since launch, The Risk Within has helped frame key challenges raised in our polls, including fear of blame and leadership gaps. A leadership programme is now in development. If you haven’t yet, pick up your copy and join the conversation.
3️⃣ RiskMasters Podcast: Board Oversight, Risk Leadership and the Future of Governance: This week, Brenda Boultwood joins to explore how risk leadership is shifting across industries. From tone at the top to the future of AI, we unpack what’s holding boards back, what’s changing, and how to build strategic, future-ready risk frameworks.
4️⃣ Curated Articles: Dive deeper into this week’s themes from strengthening board oversight, challenging leadership blind spots, to improving governance for long-term resilience.
5️⃣ Upcoming Events & Webinars: At Aevitium, we host live events that tackle the real-world challenges of risk, compliance, and leadership. From expert-led webinars to Risk Within Live Q&A sessions, each event offers practical insights for risk and business leaders. Join us to learn, reflect, and connect with a growing professional community.
📩 Stay ahead of the curve—scroll below to explore these resources and opportunities.
Governance Gaps: Unlocking New Possibilities
Not all warning signs are technical. Some of the biggest risk indicators are cultural and easy to overlook. Our latest poll explores the signals that often hide real risk exposure:
📍 33% of respondents identified silence in meetings as the top cultural red flag, showing how fear or disengagement can conceal emerging issues.
📍 33% also pointed to no challenge to the status quo, reflecting the dangers of complacency and uncritical acceptance of norms.
📍 18% noted avoidance of conflicts, which can allow tensions and vulnerabilities to build unnoticed.
📍 15% highlighted avoidance of bad news, which keeps decision-makers in the dark.
What This Tells Us
Cultural signals like silence and conformity often reveal more about an organisation’s true risk profile than any data point alone. When people do not feel safe or encouraged to challenge, blind spots multiply and governance becomes reactive rather than proactive.
True governance strength relies on the ability to surface and confront uncomfortable truths. Listening to what is not said, and creating an environment where concerns can be raised without fear, is essential for resilience and long-term success.
Let’s connect— book a meeting here.
📊 Ongoing Poll: The Hidden Barriers to Governance Improvement
In the Three Lines of Defence model, role clarity is not just a compliance step. It creates alignment between risk and performance, while also improving outcomes and controlling costs. Early results from our ongoing poll show that 75% of respondents are keen to explore how role clarity diagnostics can strengthen governance in practice.
Would your team be interested in taking part? Feel free to share your experience in the comments, join the ongoing poll, or contact me directly to explore this further.
Poll survey link on LinkedIn: https://www.linkedin.com/feed/update/urn:li:activity:7336278194750189568?utm_source=share&utm_medium=member_desktop&rcm=ACoAAACPfFMB6H2gmXmX07V0yupet72E9uvZ5kQ
🔍 Inside “The Risk Within” – What Are You Missing?
Over the last few weeks, our polls have surfaced a consistent pattern:
✔️ 57% struggle with resistance to change
✔️ 40% say leadership isn’t supporting psychological safety
✔️ 33% identify siloed collaboration as a top challenge
✔️ 53% cite leadership misalignment as the biggest barrier to building risk culture
These are not technical gaps. They are cultural ones.
The Risk Within addresses these challenges head-on, with a practical, evidence-based look at how internal dynamics quietly shape governance, decision-making, and long-term resilience.
📖 What You’ll Take Away: • Why fear of blame undermines risk awareness
• How leadership behaviour influences cultural trust
• What it takes to create alignment across the Three Lines
• Real-world examples of organisations that overcame internal resistance
🔹 Where to Get It: RiskBooks
RiskBooks – Use code THERISK25 for a subscriber discount
GARP Members – Access via the GARP Risk . net portal
Amazon – Available in both paperback and Kindle editions
"I don’t think risk management is about compliance anymore. I think it’s about enabling a business and enabling a strategy." – Brenda Boultwood
In this CPD-accredited episode of RiskMasters, host Julien Haye welcomes Brenda Boultwood, a seasoned Chief Risk Officer (CRO), economist, board advisor, and tech executive, to explore the evolving nature of risk leadership across industries and geographies. Brenda brings a unique perspective from her work across finance, energy, academia, the IMF, and Silicon Valley.
If you enjoyed this episode, don’t forget to like, follow, and leave a review! Your feedback helps us bring more thought-provoking content and insights from industry leaders.
🎧 Listen to the full episode: https://www.aevitium.com/post/brenda-boultwood-on-riskmasters
🔔 Subscribe now and stay informed on the future of risk.
🎙 On Apple Podcast: https://podcasts.apple.com/gb/podcast/riskmasters/id1709495792?i=1000710473825
🎙 On Spotify: https://open.spotify.com/episode/39kvq1RN8Am7NaPLw1Dbox?si=D6JZEQOhQn6LlBmoU2NXRg
Upcoming Events & Webinars
Join us for upcoming live events that tackle today’s real-world challenges in risk, compliance, and leadership. Highlights include:
🔹 Scenario Analysis and ICAAP Reporting (02–04 Sept)
🔹 Why Your Risk Strategy Starts with Trust (10 Sept)
🔹 ICAAP Lifecycle and Implementation (16–18 Sept)
🔹 Mastering Operational Resilience (06–08 Oct)
Each session is designed to be practical and engaging. View the full schedule and register here: Explore Events
More Articles from our Risk & Leadership Series
Explore why effective risk management isn’t just about adding more controls—it’s about understanding the human and cultural drivers that shape risk decisions.
This article looks at how governance frameworks must go beyond policy to create systems that enable trust, challenge, and safe escalation.
Silence and unchallenged assumptions can derail even the best-designed control frameworks. Learn how to identify and address these cultural gaps.
Good governance is more than a control function—it’s about aligning risk oversight with strategic goals. Discover how to build resilient, future-ready governance.
Dominic Bowen sits down with Julien Haye to explore how psychological safety transforms risk management, leadership, and decision-making.
Let's discuss how I could help; book a meeting now!
Should you have any questions or if you'd like to discuss how our services can specifically benefit your organisation, don't hesitate to reach out to me directly at julienhaye@aevitium.com or call me at +44 7700 160052. You can also book a meeting directly by clicking on the button below.
Consultant | Risk Leadership | Governance | Strategic Thinking | Enabling Organizational Success & Transformation | Vision and Visionary Leadership | Leadership
2moThanks for sharing, Julien Haye