Domino’s Case Study
Food Protection and Defense Institute
How Costs Cascade: Why High-Consequence Tools are Essential in Financial Services
October 2, 2018
For most organizations in the financial sector, training and conferencing are considered “high consequence” activities: failures of security, regulatory compliance, and uptime could cause a lot of damage. While companies in most sectors would find security breaches and unreliability damaging to business, financial organizations operate in a unique business and regulatory environment that can compound damages into truly business-threatening situations.
The compounding effect of this constellation of damages is the reason financial organizations need a robust training and communication infrastructure. It’s not just about obeying regulatory requirements—it’s about insuring against a cascade of security breach, fines, bad PR, and lost business.
The Immediate Costs of Failure
Whether you’re organizing trainings that include sensitive financial information or business practices, or setting up internal meetings or meetings with clients, there are immediate costs to a failure of your communication infrastructure. For example, a client meeting fraught with technical problems or an overt lack of security could cost you business on the spot. While this is partly true for every business, customers expect a higher visible level of security and reliability from financial organizations than they do from other businesses. While these immediate costs are avoidable, a worse problem is that an inadequate infrastructure will allow the seeds to be sown of much greater costs down the road.
The Secondary Costs of Failure
While the appearance of a lack of security and reliability can cost customers on the spot, an actual lack of security and reliability can cause much greater real harms to business. Regulators including the SEC perform frequent audits to ensure regulatory requirements for record-keeping and security are being met, and hand out hefty fines to violators. These regulations can be complex, and complying with them comprehensively without purpose-built training and communication tools is a challenge and a risk.
The content and effectiveness of training itself can also be compromised when high-consequence tools are not in place. Without the high security standards that allow internal meetings and trainings to include sensitive material, the richness of those trainings and their ability to convey necessary information for business functions will suffer. A reliable and secure training platform is also one of the best insurance policies against individual employee non-compliance. With a reliable platform on which sensitive training materials can be presented, it’s much easier to ensure all employees are trained on current internal policies and procedures and are aware of the latest updates to the industry’s labyrinthine and ever-shifting regulations.
The Tertiary Costs of Failure
As with the jump from immediate costs to secondary costs, the third layer of costs in the cost cascade of inferior training tools carries with it potentially greater risks of damage to business. Fines can mount and individual customers may be lost, but media coverage of security breaches and noncompliance can be devastating and the effects long-lasting. Security breaches involving financial information are damaging enough in the news for businesses outside the financial sector—for financial services firms themselves it’s simply not an option.
Avoiding the Cost Cascade
The key to avoiding this mess of mounting costs is in a phrase used earlier: purpose-built. To ensure the levels of security and reliability to avoid customer loss, noncompliance, and bad press, financial services firms must use communication and training tools built for and certified for the financial industry. Look for tools used and trusted by industry leaders and carrying regularly certifications such as SOC II Type 2. By choosing the right provider, you can avoid leaving your business vulnerable to the cascading risks of using communication and training tools not geared for the complexities of financial industry regulation.
