GM’s risk management failures provide lessons for other firms

General Motors

Strategic fails afford valuable lessons. There is something to be learned from the spectacular recent failure of General Motors’ once highly-touted enterprise risk management program.

In 2012, G. Mustafa Mohatarem, the Chief Economist at General Motors, in praise of his firm’s implementation of a new Enterprise Risk Management (ERM) program, commented on lessons learned by his company. He said: “There is a tendency to underestimate the risk…It is relatively easy to say, ‘Well, it’s a low probability risk, let’s go on.’ It may be a very low probability event, but those low probability events have a way of materializing, and we’ve got to understand what happens if we do it.”

General Motors is now caught in the grip of a strategic failure that materialized from a seemingly “low probability” event. A recall of 3.1 million vehicles is expected to result in a charge of $300 million. The US Justice Department has launched a criminal investigation to determine if GM knowingly withheld information from consumers on defective vehicles. Just this week, Toyota was fined a record $1.2 billion by the US Government in another case. GM is facing similar penalties.

Whenever a company or organization finds itself in the throes of failure, large or small, it is useful to return to fundamentals and ask what happened in terms of basic analysis. At the heart of most any corporate strategic failure lies a misunderstanding of simple concepts such as Porter’s Five Forces, the SWOT analysis or competitive advantage.

GM did not take its own risk management process seriously. In 2012, GM’s then-Chairman and CEO, Dan Akerson gave the impression GM was in control, saying, “The best risk management function…is one that you never hear about publicly…You are always trying to anticipate, trying to move before you have to, and if you do, try to look across the entire enterprise and get an integrated view of risk… Decisions you make today will ultimately have an impact on you many years out. Large, complex, global organizations…don’t fail with one dumb decision. There has to be many, cascading decisions that accumulate to erode your competitive position.”

Those were the days when a proud GM trumpeted the value-added benefits of its ERM program. The company was touted as a risk management model for others to emulate by risk professionals, trade journals and academics. “If any company can be said to have put the ‘enterprise’ in risk management, it’s GM,” CFO magazine announced in 2013.

GM Risk Mgt

Source: GM Presentation at RMS 2012 ERM Conference

Alain Genouw, CFO at GM Global Connected Consumer, OnStar LLC, characterized the risk management attitude at GM this way: “In the past, risk management was not on the forefront of everybody’s thinking or tasks. It was more of a check-the-box type of activity. Today at GM (2012), risk management is front and center for everybody…It is more of a collaborative effort to make sure we understand those risks and be proactive about managing those risks.”

A Global Risk Insights post three months ago questioned whether GM’s ERM had evolved beyond the “check-the-box” stage sufficiently to focus on effective execution. The piece ended pessimistically, stating that “It might be a while before GM can quantify its ERM program’s impact.” It seems this pessimism was unwarranted. GM can now quantify its impact; the ERM program could cost well over a billion dollars.

There is some hopeful news. The new CEO at General Motors, Mary T. Barra, knows where to begin in the wake of the recall disaster: “These are serious developments that shouldn’t surprise anyone. After all, something went wrong with our process in this instance, and terrible things happened…We are conducting an intense review of our internal processes.”

Developing a strategy to turn GM’s ERM process into an effective program for risk management analysis and execution would be a good start. Brian Thelen, GM’s Chief Risk Officer, told CFO magazine that ERM helps GM make better decisions and is part of the global automaker’s competitive advantage. This is probably true to some extent, but ERM is not the strategic strength GM management believes it to be.

GM ERM Process

Source: GM Presentation at RMS 2012 ERM Conference

In retrospect, the company’s confidence in its process seems misplaced. The graphic above is a slide from a presentation given by CRO Thelen in 2012. It can be argued GM violated most if not all the components of its Risk Management Process.

GM’s risk management culture was not as developed as it should have been. Exposing individuals at various levels of management to the goals and objectives of the ERM program are not the same as promoting and embedding risk awareness. The company was not as adept at spotting, assessing and mitigating risks as it imagined. No one in the firm seems to have owned this particular risk, so no plans appear to have been developed to manage it.

