James Bone’s career has spanned 29 years of management, financial services and regulatory compliance risk experience with Frito-Lay, Inc., Abbot Labs, Merrill Lynch, and Fidelity Investments. James founded Global Compliance Associates, LLC and TheGRCBlueBook in 2009 to consult with global professional services firms, private equity investors, and risk and compliance professionals seeking insights in governance, risk and compliance (“GRC”) leading practices and best in class vendors.
James is a frequent speaker at industry conferences and contributing writer for Compliance Week and Corporate Compliance Insights and serves as faculty presenter and independent consultant for several global consulting firms specializing in governance, risk and compliance, IT compliance and the GRC vendor market. James created TheGRCBlueBook.com to provide risk and compliance professionals with transparency into the GRC vendor marketplace by creating a forum for writing reviews on GRC products and sharing success stories on the risk practices that are most effective.
James is currently attending Harvard Extension School for a Master of Arts in Management with an emphasis in accounting and finance. James received an honorary PhD in Letters from Drury University in Springfield, Missouri and is a member of the Breech Business School Hall of Fame as well as the Missouri Sports Hall of Fame. Having graduated from the Boston University Graduate School of Education, James received his M.Ed. in Management and Organizational Design in 1997 and a Bachelor of Arts in Business Administration from Drury University in 1980.
Asymmetric risks – risks for which the potential gains are far greater than the potential losses (or vice versa) – can be difficult to plan for, and the events associated with asymmetric risk tend to sneak up on us, regardless of how predictable they may seem. So what impact do these risks have on ERM? Perhaps a mental shift is in order.Read more →
The violence perpetrated on innocent civilians in Paris last week stunned the world. Unfortunately, these acts of terrorism have become far more frequent in recent years. Consequently, the conversation around risk management is shifting. How do we -- as professionals charged with minimizing risk -- respond when the unthinkable happens?Read more →
The CRO of the Future is almost here. James Bone posits that before long, risk management professionals may be replaced by various “risk intelligent systems knowledgeware,” or RISK, able to process volumes of data in an instant, detect threats and respond to them just as quickly. Technology advances at breakneck speed, and so does our dependence on it to manage enterprise risk.Read more →
Ethics and success aren't mutually exclusive terms. We know this, and yet firms still cut corners. We've become so accustomed to the misbehavior of financial services firms we're no longer shocked by it; their misconduct has become routine. Expected even. James Bone discusses the dilemma of mitigating conduct risk when it feels good to be bad.Read more →
Volkswagen, a long-trusted and highly respected brand, will be dealing with the fallout of its emission scandal for quite some time. It's clear to everyone that their massive deception is inexcusable, but we'd do well to remember that the hugest transgressions happen one failure in decision making at a time. Volkswagen's was likely born out of panic.Read more →
Managing risk effectively requires first an understanding of the risk that needs managing. It sounds so elementary, but there's often a great deal of uncertainty about what an organization's risks actually look like. It's no wonder why risk management programs fail. Fortunately, there are a host of ERM tools that can help to bridge this gap.Read more →
COSO's Enterprise Risk Management Integrated Framework has become something it was never intended to be; as a risk management standard, it fails for at once being too broad (robust risk management programs would be far more effective) and too narrow (in its focus on internal controls as the primary risk management tool). It's time to adopt a multidisciplinary approach.Read more →
The tulip was the source of what's widely believed to have been the first speculative bubble, and like all bubbles, it eventually burst. That crisis was not unlike the collapse of the dot-com bubble -- rational behavior was replaced by "irrational exuberance." Effective risk management means being wary of an overvalued market and accounting for human emotion in the pursuit of financial gain.Read more →
Overly complicated systems aren't necessarily superior to more simplistic ones. Take FIFA's matrix for determining team ranking, for example. It takes either a lifelong, die hard fan to understand it or an advanced degree in math. It could be argued, in fact, that unnecessarily complex systems simply serve to distract attention from what's really going on.Read more →
Risk is in the eye of the beholder. At least that's how it seems, since one person's perception of risk can be vastly different from someone else's in a similar situation. The reality is, however, that risk has much more to do with probability than perception. And while probabilistic modeling isn't a science, it may help your organization improve its outcomes.Read more →