May the 4th be with you! If you’re a fan, you know what that means. It’s time to celebrate the only trilogy (ahem, saga) that truly matters: STAR WARS! So put on your Wookiee mask or grab your lightsaber and enjoy this journey through the risk management failures of the Galactic Empire—and how you can learn from them to ensure comprehensive enterprise risk management at your financial institution.
Note: There will be spoilers, so if you need to watch the entire saga before reading, go ahead and do it right now. It’s OK, we’ll wait.
1. Design flaw in the Death Star
Anyone who deals with regulatory compliance knows that the smallest error can have big repercussions. It’s essential to ferret out these potential problems before they become big ones. That’s why the design flaw that caused the explosion of the Death Star is such an egregious error on the part of the Empire. And it happened twice! Where was their auditing?
Don’t let a seemingly small, hidden error take everything down. Avoid this mistake with a good compliance management system (CMS) and brush up your processes around auditing and findings management. And don’t forget a good BCP in case
2. Inadequate employee training and resources
It’s common knowledge among fans that stormtroopers cannot seem to shoot straight. Don’t they undergo years of marksmanship training? And their armor appears to be utterly useless. Who is ordering this junk? Is it a cost-cutting measure? These guys get picked off by every Rebel they meet.
Make sure your employees have the tools they need to succeed! A corporate intranet can support training and information sharing and streamline workflows around tasks such as procurement and expense reporting.
3. Poor communication and collaboration among the board of directors
Conversation via hologram is convenient (almost like a cross-galaxy Zoom meeting or Teams call). But clearly things were getting lost in translation with the Empire’s leadership. When one board member is getting his point across by Force choking another board member, that is a clear signal they are not aligned and communicating properly.
Don’t keep your board members in the dark (side). A board portal can promote collaboration and information exchange, so everyone has the knowledge and ability to work together.
4. Lack of cybersecurity and data loss prevention strategy
I’m sure that the Empire thought their data was safe. Yet they experience a cascade of data breaches with catastrophic effects (for them). Jyn Erso steals the plans and transmits them to Princess Leia’s ship. Leia gives them to R2D2, who ends up with Luke Skywalker (who escapes the Empire’s clutches when Obi-Wan Kenobi deactivates the tractor beam.) Mon Mothma shares them with Rebel Alliance in what looks to be an interstellar PowerPoint. The Rebel fleet (aided by Han Solo, who merits a mention because he’s Han Solo) destroys the Death Star.
You can almost hear the IT department saying, “I know the big switch in the middle of a giant chasm looks cool, guys, but it isn’t very secure.” Make sure your financial institution has the tools to analyze inherent risk and cybersecurity maturity levels. Continuous cyber monitoring technology is key!
5. Bad vendor management
Speaking of Han Solo, what kind of faulty decision tree led to outsourcing Han's imprisonment to Jabba the Hutt? After the vendor (Boba Fett) took the rebel frozen in carbonite, didn’t one of the Imperial compliance officers perform due diligence around his eventual custody transfer? This was a major third- and fourth-party risk! And let’s not forget that a disgruntled former vendor was the one who put the design flaw in the Death Star in the first place. Did they not forecast that potential problem when they…um…murdered his family?
Related: Due Diligence Documentation: 9 Common Mistakes
When vendors have problems, they can quickly become the bank or credit union’s problems. Don’t let this happen to you! Get the solutions your financial institution needs to effectively identify and manage third-party risk.
It’s worth noting that Star Wars fans are grateful for these failures because otherwise, our heroes and heroines never would have beaten the bad guys and restored peace to the universe. But there’s no reason you can’t learn from these mistakes. Help your financial institution maintain good compliance and risk management, and the force will be with you…always.
Subscribe to the Nsight Blog
Share this
Quiz: What Type of Compliance Officer Are You? (Stranger Things Edition)
Risk Management Has No Finish Line
