Tag: risk

Corporate leaders love to talk about innovation, transformation, and building the future. Yet most organizations still get stuck in the same place: standing at the edge of a decision, staring into the unknown, and doing nothing. At that moment, the hesitation between where we are and where we need to go is the space Jim Massey calls the gap. And in Risk in Action, Massey makes a compelling argument that how leaders approach this gap will define not only their relevance but also their ability to lead in today’s fast-moving environment.

For the corporate compliance professional, this book is more than leadership philosophy. It is a practical guide for making disciplined, values-driven choices under uncertainty. It is also a call to rethink how our organizations confront risk, how we enable decision-making, and how we build systems that do more than slow the business down.

Risk as the Distance Between Now and Next

Early in the book, Massey reframes a concept that compliance professionals often treat as static. Risk, he argues, is not a heat map, a mitigation plan, or a quarterly review. Risk is the distance between where you are and where you want to be. Trust is the bridge. Fear is the fog that makes the crossing difficult (see Chapter 2). That deceptively simple framing is powerful. It exposes why so many organizations fall into oscillation: they mistake movement for progress. More meetings. More decks. More analysis. And yet nothing moves.

We tell ourselves we are being prudent, disciplined, or thorough when in reality we are waiting for fear to subside. Massey does not dismiss the importance of analysis. Instead, he asks leaders to confront their own reflexive relationship with risk. Whether the risk is regulatory, strategic, environmental, or reputational, the greater danger is not action; it is inaction. The world moves quickly. Competitors accelerate. Expectations shift. Standing still is its own risk, and often the most significant one.

Face, Frame, Forward: The Anatomy of Real Decision-Making

The central model in the book—Face, Frame, Forward—offers a decision-making cadence that leaders can apply daily. As Massey describes, the greatest failures he has seen in organizations did not come from a bad decision but from delaying a necessary one. His model helps break that paralysis.

Face

Facing risk begins with naming the truth in front of you. Not the sanitized version. The real version. What is the risk that keeps you up at night? What is the organizational behavior you keep tolerating? What is the emerging external pressure that is already reshaping your strategic environment? (see Chapter 4).  Massey’s point is blunt: You cannot frame a risk you refuse to see, and you cannot move forward from a place of ambiguity.

Frame

Framing is about meaning-making. Two companies can experience the same regulatory change, market disruption, or technology shift and respond in completely different ways. Why? Because they frame its significance differently (see Chapter 5). Framing is where compliance officers have enormous influence. We help leaders see regulatory shifts as more than check-the-box obligations. We help boards see cultural issues as more than HR noise. We help executives understand that ESG risks are strategic risks and that reputational risks are governance risks. Impact matters, yes. But meaning drives action.

Forward

Forward is where clarity becomes motion. Not recklessness. Not speed for speed’s sake. But disciplined, intentional, values-aligned action. Massey writes that the fog does not lift before we move. It lifts because we move (Chapter 6). That insight is especially relevant for compliance professionals. We often wait for the perfect policy, perfect data, or perfect operating plan. Yet most risks today evolve faster than our systems can process. The future belongs to organizations that move forward with clarity, not certainty.

Risk, Trust, and Fear: The Three-Dimensional Model of Leadership

What makes Risk in Action uniquely valuable for compliance professionals is Massey’s integration of risk, trust, and fear. These forces, he argues, are always active, competing, overlapping, and shaping our choices (see Chapter 7). Compliance professionals know this intuitively. A team hesitates to escalate a concern—not because they lack information, but because fear is louder than trust. A business unit drags its feet on a remediation plan—not because the fix is complicated, but because the risk feels abstract. A board over-rotates to control, not because of a regulatory requirement, but because fear has dominated the discussion.

Massey identifies three essential questions every leader must answer:

1. Can we? (capability)
2. Do we care? (intent and connection)
3. Will we do it? (commitment)

These three elements—Can, Care, Do—form the building blocks of trust (see Chapter 8). And trust, in turn, is what enables movement across the risk gap.

FearFULL Leadership: Why Pretending to Be Fearless Does Not Work

One of the book’s most compelling contributions is Massey’s challenge to the myth of fearlessness. Leaders spend too much time trying to appear unshakable. In reality, fear shows up silently, through overcontrol, indecision, or relentless perfectionism. Massey argues for something more honest: becoming fearFULL, not devoid of fear, but full of awareness, reflection, and intention (see Chapter 9). FearFULL leaders admit the truth early. They ask the hard questions. They name the tension. And by doing so, they create a sense of psychological safety for others.

For compliance professionals, this matters enormously. Transparency, escalation, and ethical decision-making cannot coexist with unacknowledged fear. Leaders who cannot name their own fear cannot build environments where employees feel safe speaking up.

The Compliance Connection: Why This Book Matters for Our Profession

At its core, Risk in Action is about building systems and cultures where leaders face reality with honesty, interpret risks with clarity, and move with purpose. That is the very heart of compliance work. Massey critiques the old model of compliance as the organizational brake pedal. The modern compliance function must instead help the business navigate uncertainty, not out of fear, but with disciplined confidence (see Chapter 1).

Compliance does not eliminate risk. Compliance enables the organization to move forward intelligently. Risk in Action reinforces several truths compliance professionals have long understood:

• Controls without comprehension fail.
• Strategy without alignment stalls.
• Culture without clarity decays.
• And risk without action accumulates.

What Massey offers is a leadership model that makes movement possible again.

Five Key Takeaways for the Compliance Professional

1. Risk is not a barrier. Risk is the path forward.
2. Treating risk purely as something to avoid limits innovation and weakens relevance. Compliance must help leaders see risk as the space where opportunity lives.
3. Face, Frame, Forward is a practical tool for enabling action.
4. Name the risk clearly, interpret it through values and strategy, and move forward with intention. Avoid the organizational trap of oscillation.
5. Trust is operational. Fear is real. And both shape risk decisions.
6. Compliance programs must build systems that reinforce capability, connection, and commitment—because without trust, no risk model works.
7. FearFULL leadership produces better compliance outcomes.
8. Pretending to be fearless creates silence. Acknowledging fear creates honesty. Leaders who name fear make it safer for others to speak up early.
9. Compliance must evolve from protectors to navigators.
10. The speed of today’s risks demands a forward-looking, strategy-aligned compliance function. Your role is not to slow the business down; your role is to move it wisely.

Perhaps the most interesting overall concept posited by Massey is one I learned from John Lee Dumas from his interview in the award-winning podcast series, Looking Back on 9/11. On 9/11, Dumas was a college senior in ROTC, and that night, he knew he was going to war. As a 21-year-old Lieutenant, he led a 40-man tank crew in the invasion of Iraq. I asked him what he learned from his Army experience. He instantly responded, “Make a Decision.” He added that you never have perfect information, so you have to take what you have, synthesize it, and act on it. Massey makes clear that compliance leadership requires action.