We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Manage Tomorrow's Surprises Today

Steven Minsky

Increased Accountability for Risk Management results in 28-Year Prison Sentence

Vote 0 Votes

CNN's latest news headlines reads, "28 years for salmonella: Peanut exec gets groundbreaking sentence." This story relates to the Peanut Butter Corporation of America's (PBC's) bankruptcy, and the largest food recall in the United States due to salmonella. Known as one of the deadliest salmonella outbreaks, the PCA's case is linked to nine deaths on top of 714 affected and sickened. 

Stewart Parnell, PCA's owner, received a 28 year prison sentence, while his brother and food broker for PCA, Michael Parnell, is to face 20 years.  Mary Wilkerson, a former plant manager, was given five years in prison.

The Peanut Butter Corporation of America's failure to identify risk at the front line activity level is a case study in the importance of permeating effective risk management practices throughout an entire corporation. By providing incentives to the front line workers who exhibited less rework and lowered costs, PCA placed employees in a complicated situation. Employees were made to choose between their own livelihood and the safety of PCA customers. This system of incentives created a conflict of interest between employee compensation and product safety. Samuel Lightsey, a former plant manager, said under oath that "he did not quit after discovering the illegal practices because he needed a job."

Glasses Blog Photo.jpg

Parnell's record-breaking sentence was disclosed only weeks after the Justice Department issued new policies regarding risk management accountability. According to the New York Times, these policies "prioritize the prosecution of individual employees - not just their companies - and put pressure on corporations to turn over evidence against their executives." If the DOJ is serious about these new policies, individual accountability in cases like the PBC's will only become more common. What can individuals, and especially risk management professionals, do to protect themselves and their colleagues from this level of liability?

How Risk Management Solutions Provide Protection

Moni Basu, reporter for CNN writes, "Defense attorneys argued that Parnell did not know about mismanagement at the plant, that he was the fall guy for other employees' wrongdoing." Not knowing is no longer an excuse according to the Securities and Exchange Commission (SEC). If a risk is material enough to cause serious illness and loss of life, senior management needs to know about it. Immature risk management is now defined as negligence, and entails similar penalties to fraud, putting an end to an era of "not writing things down" to limit what might eventually become discoverable.

An Enterprise Risk Management solution offers the proverbial "Get out of Jail Free" card. By providing a standardized methodology to record risks, document controls, and set sign offs and approvals, a risk-based risk management program can demonstrate an institutional understanding and awareness of risk, ensuring that at the very least appropriate measures were taken to secure against loss events. The result is not only increased awareness of risks at the front lines, but also assurance for executives that their risk management program is reducing their liability for negligence and employee misconduct. Additionally, for the plant managers like Samuel Lightsey, proper risk management efforts and documentation via an ERM solution for risk management may be the difference between jail time and not. 

Parnell's story serves as a warning; if you do not identify, assess, and evaluate your risks and implement proper mitigation controls and testing around these activities, you will face the inevitable repercussions and backlash. Best practice frameworks, like the RIMS Risk Maturity Model for Enterprise Risk Management, require that a component of employee's performance evaluations be based on the effectiveness of their risk management practices.

Take your free assessment to assess the adequacy of your risk management program. Then, download our eBook, "5 Characteristics of the Best ERM Programs," to learn more about implementing a best practice risk management program.

Leave a comment

In this blog, risk expert Steven Minsky highlights the differences between traditional risk management and true enterprise risk management, which is about helping things happen rather than preventing them from happening. Manage Tomorrow's Surprises Today is designed to help you think about risk in new ways and learn how to benefit practically from this rapidly evolving field.

Steven Minsky

Steven is the CEO of LogicManager, Inc. the leading provider of ERM software solutions. Steven is the architect of the RIMS Risk Maturity Model for ERM, author of the RIMS State of ERM Report among many other papers, and a RIMS Fellow (RF) instructor on ERM. Steven has conducted ERM and RIMS Risk Maturity Model training for hundreds of organizations around the globe. Steven is a patent author of risk and process management technology and holds MBA and MA degrees from the University of Pennsylvania’s Wharton School of Business and The Joseph H. Lauder Institute of International Management. You can reach Steven at steven.minsky@logicmanager.com.

Recently Commented On

Monthly Archives