Do you ever wake up in the middle of the night and feel that you have to write something down?  I’m doing that now.  Maybe it’s because today is the first day of October.  Here in the Pacific Northwest it’s the start of a fast slide from Indian summer sunsets at 7:30PM to driving home after work in the dark.  It’s a scary month full of goblins and ghouls, my birthday, spider webs, and looming storms.  Get ready for the dark side of risk management – moral hazard!

Photo from Pedro J. Ferriera on Flickr.

Moral hazard is scary.  It’s not just me saying this.  Nobel Prize winning economist Paul Krugman, in his book “The Return of Depression Economics and the Crisis of 2008,” defines moral hazard as “any situation in which one person makes the decision about how much risk to take, while someone else bears the cost if things go badly.”  The first example I ever heard of this was many years ago from a distinguished author and speaker on systems planning who, over drinks after a presentation, confided to us that he would insure his rental cars and then crash them into things as therapy.

More recent examples, and if you’ve heard the term “moral hazard” before this is where you probably heard it, are tied to the financial crash of 2008.  Creative financial types figured that they could make risky mortgage loans if they could bundle lots of loans together and sell them as an apparently less risky portfolio.  Those buying the portfolios of loans figured if you could buy insurance on the default of the portfolio, then you could buy more portfolios.  And, insurers figured if they took on too much of this risk then they could buy insurance on this risk.  Why did otherwise good business people do this?  Because they made lots of money on each transaction and the risks were passed on.  A moral hazard ensued because there was a temptation for profit without apparent consequences.  Ethics took a back seat to a free lunch.  It ended badly.

Can moral hazard affect us as ethical project managers trying to deliver more noble results?   Maybe it can.  I’ve been interested in this for quite a while because I often manage large information technology procurements for government agencies.  It always concerned me that, as buyers, my government organizations would be inclined to withhold information thinking it gave them a better bargaining position.  “We can’t tell them everything.  They will bid too high.”  They saw it as their moral duty to do this as it guarded the taxpayers’ money.

I had the good fortune in college to be one of those unwitting student participants in a study experiment on the economics of information asymmetry – where one party in a transaction has more information than another.  In the experiment, two students were handed different pieces of paper that described our bargaining positions.  Then we bargained to see how much of the $5 at stake we could get (5 pitchers of beer in 1971).  It turned out that the less each party knew about the other, the more often the negotiation would fail or that one party would take advantage of the other.   The more complete the information, the more likely each party would walk away with $2.50.

So, later in life, when I was actually buying something important, or at least more expensive, I set out to learn more about information asymmetry.  It turned out that three economists had won a Nobel Prize for their study of this.   Maybe I was a small part of that.  Or not.  I learned that information asymmetries led to “adverse selection” and “moral hazard.”  Simply put, we might buy the wrong thing or behave badly if we had too little or too much information about the purchase compared to the other party in the transaction.  Better exchange of information resulted in fairer markets and more informed purchases for all parties.

Applying this insight to multi-million dollar systems procurements, it made sense to me that the more we could structure procurements and contracts to ensure complete sharing of information, the better off we would be.   So my approach was to ensure very complete exchange of information through vendor conferences, requests for proposals that required complete plans and explanations, formal questions and answers, due diligence, and a discovery period at the start of a contract where both parties could confirm their expectations of one another and choose whether to proceed without significant loss of time or money.  I’ve found over the years that this approach works very well.  It leads to clearer expectations on the part of buyers and sellers, better bids and contracts, and a stronger client/vendor partnership throughout the project.

But this approach sometimes encounters resistance from my employers and clients.  They might say “We want to transfer the risk to the vendor.  We give them some information; they give us a fixed price bid and a guarantee.  Then they bear the risk of getting it done.”  I tell them that they will get bids on a request for proposals like that, but not from the vendors with whom they want to work.  A good vendor will ask for as much information as they can get to give you a fair bid.  Not getting enough information, the good vendor won’t bid.  A vendor with fewer scruples, poorer judgment, or who is driven by desperation or greed to bid on anything.  That vendor will either set the price high enough to cover the risk or assume that it can force you to add money later on through change requests or fear of failure.  So it comes down to whether you lay off risk to the point of creating a moral hazard, or whether you look at the other side of risk.

The other side of risk is about seeking opportunities for growth and more perfect outcomes from our actions to mitigate risk.  When it’s applied to business risks like finding a competent vendor partner to implement a new system, it becomes about retaining responsibility and building capacity to ensure a successful outcome.  If a procurement is primarily about transferring risk to a vendor, it can create a moral hazard on both sides.  The buyer may avoid taking responsibility if the vendor has guaranteed an outcome.  The vendor, finding that their promise can’t be kept, is likely to take defensive actions that distract from rather than contribute to a successful outcome.  On both sides, actions undermine outcomes.   If a procurement intentionally leads to a partnership where both parties have mutual  responsibilities and opportunities, then their effort goes into delivering a solution that exceeds expectations.  This kind of partnership is built on productive relationships that help people grow, make both organizations stronger, and looks toward long term outcomes together.

Let me broaden this idea a bit before it comes to a conclusion.  Moral hazard can apply to risks of any kind on any project.  On many projects, I’ve often seen long lists of generalized risks with generalized mitigations. Risk = ‘The software may have an unacceptable number of defects.’  Mitigation = ‘Ensure sufficient software testing.’  These lists don’t make much difference in the outcome of the project.  The project does what it would have done anyway without a risk assessment.  It names the risks, accepts or ignores the risks, and moves ahead.  To the extent that risk management is superficial, and that a project sponsor sees a risk list and thinks that risks have been mitigated, a moral hazard may be in place.

Maybe looking at the other side of risk can reduce the potential for moral hazards.  Here are some thoughts:

• By looking for opportunities for growth and more perfect outcomes when we define actions to mitigate risks, we are more likely to share information with all partners and bring out ideas about how everyone can benefit.  This applies to external partners, internal partners, and team members.
• If we translate these opportunities to actions that become part of the scope and processes of the project, then we will make commitments and become responsible to act.  This builds trust and collaboration instead of defensive behavior.
• If we are successful in having the work of the project and its outcomes build capacity within our organization, then we are building capacity that helps mitigate current and future risks.

So, instead of crashing our rental cars to feel better, let’s talk to each other.  Let’s  uncover risks and opportunities and take responsibility for ensuring the best possible mitigations and outcomes.

There you go.  Now I’ve gotten this out of my head onto the screen; and I’m finally getting sleepy again.  No more nightmares about moral hazard or risk or goblins.  After all, it’s time to get up and go to work.

Thanks for reading.

Copyright Glenn Briskin and “The Other Side of Risk” 2012