Abstract:
This research explores the determinants of risk behaviour when an organisation
operates outside its normal operational domain. Organisations are being forced
outside their normal operational domains with ever-increasing frequency.
Through studying a banking acquisition, an area which has not been studied
before, the research identifies the risks faced by the organisation, the apparent
irrational management of the risks, and the reasons for this behaviour.
The research applies multiple research methods, which include the review of
company documentation, interviews with key managers and external experts, a
modified Delphi technique, case studies and statistical analysis. Through these
methods, the risks faced by the organisation are identified and evaluated in terms
of probability, impact, and degree of mitigation. Four risks are investigated in
detail, and based on these, six propositions are put forward, four of which are
support by statistical tests.
The research shows that where the organisation had a successful outcome history
in managing a given risk, or could manage the risk using normal management
controls, the risk tended to be managed disproportionately well compared to its
significance. Where those conditions do not apply the management of the risk
tends to be proportionately lacking. There is also evidence to suggest that the
existence of industry-specific regulation in relation to a risk results in the risk
being better mitigated. Organisations wishing to improve their risk response in unfamiliar operational
domains should therefore consider day-to-day controls as one route to
improvement. Also, where possible, they should try to create a history of
successful outcomes in dealing with the risk types they are likely to face in
unfamiliar problem domains. Regulatory bodies need to consider the impact that
their regulations will have in order to help organisations exhibit better behaviours
in unfamiliar problem domains.