A feedback loop appears not to exist. The communication and evaluation of existing internal risks – in this case, faulty ignition switches – did not take place for 10 years. It appears GM underestimated the probability of the risks associated with the faulty engineering, and failed to recalculate risks in a Bayesian fashion. It looks as though GM performed an inadequate cost-benefit analysis, if any.

GM manufactured long-standing weaknesses in an important strategic activity – the identification, communication, analysis, and mitigation of risks. An “accumulation of cascading decisions,” the weaknesses contributed to a significant failure. These problems were entirely internal to company operations; GM was in complete control of these factors. Further, these weaknesses thrived despite a “model” company-wide ERM process in place under the direct and active supervision of the company’s top management and board.

Instead of being part of General Motors’ competitive advantage, as CRO Thelen asserts, the company’s enterprise risk management system created for GM a distinct competitive disadvantage. When companies mistake process for execution, “terrible things” can happen. CEO Barra is correct, this should surprise no one.

Advertisements

Tags: , , , , , , , , , , , , , , , ,

Categories: North America, Technology

Author:Steven Slezak

Steven Slezak is on the faculty at Cal Poly in San Luis Obispo, California, teaching finance, strategy, and risk management. His research is supported by the university’s Farm Credit Program in Finance and Appraisal. Previously, he taught financial management and financial mathematics at the Johns Hopkins University MBA program. He holds a degree in Foreign Service from Georgetown University and an MBA in Finance from JHU. He has worked in fields as diverse as international economics, national security, commodities trading, and risk management. He consults on business management and strategy.

Connect

Subscribe to our RSS feed and social profiles to receive updates.

5 Comments on “GM’s risk management failures provide lessons for other firms”

  1. Dave McLellan Retired Corvette Engineering Director
    April 1, 2014 at 12:40 pm #

    It is instructive (and not surprising) that in none of GM’s risk management charts shown here is the customer mentioned. Yet, as we’re seeing, the car in the hands of the customer is the biggest risk of all, when a $1.29 part can actually end up costing a billion dollars.

    Problems like the ignition switch first surface as singularities. It’s easy to dismiss “singularities” until you consider that these cars are built in a process. To the extent that the process is stable they’re all going to be good cars or they’re all going to be flawed. At least that’s the hope of the engineer. If they’re all flawed they’re fixable. If chaos reigns in manufacturing there’s little hope of fixing anything.

    The car in the hands of the customer is its ultimate test. All the lab and proving ground testing is but an attempt to find and resolve problems ahead of the customer. Ultimately, the customer tests the car. Recognizing, understanding and fixing problems that customers uncover must become a high priority. The ultimate objective is to build cars in a stable and capable process that delivers the customer a totally reliable, defect free, product.

  2. April 1, 2014 at 5:07 pm #

    Yes, if you watch GM’s video presentation on risk management, the customer doesn’t show up at all. Neither do dealers. I think GM might have assumed all that under the motto, “Design, Build, and Sell the World’s Best Vehicles.” Enterprise Risk Management programs should encompass the entire company. Leaving out marketing and sales is a huge omission, especially for a company whose business is sales.

  3. April 29, 2014 at 11:20 am #

    Today’s organizations have to move from process centric approach to project centric approach with in-built RAID (Risk, Assumptions, Issues and Dependency) framework to see expected outcome flow as needed from such projects.

    At the corporate level it’s Integrated project management/program management board which reviews on a periodic basis to assess impact of even slightest risk or dependency or even assumptions on a particular task/milestone thus taking preventive action rather going with RCA.

    • April 30, 2014 at 11:36 pm #

      There are different approaches firms can take. But no approach works well if the dominant corporate culture fails to encourage risk analysis and management, or if the programs are mostly window dressing designed to placate the board and regulators but not to be effective operationally.

Trackbacks/Pingbacks

  1. General Motors' Lesson to Manufacturers: Transparency Is a Better Risk Reduction Strategy - April 14, 2014

    […] GlobalRiskInsights.com’s Stephen Slezak called the problem a “strategic failure that materialized from a seemingly ‘low probability’ event.” The U.S. Justice Department is calling it a criminal violation, looking into G.M.’s failure to inform consumers about a vehicle defect that cost at least 13 lives. G.M. faces a cost of $300 million to recall 3.1 million vehicles. Another billion or so may come from the Justice Department investigation. […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: