Lyons, Sean (2016): Corporate Defense and the Value Preservation Imperative: Bulletproof Your Corporate Defense Program, Taylor & Francis Group, ISBN 978-1-4987-4228-3
Book review by Dr. Rainer Lenz, Frankfurt/Main, www.drrainerlenz.de
Offense wins games, defense wins championships
Sean Lyons published this new book in September 2016. I happily share my token of appreciation by providing a little book review. Sean introduces the terminology of “corporate defense”. His reference to the old sporting aphorism that “offense wins games, defense wins championships” is a helpful analogy. In order to win a football game the team has to score one more goal than the opponent. What seems to make good sense in sports, may work in business, too. Modern play seeks to incorporate offense (value creation) and defense (value protection) in all actors – with complementary roles. Sean is looking for the ideal mix between offense and defense, the “golden mean”, the healthy balance. Moreover, Sean diagnoses a defense deficit in many organizations. With that starting point, Sean views the Three-Lines-Of-Defense-Model (3LoD), the current paradigm, as part of the problem, not part of the solution. I fully concur with that. Viewing, for example, the genesis of major banks, the Deutsche Bank in Germany or Wells Fargo in the US may serve as prominent case studies, using that model, it seems that this model may have promoted a misleading sense of security. The model exclusively talks about defense. The model seems to ignore the human factor. The model seems to be an undue simplification. Consequently, the 3LoD-Model is not relevant in many organizations outside the banking sector. Time is ripe to overhaul the 3LoD-Model. I am fully on-board with that ambition. Having diagnosed the shortcomings of the 3LoD-Model, Sean suggests his five lines of corporate defense, (1) the operational line management, (2) tactical oversight functions, (3) independent internal assurance, (4) executive management, and (5) the board. Similarly, the draft King IV report on Corporate Governance for South Africa expands the 3LoD-Model to five lines of assurance. Sean offers a detailed roadmap to put such a system in place. That deserves much credit. The approach suggested may be perceived as theoretical in parts, it may be too complex for many, and it may only be relevant for very big organizations. I personally doubt that adding more lines of defense per se will be the best solution to address the fast evolving risk universe organizations are facing. Sean also acknowledges that consideration and advocates an integrated perspective, integrated thinking at the end of his book; rightfully so. I see the main value of Sean’s book in detailing the various elements of “corporate defense” (e.g. governance, risk, compliance, intelligence, security, resilience, controls, and assurance) and in demanding an integrated approach, also including the offense side of the corporate agenda in order to strengthen corporate governance. In doing so, Sean’s book may become a stepping stone for corporations introducing the role of a “Chief Governance Officer”. That role, however, may then compete in a way with the CEO, the Chief Executive Officer. Or, how do we have to think about that? I am curious to learn about companies that have put the “Corporate Defense Management and the Value Preservation Imperative” in place effectively. I am positive there is more interesting work forthcoming from Sean. And, I am keen on reading it.